HOW-TO: Protect Yourself Against Malicious Autorun.INF Code

Laziness has its price.. One brain-child of what I consider laziness is autorun.inf. I call it a vulnerability rather than a feature. This is just my two-cents. The rationale behind this line of reasoning is that, viruses and malicious software take advantage of this so-called feature to install and infect your machine before you are aware it hit you. The actual payload installed varies from viruses to trojans, and likewise the damage it could inflict varies.

The most common mode by which malicious code propagates is by USB flash drives (others call them thumb drives or external storage device). They all mean the same thing. Before viruses, trojans and other malicious software lurking in these devices hit you, do something about it. Protect yourself! Autorun.INF is an inherent security hole that needs to be plugged. And the way circumvent this vulnerability is a simple task to do.

Just so you get an idea what AUTORUN.INF functionality is, whenever you plug an external storage and an application Window automatically opens that is AUTORUN.INF at work. Below is an example of what it looks like. Only that in cases of malicious code, this application Window will not be visible.


The solution to this problem is a registry hack. So before you proceed, ensure you have a backup of your machine. This hack works for me and am confident it works but I will not be held liable for consequences that may arise when you execute this procedure on your machine.

As "Administrator", open the registry editor and go to this key: HKLM > SOFTWARE > Microsoft > Windows NT > CurrentVersion > IniFileMapping > Autorun.INF. The "Autorun.INF" key does not exist by default, so you have to create it. Change the "(Default)" value to @SYS:XXXXXXX.


This simply means instead of looking for Autorun.INF (case-insensitive) on plugged external storage devices, it will look for the string you substituted on after the colon. Now, that is quite difficult to guess than "Autorun.INF".

RELATED: Automatically Disable WIFI on LAN Connectivity

Making your computer a less vulnerable to malicious code will give you confidence in plugging an external storage device from a colleague for whatever purposes you deem necessary.

ERROR: A Required Device Driver is Missing on Windows 7 Install

I could say I'm too familiar with computers to confidently install just about any modern Windows or Linux operating system from USB or boot from USB for that matter.. However, a recent experience with a Windows 7 install, made me hit a brick wall and the experience was one that made it a little more memorable.

I do installs from USB this since not all modern servers and notebooks have internal optical drives. And bringing an optical drive as standard toolkit is too much hassle. Creating your very own USB Windows 7 installer has been posted in this blog before. And in this case, I have used the same installer in the past few years without hitch. It is only now that I have encountered an error trying to install on a friend's notebook.

To give you a better idea of what the error screen looks like, I took a snapshot of the screen with my phone. It is shown below:

A Required Device Driver is Missing

A required CD/DVD device driver is missing. If you have a driver floppy disk, CD, DVD, or USB flash drive, please insert it now.

The weird thing is that no matter what I do after this error, it will not allow me to proceed with the install (the "Next" button is greyed out). So I did the best solution for Windows -- REBOOT! Nada, same result. Out of sheer curiosity, I moved the installer to another USB port. This time the installation proceeded without the same error. And this really puzzled me. So post-installation, I did my research.

The error message is misleading and it will throw you off in the wrong direction. As it turns out, on the initial installation attempts wherein I failed, the installer was plugged to a USB 3.0 port.. to which the Windows 7 installer had no native drivers. This is the reason for the installation module asking for a driver that it did not have.

To successfully proceed with the install, the USB flash drive containing the installer needs to be plugged into a "legacy" USB 2.0 port that Windows 7 has native drivers for. If ever you encounter a similar problem, simply seek information from the hardware manual and locate the legacy USB ports and install from there.

RELATED: Build an Ultimate Boot USB

The solution was as simple as that.. But it is just as easy to miss it. Too much familiarity with the task often has its price.

HOW-TO: Locate VMware ESXi Hosts in Your Infrastucture

There are times when you have to operate within the constraints of the environment in which you operate in -- like when you have a workstation that requires multiple operating systems (as well as multiple applications) and all that's available to you for network configuration is dynamic host configuration protocol (or DHCP).

This becomes even more complicated if the operating system installed on your workstation is a hypervisor, like VMware ESXi. Locating your host in the network segment can become a challenge. Especially when there are scheduled maintenance work that requires your workstation to be shutdown or when you leave the office on a weekend only to return the following week facing a host that is assigned a different IP. In case you are wondering, I don't have control over the DHCP server to reserve an IP address.

Given that constraint, I have to adapt and discover some things to make my life easier, accept the challenge and work around it. Fortunately, I'm not alone in this boat. Others have faced similar issues and have developed tools to specifically address this.

For this particular issue, the appropriate software is called "VMware Scanner". And it functions just like typical IP Scanners.

VMware Scanner Initial Screen

Simply input the range of IP Addresses to scan and let the application work for you. The application is very quick in locating ESXi hosts.

VMware Scanner Result

RELATED: Create a USB VMware ESXi 5.X Installer

Working within your constraints is necessary sometimes. This is where adaptability and resourcefulness come into play.

Hope this tip helps you face the same dilemma I was in.

ERROR: Could not setup macAddress for ethernet0

I encountered the above error after performing a V2V procedure on Teradata Aster Queen.. I was also going to do the same for the Teradata Aster Worker, next. But I got stuck on this error and could not power on the Queen virtual machine. If you're wondering if I had tested them on the VMware Player first, yes I did.

Further reading on VMware documentation revealed that they introduced new policies for static MAC addresses to start only with the prefix 00:50:56:xx:xx:xx. Not so convinient. I have previously tried using automatically generated MAC addresses but the Aster Express cluster would not activate. So this time, I have tried using static ones. Not really sure if this was the cause, but I'm pretty sure it is one of the differences between the original virtual machines and the converted ones.

To get a better sense of what the error looks like, I preserved a screenshot for you.

Power On Error

If you can't see the image, the verbatim "Error Stack" is:

Failed to start the virtual machine.
Module DevicePowerOn power on failed.
Could not setup "macAddress" for ethernet0.
Invalid MAC Address specified.
00:0c:29:9d:7f:5d is not an allowed static Ethernet address. It conflicts with VMware reserved MACs.

The limitation (or change in policy) introduced in ESXi V5.5 has its advantages but if you are stuck with the above error, it ain't pretty. However, there is a workaround should you require the old behavior back.

First, turn on the SSH service on the ESXi host.. Then connect to it. Next, locate the data store where the virtual machine is stored and look for the .vmx file.

Edit this file and add the line:

ethernet0.checkMACAddress = "false"

It would be prudent to make a copy of the file for backup purposes prior to making any change, just in case. This is applying best practice and instilling the discipline.

After making the necessary change to the .vmx file, power on the virtual machine. It should proceed to boot without hitch. Do the same for the Aster worker machine.

Activate Success

RELATED: P2V (Physical to Virtual) Prep Work for Ubuntu

I was able to activate the Aster Express cluster after performing these steps. Not really sure if the preserved MAC addresses resolved my activation issues, but I'm pretty happy to be able to perform analytics on the cluster. I hope it helps you as well.

HOW-TO: Install Adblock on Raspberry Pi via Pi-Hole

Bandwidth is a precious resource in this digital age.. This might not be the case for everyone but in the Philippines where the cost of being connected is still through the roof, this statement is still true. Couple this with the fact that people want to be connected and online, and the mix gets a bit complicated.

Studies have shown that bandwidth (or network traffic) can be minimized by using adblock technology. Thus this resource could be better utilized by more important or more significant information to be consumed by the end user, not ads. A research has shown this to be by a factor of 25% to 40% (click here for reference). That is HUGE!

With that study and its statistics, it figures that one should be minimizing network traffic or find means and ways to reduce the non-significant content -- in the form of ads. One way to do this is with the use of Raspberry Pi (R-Pi). This is in fact a very cheap way to implement adblock, and you will see it is very simple to do.

This article aims to outline installation instructions over a popular R-Pi operating system OSMC. The installation procedure for OSMC has been discussed in the previous post. There has been a series of posts involving the use of Raspberry Pi in this site.

Prior to installing Pi-Hole, it would be good to browse its documentation and have a better understanding of how it does the adblock. Click here to go there.

The installation procedure itself is pretty simple and as automated as you want it to be. Just launch a PuTTY session to the R-Pi and run the command on the banner of the Pi-Hole website -- curl -L | bash (or copy-n-paste this command).

Pi-Hole Install

It is as simple as it could get. Now the only thing that needs to be done is to configure the router to assign the R-Pi as the primary DNS server when it hands out DHCP IP addresses.

Related: Setup Caching DNS Server using TreeWalk

Once in a while, you may want to tickle your curiosity and find out how much traffic is blocked by Pi-Hole and you just open a browser and browse the admin console of Pi-Hole. It should be something like "http://RASPBERRY_PI_IP_ADDRESS/admin/".

Pi-Hole Statistics

On mine, it looks like this.. This statistic is after about less than an hour of having it installed. Do you have Pi-Hole installed? Share your story in the comments.