Posts Tagged ‘ACS-SaM’

Snow 303 Notebook

Thursday, August 19th, 2010

My personal notebook made in preparation for the Snow 303 exam for the Apple Certified Specialist – Security and Mobility 10.6 certification on Mac OS X Server 10.6 Snow Leoaprd.

Mac OS X Mobility and Security v10.6

This notebook can be used complementary to the book Mac OS X Security and Mobility v10.6 by Robert Kite, Ph.D., Michele Hjörleifsson, and Patrick Gallagher published by Peachpit Press.

How-To backup and restore cydia packages

Wednesday, June 2nd, 2010

When upgrading the iPhone or iPad firmware, if you own a jailbroken iDevice, you may want to make a backup of the list of installed Cydia (deb) packages to be able to perform a bulk installation of them after the firmware upgrade and jailbreak.

This procedure come from, and is suitable for, any deb (apt) unix system that need a bulk installation of packages, usually for deployment purposes, i.e. Mac OS X configured with Fink, GNU/Debian based Linux distributions like Ubuntu probably the ANDROID mobile phones too.

The following procedure will show you the necessary command-line instruction necessary to backup and restore the list of current installed packages on Cydia, please mind that the configuration of the installed packages will not be preserved, you need to follow other instruction to backup and restore your personalised configurations:

  1. Before upgrading or restoring the device firmware login to the console of you iPhone or iPad via a terminal application, possibly from an external computer and issue the following command:
    dpkg –get-selections > packages_list.txt
  2. Save the packages_list.txt file (and your packages personalised configurations) in an external location like your computer or a web site and then you can perform the upgrade or restore of the device firmware.
  3. After the iPhone has been reinstalled and jailbroken update the Cydia sources and then install OpenSSH to be able to remotely connect the the device in command-line.
  4. Copy the file packages_list.txt to the iPhone or iPad and from the console issue the following commands (you can copy and paste):

    apt-get update;
    dpkg –set-selections < packages_list.txt;
    apt-get -u dselect-upgrade;
    rm /private/var/mobile/Library/Caches/com.apple.mobile.Installation.plist;
    killall SpringBoard
  5. Restore your package personalised settings according to the backup method you used to save them.

Resetting the Firewall to the Default Setting in Mac OS X Server 10.6

Sunday, May 23rd, 2010

A server can become unreachable for remote administration due to an error with the firewall configuration. In such a case, you must reset the firewall to its default state so Server Admin can access the server.

This recovery procedure requires you to use the command-line interface and must be done by an administrator who has physical access to the server.

To reset the firewall to its default setting:

  1. Disconnect the server from the Internet.
  2. Restart the server in single-user mode by holding down the Command–s keys during startup.
  3. Remove or rename the address groups file found at /etc/ipfilter/ip_address_groups.plist.
  4. Remove or rename the ipfw configuration file found at /etc/ipfilter/ipfw.conf.
  5. Force-flush the firewall rules by entering the following in Terminal:
  6. $ ipfw -f flush
  7. Edit the /etc/hostconfig file and set IPFILTER=-YES-.
  8. Complete the startup sequence in the login window by entering exit:
    the computer starts up with the default firewall rules and firewall enabled. Use Server Admin to refine the firewall configuration.
  9. Log in to your server’s local administrator account to confirm that the firewall is restored to its default configuration.
  10. Reconnect your host to the Internet.

Dead Men’s Switch with OS X Server

Sunday, May 23rd, 2010

Dead men’s switch (name taken from the railroad industry) is a technique you can use to protect yourself against accidental lockout while configure firewalls.

A dead men’s switch enables a service but allows the administrator a temporary backdoor to remediate a temporary lockout.

i.e. on Mac OS X Server 10.6 Snow Leopard with bash in command line:

# sudo ls; sleep 90; sudo serveradmin start ipfilter; sudo server admin stop ipfilter

this process will enable the firewall and automatically disable the firewall in 90 seconds.