The SBAMUG website at one time had a Wiki that is no longer maintained. This page contains some of the most useful information from that Wiki. Major topics are How To, Tips, Mac Maintenance, Security, Favorite Websites, PD Page, Special Interests, and WordPress
HowTo
Goto-> | Tips | HowTo | Maintenance Issues | What is the meaning of … | Security Issues | Help:Wiki |
---|
Contents
 [hide]Â
- 1 Applescript: Access iPhoto Pictures
- 2 Change Home Folder/Account Name-Leopard
- 3 Clear DNS Cache
- 4 Create AOL Address in Apple Mail
- 5 Create e-mail address in Apple Mail
- 6 Backup
- 7 Backup Flow Chart
- 8 Convert Microsoft Publisher Files
- 9 Create PDF’s in OSX
- 10 crontab
- 11 IMovie HD
- 12 Network: Mac and PC(Windows)
- 13 Print Test Page
- 14 Remove Mac Classic
- 15 Repair Disk Permissions
- 16 Reset User Password without Install Disk
- 17 Review plist Files
- 18 SBAMUG eMail
- 19 Screen Sharing
- 20 Wireless Printing
- 21 Your presentation
Applescript: Access iPhoto Pictures
Change Home Folder/Account Name-Leopard
Clear DNS Cache
Create AOL Address in Apple Mail
AOL Service Assistant
Utility to Move AOL stuff to your various Apple Applications.
Create e-mail address in Apple Mail
Backup
Backup Flow Chart
Convert Microsoft Publisher Files
This Web site will convert Microsoft Publisher documents into PDF format for free. (Handles the *.pub files that Mac’s can’t handle directly).
Create PDF’s in OSX
crontab
IMovie HD
Network: Mac and PC(Windows)
First step is to install Bonjour for Windows on the Windows PC. That will allow them to see/share printers and other things. Also make sure that File sharing and Printer sharing is turned on in all machines.
Print Test Page
Using CUPS. A great way to determine if your printer is working and all ink is available for use.
Remove Mac Classic
The easy way is a clean install of Tiger, Mac OSX.4, or upgrading to Leopard (My personal Favorite..lj). However here is a slightly geek-y way.
Repair Disk Permissions
Reset User Password without Install Disk
Review plist Files
How To provides a script that will verify that your preference files, *.plist, are properly formed. Improperly formed files may indicate corrupted or damaged file that maybe causing you problems.
SBAMUG eMail
Web Mail Access
Configuration
Request SBAMUG Address
Screen Sharing
Wireless Printing
Your presentation
Tips
Goto-> | Tips | HowTo | Maintenance Issues | What is the meaning of … | Security Issues | Help:Wiki |
---|
Contents
 [hide]Â
- 1 Discover which programs prevent disk image ejection
- 2 Dock Tips
- 3 Finder Tips
- 4 Front Row
- 5 Google Calculator
- 6 iRC Chats
- 7 iTunes
- 8 iWork Tips
- 9 Keyboard Shortcuts
- 10 Photo Booth Tips
- 11 Safari Tips
- 12 Startup Mode Selector (32/64) in Snow Leopard
- 13 Time Machine Tips
- 14 Turn on AppleScript Menu
- 15 DreamHost Tips
- 16 OS X 10.5 and 10.6 Preview pdf combining tips
- 17 Word Formatting Palette Off Screen fix
- 18 Los Angeles DTV Assignments
Discover which programs prevent disk image ejection
Dock Tips
Finder Tips
Front Row
Google Calculator
iRC Chats
iTunes
Enable half-star rating in iTunes
Remove Ping Dropdown Menu
iWork Tips
Keyboard Shortcuts
Photo Booth Tips
Safari Tips
Startup Mode Selector (32/64) in Snow Leopard
Snow Leopard is 64bit compatible on 64-bit machines. However, Apple has set the default to 32 bitmode on everything but Xserve. If you would like to transition to 64 bit mode the check out this site.
Time Machine Tips
Turn on AppleScript Menu
DreamHost Tips
Page Counters
OS X 10.5 and 10.6 Preview pdf combining tips
Word Formatting Palette Off Screen fix
Los Angeles DTV Assignments
Mac Maintenance
Goto-> | Tips | HowTo | Maintenance Issues | What is the meaning of … | Security Issues | Help:Wiki |
---|
Repair Disk Permissions
This should be done:
- Before and after a major software upgrade. Like adding MS Office or upgrading Mac OS X to the next version.
- Before cloning or a major Backup
- List from Apple of permissions you can ignore: [1]
Clean-up Previous Recipients List
This is one of those things you should do if you don’t remember when you did it last time. It should also be looked at anytime you change a eMail address in your Address book or you fill-in addresses show issues.
Security Issues
Goto-> | Tips | HowTo | Maintenance Issues | What is the meaning of … | Security Issues | Help:Wiki |
---|
The Primary Security rule for a Mac is to NEVER download or install a program from Someone or Someplace you Don’t know.
If your going to download a Utility or Application, it is usually better to goto Macupdate.com, Versiontracker.com, or some other trusted site to get the file.
Contents
 [hide]Â
DNS Poison Cache Problem
Security update released by Apple.Description Security Update 2008-005. For Tiger and Leopard. Apple’s release appears to be incomplete. They have fixed the BIND code that is used by very few people not running servers, but have not fixed the DNS resolver code used by everyone. Admittedly, the part they fixed 3 weeks late is the part that has attacks already in the wild. Initially the bad guys are after the ISP’s and big DNS providers. (Note: The attack on individual machines have not been found in the wild. Probably because the bad guys get better results, more computers, attacking ISP’s. Furthermore, Good News: The NAT built in to a router will protect your machine from attack. Bad news: Routers themselves are probably open to attack until their firmware is upgraded.)
10.5.5 update fixes DNS vulnerability (and Security Update 2008-006) fixes a critical DNS vulnerability that could allow attackers to trick victims into visiting malicious Web sites using what’s known as a “cache poisoning attack.” Although Apple’s release notes say BIND was updated “to address performance issues,” the update also delivers the promised address port randomization that protects users from such cache poisoning attacks. The original patch offered protection for Apple’s servers but did not completely protect client systems. Apple’s updates fixed flaws in several applications and system components, including some that attackers could use to run unauthorized software on a user’s computer.
The only attack in the wild is the one against ISP’s and DNS providers. This is the one you should be concerned about right now. If your ISP has not fixed the problem I would consider using OpenDNS or so other DNS provider which has already fixed the problem. This is the most serious Security issue in recent memory. It has not all been fixed or solved. I would only worry about the part you can do something about (See below. The next step will be to keep an eye for firmware updates for your router.
Recently, a significant threat to DNS, the system that translates names you can remember (such as www.sbamug.com) to numbers the Internet can route (66.240.226.139) was discovered, that would allow malicious people to impersonate almost any website on the Internet. Software companies across the industry have quietly collaborated to simultaneously release fixes for all affected name servers. Many ISP’s have not as yet fixed this hole. The primary way most people will see this problem is because their ISP/DNS Server provider has the problem.
Although it can affect your computer if is it is not behind a firewall or a NAT. A patch has been released for windows but no word on whether the Mac has the problem or Not. — It probably does do the fact the flaw seems to be in all OS’s except OpenBSD.
Recommended Fix
Proceed to http://OpenDNS.com and install/use their Free DNS server. Instructions are available at the site. You do not have to use your ISP’s DNS. Furthermore, this free service has a number of great services that you might like.
Test For Problem
Method 1
Goto this link: DNS Test. It will automatically test your system.
Method 2
Enter the following into a Terminal window.
dig +short porttest.dns-oarc.net TXT
To test a specific DNS server, you can add @-ip as follows You should get back an answer that looks like this:
z.y.x.w.v.u.t.s.r.q.p.o.n.m.l.k.j.i.h.g.f.e.d.c.b.a.pt.dns-oarc.net. "208.67.219.11 is GOOD: 26 queries in 0.1 seconds from 26 ports with std dev 14296.56"
The above Good score came from a OpenDNS Server.
The following will test a Verizon DNS Server.
dig @4.2.2.2 +short porttest.dns-oarc.net TXT
z.y.x.w.v.u.t.s.r.q.p.o.n.m.l.k.j.i.h.g.f.e.d.c.b.a.pt.dns-oarc.net. "209.244.7.54 is FAIR: 26 queries in 0.4 seconds from 26 ports with std dev 3692.09"
Your resolver’s randomness will be rated either GOOD, FAIR, or POOR, based on the standard deviation of observed source ports. In order to receive a GOOD rating, the standard deviation must be at least 10,000. For FAIR it must be at least 3,000. Anything less is POOR. The best standard deviation you can expect to see from 26 queries is in the 18,000-20,000 range.
DNS records used in this test are given 60 second TTLs. To repeat the test you should wait at least 60 seconds.
Method 3
To find out if the DNS server you use is vulnerable. Proceed to the following website, http://doxpara.com/, and press Check DNS.
ARD Agent Security Hole
This new security hole can only hurt you with your help. You must execute the file.
Workaround available
Problem with 10.5 Leopard and 10.4 Tiger operating system. Security update released by Apple.Description Security Update 2008-005.
From MacWorld.com
Navigate to /System -> Library -> CoreServices -> RemoteManagement, and Control-click on ARDAgent. In the contextual menu that appears, select Compress ARDAgent (in 10.5; in 10.4, I believe it will say Create Archive of ARDAgent). This will create a zip file of ARDAgent on your Desktop (as you don’t have rights to modify the original folder).
Next, drag ARDAgent to the trash can, provide your admin password when asked, then empty the trash. Finally, drag the zipped version of ARDAgent into the RemoteManagement folder, again providing your password when asked. (This last bit is optional; you can keep the file wherever you like, but I find it easier to store it where I know it belongs.)
When Apple releases a security update to patch this hole, expand the zip archive before running Software Update—so that Software Update will find the full application to patch. Note that this solution will prevent anyone from using Apple Remote Desktop to control your Mac. If you’re in such an environment where someone needs access to Apple Remote Desktop—say, in a business or in a school—you’ll need to speak to your administrators about their preferred solution to this problem.
From: MacFixIt.com
Leopard comes with Apple’s Remote Desktop Agent installed, so users can run screen sharing on their computers. This is exceptionally convenient for users, but there is a major flaw in the Apple Remote Desktop Agent (ARDAgent) which allows shell scripts to be run as root. This is caused by the Agent’s “set-user ID on execution” bit, for which it resolves to root. As such, code can be run as root, which can severely compromise the system.
This problem affects all users, and not just screen sharing or remote desktop users. Luckily there are limits to its execution, and it requires explicit
Workaround Apple is aware of this problem, but until they issue a patch for ARDAgent, running the following command to remove the setting of user/group ID upon execution will prevent the execution of commands as root:
sudo chmod -s /System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/MacOS/ARDAgent
If this leads to any faulty screen sharing behavior, then users can switch it back to normal by entering the same code with the “+s” option instead of “-s“, as follows:
sudo chmod +s /System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/MacOS/ARDAgent
- Note: This fix can be removed my Repairing Disk Permissions. It resets the permissions changed to protect you in this case.
ARDAgent Test
Enter the following line into terminal. If it responds with root then the problem exists. If it responds with your short name, then things are probably OK.
osascript -e 'tell app "ARDAgent" to do shell script "whoami"'