Autorun, a bungee jumping for viruses

Today many types of malwares use autorun function in windows to execute their codes. They usually put an "autorun.inf" file in the root of the discoverable drives.

If you wanna prevent it to create the file, it's an idea to create a folder named "autorun.inf". this way the software can't create the autorun.inf file because already there is a file with the same name in there (yes, folder is a kind of file). This way you may prevent your own drives and flash drives to infect, but what about the other's flash drives? Or what if the software replaces your file with its own huh?!

So look at the more effective methods here.

Method 1: If you wanna disable the autorun function effectively, you can use Nick Brown's idea. Follow the instructions below:

1- first if you set any value for NoDriveTypeAutoRun (probably you changed the "95 0 0 0" to "91 0 0 0" to disable the autorun function), delete the value. because that's not gonna help you really!
2- you can disable the autorun function by downloading and running this file:

http://www.4shared.com/file/qaA2sIZE/disAutorun.html

The above file is just a .reg file (inside the rar archive) to add a key with a value to the windows registry. Instead of using the file you may modify registry manually. To do this follow this simple steps:

1. run the regedit.exe form start->run or from the start search box in Windows Vista/7.
2. go to "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\" and then add a key and name it "autorun.inf".
3. there is a string value named "(Default)". Double click on it or right click on it and then choose modify and change the value Data to the "@SYS:DoesNotExist".

"autorun.inf" file is a standard Windows INI file, so the appropriate API calls are used by Windows, when fetching its settings. These API calls can be redirected using the INI file mapping method. In this case, it says “whenever you have to handle a file called AUTORUN.INF, don’t use the values from the file. You’ll find alternative values at HKEY_LOCAL_MACHINE\SOFTWARE\DoesNotExist.”

This method is the best for XP and it works in windows Vista or 7 too.

Method 2: Eigher in Windows vista/7 you can use the group policy to disable the autorun function. To do this you can follow the bellow instructions:

1. Click Start, type Gpedit.msc in the Start Search box, and then press ENTER.  If you are prompted for an administrator password or for confirmation, type the password, or click Allow.
2. Under Computer Configuration, expand Administrative Templates, expand Windows Components, and then click Autoplay Policies. 
3. In the Details pane, double-click Turn off Autoplay. Click Enabled, and then select All drives in the Turn off Autoplay box to disable Autorun on all drives. 
4. Restart the computer.

Of course, there are other ways to disable autorun function or prevent unwanted autoplay. For example you can use anti-viruses or what so ever, but I think thess methods are more secure and effective.

more info on:
http://antivirus.about.com/od/securitytips/ht/vista_autorun.htm
http://support.microsoft.com/kb/967715
http://cleanbytes.net/disable-autorun-to-prevent-computer-virus-infections-usb-flash-drives-threats
http://techblissonline.com/disable-autorun/

Another Season for HIMYM

How clever is that!?

In the bar, Barney, Marshall, and Lily, all convinced Ted  to take five shots of  "Red Dragon" (a special drink) to turn off his brain. So the day after  he wakes up with a girl in his bed! Oops!!!
huh so you wanna know what's the story, but you can't, cause Ted does not remember anything at all. So he asks his friends to fill him in. But every part of the puzzle is in different heads.
so story will complete slowly in a step by step way.

Believe me, it's really wonderful ;))) Yup! It was the 10th episode of the first season of my favorite tvshow "How I Met Your Mother". This episode rocks! It called "The Pineapple Incident". It’s one of the bests.

The show started at 2005 and now  Season 5 ends.  I can’t wait for season 6. The good point is that CBS confirmed that there is a season 6. But I hope for more seasons! Keep it up Carter Bays and Craig Thomas. You did an awesome job!

See How I Met Your Mother on imdb.

Roaming Profiles Vs. Local Profiles

Do you know anything about Roaming Profiles? When you  are in a windows domain network, you can use roaming profiles so every user in the network can have its own desktop experience no matter witch workstation he or she is logging on to.

Local Profile's data are stored in the local system hard drive. And typically, it's in the windows drive. In the opposite side, in roaming profile user's data is stored in a centralized place, typically a domain server.

Roaming profile has its own pros and cons of course.

Let's see some pros first.

- Allows users to log into multiple computers with their own personal data. This works great in an environment where people don’t have designated desks, such as an open lab.

- You as an administrator can easily backup user's data, because all the user's data are in a central place. Or you can setup an automatic periodically backup. It will reduce the data loss.

- If a system suddenly crashed, until the system is being fixed, user can temporally use another workstation yet having his/her own user data. 

 - If a user gets a new pc, usually you have to move his/her data to the new pc. but with using roaming profiles obviously there's no need to do that.

Ok, let's see some cons either.

- user logon time will be increased due to user data size and network traffic.

- loading and synchronizing user data consumes the network bandwidth and reduces network performance.
- Users does not have understanding of how it works may make trouble! for example, there are times that workstation is getting the user data from server or times that workstation is synchronizing the user data with the server, that it means it's sending user data back to the server. If users put unusual data (for example video files with large size) on personal directories like "my documents", it will reduce the network performance dramatically. and even it can lead to user data corruption too! In this case, we need a huge bandwidth due to the number of users. duhhhh!!
- Using roaming profiles force you to share directories on the server, so it increases the risk of malware infection for server. As you know, when a domain server is infected by a virus, things are different rather than just a regular workstation.

There are much more pros and cons, but if you wanna know more , use the links bellow.

So you as a network administrator should know everything about roaming profiles and decide to use or not to use it in your network, or maybe you choose just a group of users to have roaming profiles. I don’t know .it depends. Right?! 

I put some useful links at the end like before. I hope it does help.

http://technet.microsoft.com/en-us/library/cc751313.aspx

http://support.microsoft.com/kb/324749

http://www.windowsnetworking.com/articles_tutorials/Profile-Folder-Redirection-Windows-Server-2003.html

http://en.wikipedia.org/wiki/Roaming_user_profile

CMS Awards

I know it's a long time since my last post. Well I was busy doing stuff! Anyway, I was working on a new project with some of my friends to design and program a new CMS, based on Microsoft ASP.NET . But it's not completed yet, actually it needs more time. A web CMS or Web Content Management System is a system for managing the website content easily using  an administration control panel. There are some CMSs in the market you can use, some free some commercial. and even some of them are open source.

Drupal and Joomla were awarded as 1st and 2nd places in the year 2009 in the open source CMS award in the Best Open Source PHP CMS category. these two CMSs have been always in one of three first top positions. There are other CMSs awarded in different categories too. like Microsoft Sharepoint 2007 for document management and collaboration. this year WordPress was awarded as Overall Best Open Source CMS. For those unaware, WordPress is an open source blogging platform that powers hundreds of thousands (if not millions) of websites.
Creating a new CMS depend on detail level and customization level is a hard work. actually it is fun too!! At least you can try one of these free CMSs. you can learn many things just by using them. have fun!

Gmail Vs. National Email

Hi guys

Limiting internet users in Iran to access the information on web is not a good thing, and now blocking Gmail!!! WwowW, what a SHAME! but it really happened! I couldn't believe it at the first place but after a while we still have very limited access to gmail service in Iran. As an Iranian I'm so embarrassed! The government says we are guiding Iranians to use the National Email Service by blocking the Gmail service. but really? they couldn't find any better ways to get Iranians to use the new service?! also this service is new and there should be a period of time to test it like any other systems.

you should offer a better service to get people to use it, or you can use it as a formal Email service, but you can't say people what to choose!!! think again!