How to Disable AutoReboot on Windows to Prevent Continuous Rebooting

Leave a reply

I worked on a Windows XP computer recently. This computer kept on rebooting continuously. I did not get a chance to see the blue screen of death for the error message for diagnostic purposes. While there are instructions available on how to disable AutoReboot when the computer can still boot normally, those instructions did not work in this case because the computer could not boot up at all.

With the help of Ultimate Boot CD(UBCD) for Win, I was able to modify the registry of the sick computer and stop it from continuous rebooting. Here are the steps:

  1. Download the CD image from this site on a working computer.
  2. Burn the CD image to a CD.
  3. Boot the sick computer using the CD. It usually involves pressing a function key during start up. Consult your machine’s user manual to find out which key to press.
  4. Launch UBCD for Win.
  5. Click on Start -> Programs -> Registry Tools -> RegEdit.
  6. Click on HKEY_LOCAL_MACHINE to select it and then click on File -> Load Hive… .
  7. Browse to C:\Windows\System32\config\ and select system. Click on OK. Name it LocalSystem.
  8. Once the registry hive is loaded, browse to this key: HKEY_LOCAL_MACHINE\LocalSystem\ControlSet001\Control\CrashControl\AutoReboot
  9. Double click on the key and change the value to 0.
  10. Click on File -> Unload Hive … .
  11. Reboot the machine. Now the computer won’t start continuous rebooting again, and you should be able to see the error message.

How to Change Default Host for Cisco AnyConnect on Windows

Leave a reply

We have 2 VPN networks at work. However, when we installed the VPN client, only one showed up. I tried to find a way to add the other VPN network and set it as default using the GUI interface, but there was no such option.

I found a document on the Cisco web site about how to customize the preference. The default host is specified in a preferences file. The file is called preferences.xml and is at this location:

Windows XP

C:\Documents and Settings\username\Local Settings\Application Data\Cisco\Cisco AnyConnect VPN Client

Windows 7

C:\Users\username\AppData\Local\Cisco\Cisco AnyConnect VPN Client

Use an editor and open the file. Find this line and enter the VPN server name.

<DefaultHost>vpn.mycompany.com</DefaultHost>

You can see the server name the next time you run Cisco AnyConnect client.

 

How to Use Cisco AnyConnect VPN Start Before Login on Windows 7

2 Replies

We use Cisco AnyConnect VPN to provide remote users with access to servers behind a firewall. AnyConnect also has a utility that enables users to logon to VPN before logging on to the computer. This is very useful for laptops. The utility is called Cisco AnyConnect VPN Client Start Before Login Components.

Once you have the utility installed, you will be prompted to logon to VPN first on Windows XP. However, it does not prompt you to logon on Windows 7. Here are the steps to get to the VPN prompt on Windows 7 Enterprise:

  1. Press Ctl+Alt+Del at the logon screen.
  2. Click on  Switch User.
     
  3. Click on the new button that now appears beside the power button.
  4. Now you can use the VPN dialog to logon.

Easier Way to Enter Local Computer Name on Logon Screen for Windows 7

3 Replies

It’s easy to switch from a network account to a local account on Windows XP Professional. The logon screen provides a Log on to dropdown box where you can select (this computer). However, this feature has changed in Windows 7: There is no longer a dropdown box on the logon screen anymore. If you want to logon using a local account, you will have to specify the computer name by typing it manually. For example, if the computer name is COMPANY-GROUP-COMP1 and the local user name is LOCAL-USERNAME, you need to enter user name in this format: COMPANY-GROUP-COMP1\LOCAL-USERNAME. This could be a problem since most people do not know their computer names, and entering a long computer name is prone to errors.

I just found this out a couple of weeks ago, and I wish I could have learned of this earlier. Instead of entering the computer name, you can just enter a period (.). So, you can enter .\LOCAL-USERNAME in the logon screen if you want to logon to the computer using a local user account. You do not need to know the computer name, and it’s much easier to type. This also works for the user account control when you run a program as an administrator.


How to Prevent Skype from Using Port 80 and 443

Leave a reply

I was working on a network issue on my computer when I discovered that port 80 was open. This surprised me because I did not install any software that used port 80. For those who are not familiar with port 80, it is usually used by web servers. So, I brought up an elevated command prompt and typed the following command to find out which program was using port 80.

netstat -abn

And this is an excerpt of the results.

TCP    0.0.0.0:80          0.0.0.0:0              LISTENING
[Skype.exe]

This surprised me even more: I did not realize Skype was using port 80. To change this behavior, click on Tools -> Options and then click on Advanced -> Connection. Uncheck the box Use port 80 and 443 as alternatives for incoming connections.

Note that after you have unchecked the box and restarted Skype, it will stop using port 80 and 443. Instead, it uses port 10393 for incoming connections.

Mac Leopard Server and Range Header DoS Vulnerability Apache HTTPD CVE-2011-3192

Leave a reply

During a recent security scan of our machines, we found that one Leopard server had this range header DoS vulnerability for  Apache web server (CVE-2011-3192). We updated the Leopard server with all the updates from Apple, but this problem still was not fixed. We had to do it manually to fix the problem.

According to the bulletin, the mitigation is to “Use SetEnvIf or mod_rewrite to detect a large number of ranges and then either ignore the Range: header or reject the request.” Here is what I did on the Leopard server:

  1. Open Terminal application.
  2. Use a text editor (vi or pico) to edit the web server configuration file httpd.conf . 
    sudo vi /etc/apache2/httpd.conf
  3. Append the following to the end of httpd.conf . 
    # Drop the Range header when more than 5 ranges.
# CVE-2011-3192
SetEnvIf Range (?:,.*?){5,5} bad-range=1
RequestHeader unset Range env=bad-range

# We always drop Request-Range; as this is a legacy
# dating back to MSIE3 and Netscape 2 and 3.
#
RequestHeader unset Request-Range
  4. Save the file.
  5. Restart the web server.

Windows 7: How to Disable Ctrl + Alt + Del on Logon Screen

1 Reply

We just got an Asus Eee Slate EP121. It came pre-installed with Windows 7 Home Premium edition. Since it was going to be used in an Enterprise environment, I wiped the hard drive clean and installed the Enterprise edition of Windows 7. When the tablet booted up the first time, I noticed a problem. The machine required me to press Ctrl+Alt+Del to log on. I had to connect a USB keyboard and use that to log on. Fortunately, the Eee Slate comes with a wireless keyboard, so it will not be a problem if you have the keyboard paired and ready to use. However, it can be a problem if you are out in the field without either a wired or wireless keyboard handy.

There is a way to disable the pressing Ctrl + Alt + Del requirement, through the Local Security Policy. Here are the steps:

  1. Click on the Windows logo.
  2. Enter secpol.msc and press Enter.
  3. Local Security Policy shows up. Expand Local Policies and then Security Options.
  4. Scroll down on the pane and double click on Interactive logon: Do not require CTRL + ALT + DEL.
  5. Click on Enabled and click on OK.
  6. Reboot the computer. You do not have to press Ctrl + Alt + Del on the log on screen any more.