Thursday, June 11, 2009

Microsoft Exchange Server 2010

Just when the speculations about Office 14 was starting to hum in, Microsoft puts forward a decisive disclosure that it will not come before 2010 but there will be a public beta version available for the new and refined exchange server program. The public beta test version of Exchange Server 2010, as the product is called, is the first of a wave of upgrades to Microsoft programs as they prepare their next big release of the entire office suite. Exchange Server can work entirely as an online service, which may attract customers looking to save money on hardware and support for their e-mail and messaging systems. It has enhanced information leakage protection, transcribe voice message et al. So let's look at its features and what more does it have to offer.
Enhanced Interoperability

As Cnet quotes Sanjay Jha, the lead of Exchange Server operations within Microsoft,
…the technology preview will include both the traditional desktop versions of Word, Excel, PowerPoint, and OneNote as well as the browser-based "Office Web Apps" that Microsoft is building. The browser-based versions will be somewhat more limited than their desktop counterparts, but will include basic editing abilities, Microsoft has said. The software maker has also said the browser-based applications will run in Safari and Firefox, in addition to Internet Explorer, which will take Office onto both Linux computers and the iPhone.

interoperability, here comes Microsoft. But talking bout interoperability, its not something new in Microsoft, If you remember well, they foresaw the technological demands of 'settling for less materials and more productivity' and the need to be platform independent (or come outta Micorosoft framework) quite early with eclipse4SL


1. OWA (Outlook Web Access) support for Multiple Browsers

I know the title is self explaining. But, to tell you the truth, a person with Mac or Linux very reluctantly switched from Firefox or Safari to Internet Explorer just because they had to run IE in a Windows VM and that too which had no multiple tabs then. With this web access for different browsers, Microsoft made up a lot for the acceptability.

2. Improved Storage Reliability

You can now run Exchange reliably without dealing with Windows clustering, RAID arrays, or fancy Enterprise-class disk. It will be cheap to save or restore/ recover data and quick too.

3. Mail Tips

I still smell something like the one Google did with Gmail last month, Undo button. But its just my bad nose. Mail Tips is a program which tells you about the possible mistakes you are going to do by sending a mail to someone whom you don't intend to. After all, you won't like to send a personal mail to your secretary or boss anyway. Mail Tips helps you in that case, by warning you from before and giving you tips. Cool one.

4. Conversation View

Talking about the latest development project online and want all of them to get connected at once? It sure is a painful job to devote one window a person. But now you can have threaded conversation under a single node. How is it a big deal? We are using such things for the last 20 Years! Okay It is new to Outlook and OWA, and we should be happy.

5. Sharing

This is another of a kind which lets you share a lot of things effectively. Exchange server program has two main properties to share.
Calendar Sharing: You can share calendars to federated users by OWA.
Contact Sharing: You can share contacts very easily now.

6. Voice Mail Preview

This is quite a nice feature. You will now have a text preview of your voice mail messages! I am not quite sure how perfectly is it gonna work, but the very concept is lucrative enough to give it a shot.

7. Exchange Control Panel (ECP)

Exchange control panel is another new addition to this. Now you get self serviced tasks which uselessly needed administrators to prompt before. Another brownie point to Microsoft for optimizing.

8. Critical Security

Microsoft has gone over the typical or traditional security benchmarks and have fancied some really cool features in Exchange server programs. If you lead the organization, you will be happy to know that Microsoft has introduced features like,
Mobile Device Block/Allow List: That allows/ blocks specific devices only, helping you to have a secure way of hardware monitoring.
Protected voice mail: You can now actually protect voice mail and track them and restrict them not to go outside the organization anyhow.
Outlook protection rules: Automatically triggers Outlook to apply an RMS template to a message before it is sent.

9. Distribution Group Management

Now users can create, modify and access different distribution groups according as their choices and likings. That will help a better precision in teaming with the right kind of people under a single roof which will automatically increase effectiveness than reaching out to specific people individually.

10. Others

And there are few more noteworthy features which I want to sum up in one line. You get SATA support now involving I/O optimization, JDBO support, incoming voice mail reception, multi-mailbox search — all of them will prove to be helpful in someway or the other

Its just a public beta version only. We haven't seen the final specimen just like Windows 7 But the new Exchange server, just like the exciting new OS of Microsoft, sounds and shows promise. I don't know about pricing but I guess it will be on the higher side. Considering Microsoft perfects any and every feature they have talked of, Exchange Server may well be one of the most popular products of Microsoft.

Friday, March 7, 2008

8 Traits of Effective IT Leaders

#1 Leadership means focusing on the needs of others, not yourself

Real leaders try to provide service - to their team, their customers, and anyone else met. Leadership is not a 9-to-5 job. By focusing on the needs of customers, and then trying to align his or her team in ways to meet those needs as well as the needs of the team, a leader gets the job done and develops followers. Customers want to work with a leader because a leader team produces results. Your team wants to follow your lead because you take into account its needs and requirements.

To improve your leadership skills consider spending as much time with your customers as you do with your team.

#2 Leadership comes from your actions, not your title

Some of the best leaders don't have CIO or VP titles. Leadership in fact has nothing to do with title or pay-grade. Leaders lead because others want to follow them. Why would anyone want to follow a leader? Because a leader motivates its followers, gives them purpose, supports them, guides and mentors them, and even "takes flak" to protect them.

To be a better leader you need to ask yourself some hard questions. If you are not leading then you are dictating, and no one follows a dictator.

#3 Leadership makes you accountable, even if it's not your fault

A leader take full responsibility for his or her mission and with this comes accountability for failure. Leaders don't blame their team, or complain about unreasonable customer requirements. Leaders set expectations by focusing on the needs of others (Trait #1) and build consensus for what can be accomplished. If something goes wrong, a leader accepts responsibility - even if it was a team member that was the cause.

Think about the last time someone on your team made a mistake. Did you support and counsel them? Did you turn the failure into a learning opportunity? Or did you ridicule, shun, or punish him or her?

#4 Leadership is not a 9-to-5 activity

Being a leader means focusing on the needs of others and helping others when they fail. This can require additional work, even after hours. Often it is only personal engagement that uncovers the root cause of an unhappy worker. And many times these root causes present opportunities for improvement beyond the single worker.

Do you stay and work with the team? Not just being in the office, but do you actively engage and work to deliver when required?

#5 Leadership takes trust from your followers

When you focus on the needs of others, motivate your team, and satisfy your customers, when you take responsibility for success and failure, when you engage with your team on a personal level, then you build trust. Trust does not come easily. You have to earn trust. It won't come because you have an impressive title. You can't buy, barter, or steal trust. You have to earn it. You have to follow the first four traits on a regular basis for enough time to have earned the trust of your customers and team.

Do your customers trust you? Does your team get behind your ideas because they know you will protect and guide them?

#6 Leaders get their best ideas from their team

The best ideas are not going to come from the leader, but rather from those being led. A good leader develops consensus for a project based on its relationships to customers, company, and staff. Exactly how the project should unfold is often best left to the team to determine. Nothing so engages and commits a team to a leader than for them to be part of the design of the solution. No one knows the job better than the person who does it every day.

Do you dictate schedules to your team or do you and your teams negotiate on how to get things done? Ask your team for their ideas - and then use them. Just remember trait #6 - always give the credit to the team. The leader's credit comes only by crediting the team he or she leads.

#7 Leadership thrives on diversity

I love the story about the IT group at a major retailer. The business needed to know the conversion ratio: that is, how many people entering a store purchased something. IT began brainstorming traditional IT solutions -- complicated, highly automated, and expensive. On a whim, an IT leader asked a non-IT person how they might determine how many shoppers who came into a store actually purchased something. The non-IT solution after just a few minutes of thought was to hire a couple of temporary workers and have them count the number of people entering the store and then leaving with a shopping bag.

Instead of the typical all-consuming and expensive 18-month IT project more likely to fail than succeed, they got a cost-effective low-tech solution in a few hours. The best ideas come from those who don't think as you do. Expand your circle of relationships; nurture those who think differently from you.

#8 Leadership comes from continuous communication

To be able to lead and embrace these traits requires communications skills. I'm not talking about superior comedic skills when presenting. I am talking about person-to-person verbal and non-verbal communications.

This is counter-intuitive, but to present your ideas requires that you listen. To understand and accept the ideas of others requires that you talk. These are skills many people never develop, but all true leaders seem to have mastered.

In a meeting, do you do most of the talking? When you are listening to others, are you an active listener, repeating what you have heard to make sure you understand what was said?

Thursday, March 6, 2008

How to break or hack Windows XP password

If you want to hack or break the password of any windows XP system then you should have physical access to the system and then follow these simple steps.

In case of user password boot the pc in safe mode by pressing the F8 key and then selecting the Safe Mode option. You can now log on as an administrator and XP wont prompt for the password. Incase of an administrator account try rebooting the pc in DOS.

access C:\Windows\system32\config\sam and

Rename SAM as SAM.mj

Now XP wont ask for password next time You Login. Also

=> Go to the cmd prompt.
=> Type net user *.

It will list all the users.
Again type net user "administrator" or the name of the administrator "name" *.
e.g.: net user Jayanthi *(where Jayanthi is the name).

It will ask for the password.

Type the password and there you are done.

Logging In As Administrator:

Hold the Ctrl-Alt key and press Del twice. This will bring up the normal login and you can log on as Administrator.

To unhide the Administrator account so it does show up:

Start Regedit

Go to HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ Winlogon \ SpecialAccounts \ UserList

Unhide the Administrator key by giving it a value of 1


Monday, March 3, 2008

How to Disable or Enable USB in the computer?

Now days there are certain type of viruses and spy-wares that are spreading from pen-drives just because of the unprotected use of Pen drives because usually user does not scan the pen drive before its use by the updates anti virus software’s. This situation got worse on shared computers. So, some of the administrators block the USB ports so that system does not get infected by this way. You can also disable and re-enable your system's USB ports by a simple trick.

How to disable USB storage accesses for a certain group of users this disabling and re-enabling of USB ports is based on a simple registry entry. By following these simple steps anyone can disable and re-enable the access of USB ports.

To disable the access to USB port, in Windows XP and Windows 2000

1. Click Start, and then click Run.

2. In the Open box, type regedit, and then click OK.

3. Locate, and then click the following registry key:

4. In the right pane, double-click Start.

5. In the Value data box, type 4, click Hexadecimal (if it is not already selected), and then click OK.

6. Quit Registry Editor.

To re-enable a disabled port:

1. Click Start, and then click Run.
2. In the Open box, type regedit, and then click OK.
3. Locate, and then click the following registry key:
4. In the right pane, double-click Start.
5. In the Value data box, type 3, click Hexadecimal (if it is not already selected), and then click OK.
6. Quit Registry Editor.

Serve your company better…… - Elango C

Friday, January 18, 2008

Memory Leaks Detection: A Different Approach

There are different ways to manage dynamically allocated memory

Experienced C/C++ programmers know what it means to properly manage dynamically allocated memory to avoid memory leaks. Michael presents an alternative approach.

Experienced C/C++ programmers know about the need to properly manage dynamically allocated memory to avoid memory leaks. Unfortunately, many of us still find ourselves in a tough position when there is a memory leak in the software. How is it detected in the first place? Simply looking at the task manager (or other appropriate tool that shows memory-use statistics) indicates that the memory used by the process is constantly growing. That means that the memory use is expected to remain constant. But the program must allocate memory, at least at the beginning of its life. Therefore, a more precise description would be that the process is running for a while, the input rate is constant, and the memory continues to climb. The interpretation of the input rate depends on the purpose of the program; for a web server, for instance, it can be network traffic throughput, or the number of requests per second.

How do you attack this problem? Assume that your first attempts at just looking at the code failed, and you need to get help from an automatic memory-leak detection tool. While your favorite tool may use unique techniques to trace memory allocation/deallocation and different algorithms to organize that information at runtime, it most probably works like this:

1. From the moment the program starts, it traces each memory allocation (probably with additional information, such as a call stack).

2. It registers all released memory.

3. Before the program terminates, it prints out information about each unreleased memory block.

When Good Isn't Good Enough

In many cases, there are two reasons why memory-leak reports won't give you much useful information. First, they complain about many nonexisting memory leaks and miss many real ones.

Say, for instance, that there are many memory allocations that are never released by design. Those are the static members, allocated at the beginning of the process, and Singleton objects created later using a lazy initialization strategy (for instance, your web server may load a static file to the memory when it is first requested). Other examples include custom memory pools, which can allocate up to a certain maximum number of objects, then reuse them through the rest of the process's life. In all these cases, the memory is never released. Although it's a good practice to clean up all resources, it doesn't always happen. I can even give you a reason for releasing those objects—it slows the shutdown process of your program. But what's more important is that all the memory used by the process is automatically reclaimed by the operating system (on most modern systems), and while the process is running, the size of all that static memory is known in advance and is strictly limited.

The second reason is that memory leaks, which would be missed by such reports, can be defined as "Java-style memory leaks." That is, although the object is no longer needed (at least according to the program's logic), it is never deleted because you have a valid pointer to that object, probably lost in some cache or other container. And if this object is properly wrapped with a smart pointer, it will be deleted at the end and won't appear as a memory leak. Needless to say, this is a common reason for constantly growing memory.

Any remaining classical memory leaks, which can be detected in the usual way, may still be missed because they're hard to discover in the background of other false alarms.

Detecting a Better Tool

So let's make a wish list of requirements for a memory-leaks detection tool (I'm only talking about management of runtime info regarding memory use, and not about techniques to trap allocations/deallocations made by the program):

  • They should let you begin registering new memory allocations at any arbitrary point of time. You will let the application properly initialize first.
  • They should stop monitoring memory activities and get a current-leaks report at any time.

Returning to the web server example, assume that it holds a session context per user—this is some information needed to process all requests made by the same visitor. As you don't want to keep this information forever, you release all related objects after a timeout of 20 minutes from the visitor's last request. Figure 1 shows a schematic lifetime of session objects, assuming that you start monitoring at time 1 and end at time 7.

At time 7 (when you end memory monitoring), session objects for Ron and Superman are still alive, and they were allocated during the monitoring interval. As a result, those session objects would be listed as memory leaks, even if you know that they aren't. That is exactly what you tried to prevent.

As a solution, you need to rethink the second requirement and replace it with:

  • You should be able to stop registering new memory allocations, while still updating the state on each released object.
  • At time (c), you want to get a report of all memory blocks allocated in time period (a)-(b), which were not released within the (a)-(c) time interval.

For the imaginary web server, assume you've started the process at 10:00. You can begin all monitoring at 10:10; turn off new allocations tracing at 10:15; and only at 10:40 get the final report of all memory leaks (for objects allocated in the five minutes between 10:10 and 10:15). Such flexibility in activation times and separation of new and delete processing are key points in building a better memory-leaks detection tool.

When thinking about additional features it might have, I would add:

  • Start monitoring only memory allocation made from a specific thread or group of threads.

Again, this is a good way to focus on specific areas of processing, ignoring unnecessary noise in reports. For example, a web server may have a pool of threads that handles user requests. You suspect that the memory leak is hiding in the code processing those requests, so you want to filter out all allocations made from other parts of the code. In many cases, you still want to process all memory deallocations, even in other threads (for example, you may send objects from processor threads to a special logger thread, and have the latter release those objects).

External Tools Versus Integrated Solutions

There are trade-offs in deciding which tool is most appropriate for your project. The first step is choosing between an independent external tool or an integrated solution that requires some changes in your source code.

The clear advantage of the first option is the ease of use—you just need to plug it in to the application, no extra work required. Going back to the list of expectations from the memory debugging tool, you will probably need to give up the last requirement— selection of threads—because external tools are not aware of the internal layout of the process. You will also need to guess the best times to start/end monitoring, without knowledge of the current state of the program.

On the other hand, adding simple code to your web server allows you to monitor specific threads while it processes a single request. You may prefer to invest some effort now, and build an infrastructure that will make memory debugging much easier in the future. In the long run, it will save you a lot of time.

Existing Tools?

Are there existing tools that implement the functionality I've examined here? To be truthful, I'm not aware of any commercial memory-profiling tool, but there are a couple of open-source projects that implement this approach:

  • Windows Leaks Detector ( for Win32 attaches to any running process (no source code required), provides a basic UI to start and end monitoring memory activity, and finally produces a report of all memory leaks with full call stack information. It also lets you automatically add debugger breakpoints when memory allocation occurs.
  • LeakTracer ( for Linux requires special compilation of your project.

Tuesday, January 15, 2008

Mebroot / Rootkit – The New challenge to the Security experts.

Internet security experts are warning Windows users about a new Rootkit that steals login details for online bank accounts.

These are then sent back to the criminals for either selling to the highest bidder, or for use by themselves to drain the victim’s funds!

What is a Rootkit?

A rootkit is a malicious program (or combination of several programs) designed to take control ("Administrator" access) of a computer, without authorization by the owners.

Typically, rootkits act to obscure their presence on the computer through "subversion" or "evasion" of the operating system security mechanisms. A rootkit will conceal running processes from monitoring programs, or hiding files or system data from the operating system.

Sometimes, they are also Trojans as well, thus fooling users into believing they are safe to run on their systems!

Why is Mebroot Different?

The Memboot rootkit (first called this by security firm Symantec) is unusual in that it tries to overwrite part of a computer's hard drive called the Master Boot Record (MBR).

This is where a computer looks when it is switched on for information about the operating system it will be running.

"If you can control the MBR, you can control the operating system and therefore the computer it resides on!" wrote Elia Florio on security company Symantec's blog.

How Does Mebroot Infect a Computer?

Mebroot has been deliberately installed at websites controlled by the criminals and targets those website visitors who have not patched their computers with the latest security updates from Microsoft.

Once it installs itself on the vulnerable computer, it then contacts a remote server on the internet and downloads additional nasty software called "key loggers".

These special software programs are designed to capture all your passwords and login information and send it back to the criminal gang.

Analysis of Mebroot has shown that it uses its hidden position on the MBR as a beachhead so it can reinstall these associated programs if they are deleted by anti-virus software!!!

Most of these key logger programs lie in wait on a machine until its owner logs in to the online banking systems of one of more than 900 financial institutions it has been programmed to recognize.

Leading security firm iDefense has said that Mebroot was discovered in October 2007, but only started to be used in a series of attacks in early December 2007.

The Russian virus-writing group behind Mebroot is are specialists in stealing bank login information.

What Can a Computer User Do - Some Notes:

# Computers running Windows XP, Windows Vista, Windows Server 2003 and Windows 2000 that are NOT fully patched are all vulnerable to the virus. Make sure you have Automatic Updates turned on!

# Make sure you have an up to date security suite installed! If you don't then consider:

# CA Internet Security Suite PLUS 2008 which is 15% off until 31st March 2008 if you enter coupon code CAISS15 during checkout process.

# Although the password-stealing programs that Mebroot installs can be found by security software, such as CA Internet Security Suite, few commercial anti-virus packages currently detect its presence. Although this will change in the coming months now they know what to look for. (At least for now they will block the key logger Trojans from stealing data.)

# Mebroot cannot be removed while a operating system is running. However running the "fixmbr" command from within the Windows Recovery Console successfully removes the malicious MBR entry.

# Independent security firm GMER has produced a utility that will scan and remove the Mebroot stealth program! Please note that this is an advanced tool and not to be used without some caution:

# It seems that so far Windows XP is the most vulnerable operating system so far.

# In ADDITION to running your normal security software, consider running Threat Fire along side for better protection. By constantly monitoring the activity on your PC ThreatFire’s ActiveDefense technology is able to hunt down and paralyze threats that are too new or too clever to be recognized by traditional security software.

...and stay safe!

Thursday, November 1, 2007

Windows Vista UAC

User Account Control (UAC)

User Account Control, or UAC, is a security feature of Windows Vista. Any action that can affect the security or reliability of Windows Vista now requires a confirmation before Vista will apply the changes. Standard Users will need to enter an Administrator’s password before making changes, and if a user is already running as an Administrator, Vista still requires a quick confirmation to ensure the changes are not being made by male-ware.

In previous versions of Windows, users running as Admin gave viruses and male-ware free reign of their system because the administrator had privileges to make changes that would affect the entire system. UAC is a slice of security between the user and the Windows Operating System, which is enabled by default to save us from ourselves.

This security does not come without a price, however. Users will either be relieved or frustrated with the dialog boxes that continuously pop up asking for permission or confirmation on a change being made to Windows.

User Account Control should be viewed as a benefit, and users should give it a chance before disabling UAC. After time, the notices will seem to diminish and fade into the background. The more you use Vista, the less intrusive the UAC notices will become.

But User Account Control can be turned off, though it is not recommended. Login under the ADMIN login name, and then go to the control panel, then to the user accounts. Look for Turn User Account Control On/Off.

If you decide to do this, at least be sure to create a Standard User account and run under that name. Running as Admin without UAC can open your system to attacks as viruses will have full privileges on your system and be capable of doing whatever they want to your machine.

How to Check if DVD Decoder Software is Installed

By default, Windows XP does not come with compatible DVD decoder software installed. To confirm if you have Windows XP-compatible DVD decoder software on your system:

  1. Select Start > Run
  2. Enter cmd in the Open box, and click OK
  3. Type dvdupgrd /detect and press Enter
  4. A Windows dialog box will open with identifying information about the installed software. If No decoders found is displayed, no decoder is installed

Thursday, October 4, 2007

Windows Vista ReadyBoost

Modern day software is more and more resource hungry, in every aspect of computing power.

Demands increase continuously, regardless of whether it's CPU frequency, hard-drive capacity or RAM memory that we are talking about.

Although a RAM memory upgrade is often desirable, there are cases when it cannot be immediately done. RAM memory is still quite expensive so this may prevent some and if you are upgrading an older computer you may have already achieved the maximum amount that can be physically installed.

So wouldn't it be nice to have a way to boost our computers performance in such scenarios?

Welcome to Windows Vista ReadyBoost!

Whilst physical memory such as RAM is quite expensive there is another form of memory that is far cheaper and that is called Flash memory.

Your computer can access Flash memory around 10 times faster than your hard drive so making it an ideal medium for ReadyBoost technology. Windows Vista can simply use the Flash memory as if it was extra RAM.

Using a Flash memory device such as a USB memory key/stick (called a flash drive by the operating system), Windows Vista can create an intermediate caching layer on the device that logically sits between RAM memory and your hard drive.

This can offer some great system performance gains.

Whenever a Flash drive is detected, Windows Vista will check to see if it is fast enough to be used by ReadyBoost as not all Flash memory available is fast enough. If it passes the test, the user can then allocate some memory for ReadyBoost usage.

However Windows Vista will work out the amount of space is recommended for optimal performance, but the user can choose to ignore this recommendation, using more memory than recommended, less, or none at all. Up to 4 GB of suitable flash memory can be used.

ReadyBoost is analogous to using the page file in some ways, but it concentrates on storing different kinds of data. The performance gain depends sensibly on what kind of data you are using. When working with many small files, or when frequently having to access small pieces of data, the performance is sensibly improved. For larger files, the performance gain is often less in my experience.

USB Flash Drive

I have personally seen BIG performance gains on older computers upgraded to Windows Vista, that only had 512 Mb of RAM installed. By adding a 4 Gb flash drive to one of the USB ports and then letting Windows Vista choose the optimal amount of memory to use, the system was notably more responsive when using multiple applications (Internet Explorer, Outlook, Word, Excel and Windows Media Player) at the same time.

The data stored on the flash drive is encrypted using the AES-128 encryption scheme. This ensures that the data is very difficult to decrypt, should the flash drive be stolen.

The entire process is essentially hidden away from the user. Windows automatically manages the newly available memory, and the flash drive can be removed at any moment, without affecting the system.

Although most devices are already supported, some aren't. Namely, external card readers are not supported for technical reasons, and MP3 players are not supported because Windows does not recognize them as actual disk volumes, but rather for what they are; MP3 player. However, the ReadyBoost team is adding support for new devices.

ReadyBoost is also a very young technology. Although mature enough to ship with Windows Vista, we can expect to see it with several improvements in future versions of Windows or future Windows Vista service packs.

For the technical folk reading this article ReadyBoost consists of two parts. A service in

%SystemRoot%\System32\Emdmgmt.dll that runs inside a Service Host process

(%SystemRoot%\System32\Svchost.exe). And a volume filter driver


When you insert a USB flash device into Windows Vista, the ReadyBoost service looks at the device to determine its performance characteristics and stores the results of its test in the following registry entry:

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\Currentversion\Emdmgmt

By the way if you are wondering why the notation Emd is used instead of something likeReadyBoost. During development of this technology the working name was simply called External Memory Device, and so Emd is simply short for that!

Be ready to play your favorite game and applications on Vista quicker.

Friday, September 21, 2007

Good features in IE 7 with Windows Vista

Internet Explorer 7 Security

A major advancement in browsing security was released with Microsoft Vista's Internet Explorer 7. Browsing the Internet in the past was akin to walking through a minefield, where dangerous malware threatened to take over your machine with just one click. Windows Vista has locked down Internet Explorer 7 with a default feature called Protected Mode. Protected mode is security settings in the browser that give the user just enough privileges to surf the Internet, but not enough privileges that allow changes to be made to the system.

protected mode

Parental Controls

Internet Explorer also integrates a powerful parental control feature that allows you to limit your child's activity on the computer. You can access these controls from the Tools, then Internet Options, then the Content menu. Decide when and what websites your child visits, and also the types of video games your child plays on the computer, which are rated by the ESRB.

Phishing Filters

Phishing is a website that deceives a visitor into thinking the website is something other than what it is, such as a bank website or any other site that may need your username and password. Phishing is a way hackers steal identities. Internet Explorer keeps an updated list of these sites and attempts to filter them from your web browser automatically.

Windows Vista has made an attempt to recover IE's tarnished past with the release of Vista and Internet Explorer 7. They have done a great job of tackling the concerns of parents and users who want to keep malicious code off of their computers. Time will tell just how successful their endeavors will be, but we suspect these features will recover some of those users who always loved Internet Explorer, but were just too afraid to use it.

Tuesday, September 18, 2007

System trouble shooting tips.....

Troubleshooting On the Bench

There's nothing more frustrating than a freshly built PC that will not boot. Normally, you're starting with all new components and you're not sure if any of them work to begin with. This article deals with a few common techniques computer technicians use when dealing with this common problem.

Before you begin yanking out cables and components, just go over your connections one last time. A common mistake is the connection from the case power and reset switches to the motherboard. Carefully review the motherboard's manual to make sure these connections are right. Not only do the connectors need to be on the correct pins, they must also be in the correct orientation. If that is good, make sure the | / O switch on the back of the power supply is in the "|" position. Then, give the computer a little shake. Do you hear any screws bouncing around between the motherboard and the case? This can cause the system to blow or go to ground. Lastly, make sure the CMOS jumper is on pins 1-2. If it is on pins 2-3 the motherboard will not boot. This jumper is located near the watch-like battery on the motherboard.

Still no POST? Now carefully remove any PCI and AGP cards. Unplug the power supply and IDE cables to make life easier. You may already be able to get to the screws that hold the motherboard to the case. Personally, I like to remove everything except the CPU and heat-sink before pulling the motherboard.

Once all components are out of the case, place the motherboard on an antistatic bag (use the bag the motherboard shipped it, if possible) or a piece of cardboard. Be sure not to leave the motherboard running on the cardboard unattended because there is a remote possibility it could cause a fire.

You may need to rest the cardboard and bag on top of the case depending on the amount of wire you have with the case wires and the power supply leads. You can short the pins on the motherboard to boot without actually using the case wires but we are not going to cover that here.

Now make sure you only have the bare minimum of components connected to the motherboard. This means only one stick of memory (if the motherboard allows only one stick), the CPU and the video card. Nothing else. The only thing we're trying to do here is get the system to POST. A successful POST should result in a single, short beep. Make sure the motherboard has a built in speaker or you will need to connect an external speaker via pins on the motherboard.

If you still get nothing, begin swapping out spare parts if you have them at your disposal. Otherwise, you will need to start returning the components, starting with the motherboard, then the CPU. Before returning them, look for visible signs of damage (scorch marks on the CPU, bubbling capacitors on the motherboard, etc...).

Good luck. The most important ingredient in troubleshooting a new PC is patience.

What is "Lost cluster in a lost chain" error when I run chkdsk?

Lost Clusters on HDD

Frequently running Scandisk or chkdsk can help save your data. Hard drives can develop bad clusters over time, and those utilities can help retrieve corrupt data, and also prevent data from ever being written to those bad sectors again. Running these disk management tools will help reduce crashes and further loss of data. They may also help make you aware of impending hard drive failure.

Lost clusters in a lost chain

A typical error, such as "lost cluster in a lost chain" indicates that data is present but there are no pointers pointing to that data. You can run chkdsk to attempt to recover the files, or you can simply repair the errors by selecting N when prompted for action. This will correct the errors but not save the data. Or you can press Y, which will attempt the associate a folder to that data. If a folder cannot be found, it will save the data in a folder labeled .xxx. The "xxx" is a sequential number, so the folder will probably be named .000 if the folder does not exist.

This utility exists in Windows 9.x systems, such as Windows 98 and ME. To access this utility, navigate to START>PROGRAMS>ACCESSORIES>SYSTEM TOOLS, then scandisk. You will be given the option to do a Thorough Scan, which is recommended as it physically scans the surface of the drive for errors. You can also specify if you want the errors corrected automatically, which is normally fine unless you want to attempt to recover the data.

Chkdsk is available in Windows 2000 and Windows XP. To run a chkdsk, go to My Computer and right-click the drive you want to scan, then select Properties. Under the Tools tab, you will see a section for Error Checking. Click Check Now. Again, you will be given options Automatically fix the errors, or to attempt to recover the data. You may be prompted to reboot so this utility can run before Windows loads. This is normal.

UAC in Vista

User Account Control (UAC)

User Account Control, or UAC, is a security feature of Windows Vista. Any action that can affect the security or reliability of Windows Vista now requires a confirmation before Vista will apply the changes. Standard Users will need to enter an Administrator’s password before making changes, and if a user is already running as an Administrator, Vista still requires a quick confirmation to ensure the changes are not being made by male-ware.

In previous versions of Windows, users running as Admin gave viruses and male-ware free reign of their system because the administrator had privileges to make changes that would affect the entire system. UAC is a slice of security between the user and the Windows Operating System, which is enabled by default to save us from ourselves.

This security does not come without a price, however. Users will either be relieved or frustrated with the dialog boxes that continuously pop up asking for permission or confirmation on a change being made to Windows.

User Account Control should be viewed as a benefit, and users should give it a chance before disabling UAC. After time, the notices will seem to diminish and fade into the background. The more you use Vista, the less intrusive the UAC notices will become.

But User Account Control can be turned off, though it is not recommended. Login under the ADMIN login name, and then go to the control panel, then to the user accounts. Look for Turn User Account Control On/Off.

If you decide to do this, at least be sure to create a Standard User account and run under that name. Running as Admin without UAC can open your system to attacks as viruses will have full privileges on your system and be capable of doing whatever they want to your machine.

Friday, August 24, 2007

What is BotNet....?

Botnet This is the name given to a collection of these bots.

Then what is Bot.......

Bots are software applications that run automated tasks over the internet. Bots perform tasks that are both simple and structurally repetitive, at a much higher rate than would be possible for a human editor alone. Bots are used in a malicious way by criminal gangs to coordinate attacks on networked computers for financial gain. (Thousands of infected PC's around the world can all be used at the same time for an unlawful act.)

Microsoft maps out Visual C++ future

Microsoft's Visual C++ team has been mapping out the future of the development platform, looking to highlight native and managed code capabilities, a Microsoft executive wrote this week.

"The Visual C++ team has been looking at what they should [feature] in VC++ to ensure that the direction of the product aligns closely with customer needs and market realities," said S. "Soma" Somasegar, corporate vice president of the Microsoft developer division, in his blog.

Three things are on the minds of the team: a renewed emphasis on tools for writing native code, extending applications to take advantage of managed functionality and recognition that developers are using C++/CLI (Common Language Infrastructure) to bridge native and managed code. Managed functionality being eyed by the team includes technologies such as Windows Presentation Foundation and Windows Communication Foundation.

"The team will be significantly increasing support for native development tools," Somasegar said. This involves investigating ways to make C++ developers more efficient in understanding, updating and validating the quality of large native code bases, he said. A front-end rewrite is being worked on to improve IntelliSense capabilities.

"This same work should pave the way for future enhancements such as refactoring and advanced source code analysis," said Somasegar.

Native libraries are to be updated to simplify development of rich client user interfaces and access to Windows platform innovation, he said. "Friction-free" interoperability between native and managed code is a goal also.

Microsoft's new Visual C++ strategy will begin to be reflected in the upcoming Visual Studio 2008 development tools platform, which had been codenamed "Orcas" and is due later this year. But most of the changes will occur afterward, said Somasegar.

"The team is currently kicking around a number of native code and interop features planned for Orcas+1, and we are always interested in hearing from customers," Somasegar said.

Friday, August 17, 2007

What is encryption?

The incredible growth of the Internet has excited businesses and consumers alike with its promise of changing the way we live and work. But a major concern has been just how secure the Internet is, especially when you're sending sensitive information through it.

Let's face it, there's a whole lot of information that we don't want other people to see, such as:

  • Credit-card information
  • Social Security numbers
  • Private correspondence
  • Personal details
  • Sensitive company information
  • Bank-account information

Information security is provided on computers and over the Internet by a variety of methods. A simple but straightforward security method is to only keep sensitive information on removable storage media like floppy disks. But the most popular forms of security all rely on encryption, the process of encoding information in such a way that only the person (or computer) with the key can decode it.

In this article, you will learn about encryption and authentication. You will also learn about public-key and symmetric-key systems, as well as hash algorithms.

Encryption Systems

Computer encryption is based on the science of cryptography, which has been used throughout history. Before the digital age, the biggest users of cryptography were governments, particularly for military purposes. The existence of coded messages has been verified as far back as the Roman Empire. But most forms of cryptography in use these days rely on computers, simply because a human-based code is too easy for a computer to crack.

Most computer encryption systems belong in one of two categories:

  • Symmetric-key encryption
  • Public-key encryption

Symmetric Key

In symmetric-key encryption, each computer has a secret key (code) that it can use to encrypt a packet of information before it is sent over the network to another computer. Symmetric-key requires that you know which computers will be talking to each other so you can install the key on each one. Symmetric-key encryption is essentially the same as a secret code that each of the two computers must know in order to decode the information. The code provides the key to decoding the message. Think of it like this: You create a coded message to send to a friend in which each letter is substituted with the letter that is two down from it in the alphabet. So "A" becomes "C," and "B" becomes "D". You have already told a trusted friend that the code is "Shift by 2". Your friend gets the message and decodes it. Anyone else who sees the message will see only nonsense.

Public Key

Public-key encryption uses a combination of a private key and a public key. The private key is known only to your computer, while the public key is given by your computer to any computer that wants to communicate securely with it. To decode an encrypted message, a computer must use the public key, provided by the originating computer, and its own private key. A very popular public-key encryption utility is called Pretty Good Privacy (PGP), which allows you to encrypt almost anything.

To implement public-key encryption on a large scale, such as a secure Web server might need, requires a different approach. This is where digital certificates come in. A digital certificate is basically a bit of information that says that the Web server is trusted by an independent source known as a certificate authority. The certificate authority acts as a middleman that both computers trust. It confirms that each computer is in fact who it says it is, and then provides the public keys of each computer to the other.

Public Key: SSL

A popular implementation of public-key encryption is the Secure Sockets Layer (SSL). Originally developed by Netscape, SSL is an Internet security protocol used by Internet browsers and Web servers to transmit sensitive information. SSL has become part of an overall security protocol known as Transport Layer Security (TLS).

Look for the "s" after "http" in the address whenever you are about to enter sensitive information, such as a credit-card number, into a form on a Web site.

In your browser, you can tell when you are using a secure protocol, such as TLS, in a couple of different ways. You will notice that the "http" in the address line is replaced with "https," and you should see a small padlock in the status bar at the bottom of the browser window.

The padlock symbol lets you know that you are using encryption.

Public-key encryption takes a lot of computing, so most systems use a combination of public-key and symmetry. When two computers initiate a secure session, one computer creates a symmetric key and sends it to the other computer using public-key encryption. The two computers can then communicate using symmetric-key encryption. Once the session is finished, each computer discards the symmetric key used for that session. Any additional sessions require that a new symmetric key be created, and the process is repeated.

Hashing Algorithms

The key in public-key encryption is based on a hash value. This is a value that is computed from a base input number using a hashing algorithm. Essentially, the hash value is a summary of the original value. The important thing about a hash value is that it is nearly impossible to derive the original input number without knowing the data used to create the hash value. Here's a simple example:

Input number

Hashing algorithm

Hash value


Input # x 143


You can see how hard it would be to determine that the value 1,525,381 came from the multiplication of 10,667 and 143. But if you knew that the multiplier was 143, then it would be very easy to calculate the value 10,667. Public-key encryption is actually much more complex than this example, but that is the basic idea.

Public keys generally use complex algorithms and very large hash values for encrypting, including 40-bit or even 128-bit numbers. A 128-bit number has a possible 2128


3,402,823,669,209,384,634,633,746,074,300,000,000,000,000,000,000,000,000,000,000,000,000 different combinations! This would be like trying to find one particular grain of sand in the Sahara Desert.


As stated earlier, encryption is the process of taking all of the data that one computer is sending to another and encoding it into a form that only the other computer will be able to decode. Another process, authentication, is used to verify that the information comes from a trusted source. Basically, if information is "authentic," you know who created it and you know that it has not been altered in any way since that person created it. These two processes, encryption and authentication, work hand-in-hand to create a secure environment.

There are several ways to authenticate a person or information on a computer:

  • Password - The use of a user name and password provides the most common form of authentication. You enter your name and password when prompted by the computer. It checks the pair against a secure file to confirm. If either the name or the password does not match, then you are not allowed further access.
  • Pass cards - These cards can range from a simple card with a magnetic strip, similar to a credit card, to sophisticated smart cards that have an embedded computer chip.
  • Digital signatures - A digital signature is basically a way to ensure that an electronic document (e-mail, spreadsheet, text file) is authentic. The Digital Signature Standard (DSS) is based on a type of public-key encryption method that uses the Digital Signature Algorithm (DSA). DSS is the format for digital signatures that has been endorsed by the U.S. government. The DSA algorithm consists of a private key, known only by the originator of the document (the signer), and a public key. The public key has four parts. If anything at all is changed in the document after the digital signature is attached to it, it changes the value that the digital signature compares to, rendering the signature invalid.

Recently, more sophisticated forms of authentication have begun to show up on home and office computer systems. Most of these new systems use some form of biometrics for authentication. Biometrics uses biological information to verify identity. Biometric authentication methods include:

  • Fingerprint scan
  • Retina scan
  • Face scan
  • Voice identification

Checking for Corruption

Another secure-computing need is to ensure that the data has not been corrupted during transmission or encryption. There are a couple of popular ways to do this:

  • Checksum - Probably one of the oldest methods of ensuring that data is correct, checksums also provide a form of authentication because an invalid checksum suggests that the data has been compromised in some fashion. A checksum is determined in one of two ways. Let's say the checksum of a packet is 1 byte long. A byte is made up of 8 bits, and each bit can be in one of two states, leading to a total of 256 (28 ) possible combinations. Since the first combination equals zero, a byte can have a maximum value of 255.
    • If the sum of the other bytes in the packet is 255 or less, then the checksum contains that exact value.
    • If the sum of the other bytes is more than 255, then the checksum is the remainder of the total value after it has been divided by 256.

Let's look at a checksum example:

Byte 1

Byte 2

Byte 3

Byte 4

Byte 5

Byte 6

Byte 7

Byte 8













  • 1,151 / 256 = 4.496 (round to 4)
  • 4 x 256 = 1,024
  • 1,151 - 1,024 = 127
  • Cyclic Redundancy Check (CRC) - CRCs are similar in concept to checksums, but they use polynomial division to determine the value of the CRC, which is usually 16 or 32 bits in length. The good thing about CRC is that it is very accurate. If a single bit is incorrect, the CRC value will not match up. Both checksum and CRC are good for preventing random errors in transmission but provide little protection from an intentional attack on your data. Symmetric- and public-key encryption techniques are much more secure.

All of these various processes combine to provide you with the tools you need to ensure that the information you send or receive over the Internet is secure. In fact, sending information over a computer network is often much more secure than sending it any other way. Phones, especially cordless phones, are susceptible to eavesdropping, particularly by unscrupulous people with radio scanners. Traditional mail and other physical mediums often pass through numerous hands on the way to their destination, increasing the possibility of corruption. Understanding encryption, and simply making sure that any sensitive information you send over the Internet is secure (remember the "https" and padlock symbol), can provide you with greater peace of mind.

Sunday, July 29, 2007

Safty measures to use internet with atmost care....

Ten thumb rules followed during internet access

It may sound clichéd to hear that Internet is the future.

However, despite the potential and prospects of the medium, many people scared to use it due to security fears (I know my friend will not use internet banking with ICICI and Punjab national bank where has the online accounting facility). At the same time, those who use the Internet often fumble when it comes to security. Here are 10 thumb rules to keep your personal information secure when online.

Favor common sense over technological solutions. Keep personal documents safe, preferably in a locked drawer. Shred bank statements, credit card slips and bills before throwing them away.

Rule 1

Never open unsolicited "spam" messages. Delete e-mails offering cash, free gifts or stock tips. Millions of unsolicited "spam" messages are sent every day in an attempt to defraud computer users.

Rule 2

Basic prevention helps. Protect your computer against identity theft. Install security

software to combat viruses, spy ware and spam and keep it updated.

Rule 3

Know enough about your firewall, the barrier between the public Internet and a personal computer, to know when it is working and when it isn't. Don't worry about the geeky complexity of it all, just know it's operating.

Rule 4

Beware of "phishing", where criminals trick people into revealing personal or financial

details, often by sending e-mails purporting to be from a bank. Never casually reply

to requests for your personal financial details.

Rule 5

Keep your private e-mail address secure. Consider using different e-mail accounts for

shopping, banking, friends and work. There are many free account providers.

Rule 6

Do not use the same password for different sites. Choose passwords with a mix of letters, numbers and symbols. Don't use obvious passwords, such as your first name or "123456" and don't write them down. For memory's sake, choosing a basic root word, then rotating numbers, is safer.

Rule 7

Make online payments safely. Never enter a card number unless there is a padlock in the Web browser's frame, rather than the Web page. The Web address should begin with "https" -- the extra "S" stands for "secure". Consider reserving one credit card for Web use or signing up for a separate online payment service like PayPal.

Rule 8

Secure your wireless network at home and be wary when using public access points. Encrypt the connection to scramble communications over the network.

Rule 9

Turn off the wireless network when you're not using it.

Rule 10

Treat your laptop computer like cash -- never leave it in a locked car or turn your back while using it in a public place. The same holds true with your mobile phone: Lock your phone (and any passwords you keep on it) when not using it.