A place to share your Knowledge….


Free Adobe Acrobat Writer (Alternative Software for Abode Acrobat)

If someone asks a question do you have Adobe Acrobat on your system, 95% of the people would say yes, and when you ask them to convert a word document to .pdf they would come back saying that I have Adobe Acrobat reader installed.  Adobe Acrobat Reader is freeware, which can be used to view .PDF files whereas Adobe Acrobat, which can be used to create and edit .PDF files, comes at a cost.


There are several freeware Acrobat Writers available on the internet. You can check www.download.com for several freeware Acrobat Writers.  I am reviewing one such freeware Acrobat Writer doPDF. Please feel free to let me know your views and comments and if you find a better tool please share it with me so that I can add it here.


doPDF doesn’t provide In-Application editing i.e. you cannot open a PDF document in doPDF GUI and Edit it. What doPDF does is it creates a Virtual Printer in your Control Panel > Printers. You can design your document in any application and convert the document into .pdf by printing the document using the doPDF virtual printer. You can download doPDF from the below link.

Please get back to me if you need any further clarification.

Link: http://www.ziddu.com/download/3175737/dopdf.exe.html

More Informaton

Link: www.doPDF.com

1 Comment


Executive Overview

Companies are realizing the need for the latest Enterprise Hardware and Software for running their business, particularly in extending the office environment to mobile employees. With the amount of confidential information that this mobile environment holds and impact to the organization if this information falls in the hands of competitor, companies have security at the top of their list when evaluating such wireless solutions. This white paper throws some light on the various threats to BlackBerry devices and some solutions/recommendations to counter them.

If someone thinks about a Mobile Solution, first thought would be BlackBerry. The reason for this being it already occupies majority of the existing market share, it is supported by most of the mobile service providers and because of its functionality. With Blackberry’s there is an inherent feeling of security. Vulnerabilities on Laptops are discussed on a regular basis, but there haven’t been any cover story stuffs on BlackBerry Hacks or Vulnerabilities in the press.


BlackBerry’s inherent sense of security doesn’t mean they are tightly secure. You can say that they do not have the same number of public vulnerabilities that laptop computer have. But if you think BlackBerry as a Computer (which it is), there would be vulnerabilities exploited sometime in near future. There would be millions of people out there trying to write exploits to take advantage of the confidential data available in the BlackBerry devices.

Common threats to BlackBerry’s include

• Malware
• Direct Attacks
• Intercepting BlackBerry communication
• Spoofing and intercepting authentication
• Physically compromising the BlackBerry

Threats to BlackBerry

One of the most widely used security threat to compromise the security of a computer system is a Malware attack. Malware, in other words Malicious Software, which is designed to damage the computer system without the owner’s consent. BlackBerry are also computers, they run an operating system and are prone to the Malware attacks. Will go through a scenario and understand the threats to BlackBerry device. Company A showcases itself as one of the tech savvy companies. It invests hugs amounts of capital on the latest Corporate Hardware and Software. Most of their employees travel on a regular basis. So the CIO realized the need to implement an advanced mobile communications solution to ensure that their mobile employees can securely access their email, make phone calls, and surf the Internet at anytime from any location. After some researching they decided to implement an enterprise BlackBerry Solution.

Based on the reputation of security of BlackBerry devices the CISO of Company A felt very comfortable with the solution. The solution was ordered and implemented within a very short notice and the employees are very happy with the new Mobile Solution. Company A had direct competition with Company B for projects for quite sometime now. Both companies are bidding on a big project which would decide the future of both the companies. It would be a significant advantage to the company which secures the project. The decision date was very near so most of Company A’s executives were traveling to the prospect’s offices and between Company A’s offices in an effort to secure the project. By, utilizing their new BlackBerry solution they had an advantage over Company B with the latest updates instantly available through their new solution. The BlackBerry’s become their sole device for their out-of-office communication. While conversing with a key decision-maker at the prospective client’s company, the CEO of Company A stayed in contact with his company via his BlackBerry. He opened numerous emails from numerous sources, which included Word documents, Excel spreadsheets, and even some faxes sent via email. The key decision-maker commented on how this was crunch time and that his team would be making a decision imminently.

Sometime around 2’o clock the CEO of Company A receives a phone call from his CIO. There seems to be a problem with the BlackBerry Service. The Attachment service is coming up and going down. Due to this the employees are having problems sending and receiving attachments. The employees at Company A needed to continuously share important pricing and contractual documents with the personnel at the company offering the project. This technical problem resulted in Company A loosing the project.

Analyzing an Attack

The technical problem which resulted in Company A loosing the project was a Malware-initiated denial-of-service (DoS) attack. The result of the attack was disruption of communication within Company A by flooding the BlackBerry Enterprise Server and chocking it down and was spearheaded illegally by Company B. While Company A’s employees unable to share information during crunch time, the competition had an advantage in securing the project. This was done by taking advantage of various vulnerabilities, some social and some technical. It started with a Social Vulnerability and was easy to execute since it didn’t involve any technical expertise. At a job fair about a month back Company A’s employees were telling how their company was so much better than the competition, even stating that their marketing guy’s new BlackBerry blew away the competition’s laptops. This has given Company B heads-up about what Technology Company A was using.

Now Company B knows that Company A uses BlackBerry, now the next technical step was to implement the DoS attack. The CEO of Company B hired a hacker to launch an attack on Company A. The hacker by ‘Googling’ found DoS vulnerability for BlackBerry. If he can run the DoS vulnerability it would result in disruption of Company A’s communications. And this would make Company A unable to communicate with the prospect’s office and that could be enough from Company B to win the contract. To run the DoS attack, the hacker followed the following steps which are common with hackers implementing such attacks:

• Gather information
• Set up for the attack (including a way to cover tracks)
• Launch the attack

Collating Information

Collating information was the easiest thing to do, because in most cases the information required in this step would be email address and phone number which is generally published on the company websites. If the information is not published on the Website hacker can directly call the company and ask for the head of projects, marketing, etc and get those details.

This apart there are other social engineering threats, where colleagues, friends or any known person may pass the personnel details about your mobile and email address. As the sources of collecting information are many, the hacker may try one or all options to obtain and collate information to set up the attack.

Setting Up for the Attack and Covering Tracks

Setting up an attack is easy, but to cover his tracks needs some planning. The hacker can send a simple email with infected .TIFF file, but he can be easily traced back and held responsible by using the IP Addresses in the email headers. Every email that is being sent from an IP Address would have the IP Address from which it is sent, the route which it has followed in the email headers. So by carefully analyzing the email headers the origin of the email can be found and traced back. So to cover his tracks the hacker would create a temporary email id on a free email service provider like yahoo or gmail. He also needs to find a way to hide his real IP Address.

There are two ways to hide the original IP Address:

• Sending the email from a Internet Café or public Wi-Fi hotspot
• Using an anonymizer to hide the real IP address

Launching the Attack

The hacker composes an email, attaches the infected .TIFF file and sends it to the email addresses he has found in the Collating Information phase. Once the email reaches the users BlackBerry device, the user needs to open the infected .TIFF attachment which would trigger the DoS attack. Since the user gets faxes sent via email in .TIFF format, without doubting the user would try to open the attachment and respond to it immediately.

Process flows as shown below: The infected .TIFF file is sent as attachment by the Hacker from an Anonymized IP address. The email with the infected .TIFF attachment reaches the User’s BlackBerry device. When user tries to open the attachment, it crashes the Attachment Service on the BlackBerry Enterprise Server. Internet is the medium used by Company A to access their BlackBerry Enterprise Server and Company B’s hacker to launch the attack. With the Attachment Service down, nobody in the company can send or receive any attachments. Because urgent, communications with valid attachments need to be sent and received to help win the big project, this would give an edge for Company B over Company A in securing the project.

Protecting against Attack

Company A should have taken some precautions to avoid such an attack. Further, there are several steps Company A needs to take to prevent future Malware attacks from occurring. This section describes ways to prevent this specific attack from occurring, as well as define ways to prevent future BlackBerry-related Malware attacks.

BlackBerry identifies the problem by saying the following:

• A corrupt .TIFF file sent to a user may stop a user’s ability to view attachments.
• There is no impact on any other services (for example, sending and receiving messages, making phone calls, browsing the Internet, and running BlackBerry wireless device applications to access a corporate network).
• The BlackBerry Attachment Service automatically restarts either immediately or within a specified time period (the default is 25 minutes). The administrator can restart the Attachment Service at any time.
• You may notice the portion about the automatic, default restart of the Attachment Service after 25 minutes. In our example, the default restart is why mobile users were able to view attachments intermittently. The service would restart itself, and then a different user would attempt to view the malformed .tif, only to inadvertently crash the Attachment Service again.

To protect BlackBerry Enterprise Servers from this exploit, BlackBerry offers Service Pack Hotfixe’s. In addition, there is a workaround where administrators can disable the processing of .tif’s or can disable attachments altogether. Depending upon the enterprise in question, this may not, in and of itself, be disruptive. However, it would make a whole lot of sense for a company under this attack to filter out the .tif’s while it makes plans to follow the aforementioned upgrade procedures.

To exclude TIFF images from being processed by the Attachment Service as part of the workaround, do the following:

1. On the desktop, click Start Programs  BlackBerry Enterprise Server BlackBerry ESC.
2. Click the Attachment Server tab.
3. In the Format Extensions field, delete the .tiff and .tif extensions.
4. Click Apply then click OK.
5. In Microsoft Windows Administrative Tools, double-click Services.
6. Right-click BlackBerry Attachment Service then click Stop.
7. Right-click BlackBerry Attachment Service then click Start.
8. Close the Services window.

Even though the .tiff and .tif extensions have been removed from the list of supported file types, the Attachment Service may automatically detect a TIFF file with a renamed extension and attempt to process the file. Administrators may need to disable the image attachment distiller.

To disable the image attachment distiller, follow these steps:

1. On the desktop, click Start Programs BlackBerry Enterprise Server BlackBerry ESC.
2. On the Attachment Server tab, select Attachment Server from the Configuration Option.
3. In the Distiller Settings window, clear the Enabled check box for Image Attachments.
4. Click Apply then click OK.
5. In Administrative Tools, double-click Services.
6. Right-click BlackBerry Attachment Service then click Stop.
7. Right-click BlackBerry Attachment Service then click Start.
8. Close the Services window.

New Vulnerabilities

The BlackBerry technology is evolving rapidly to match the business need of today’s world. This also means that there are new vulnerabilities growing along with the latest features. To encounter these new vulnerabilities the administrators should be aware of latest tools and techniques. There are quite a few good web sites and email-subscription services that can enlighten administrators to new vulnerabilities to not only their BlackBerry devices, but to just about any computer technology. To protect enterprise BlackBerry’s, it is important to know about these sites and services and to take advantage of their knowledge.

Securing through Antivirus Software

In addition to taking the previously mentioned measures, it is important to be knowledgeable about antivirus solutions for BlackBerry’s, just as it is to do so for laptops, desktops, and other computer systems.

For more blogs of Technology check my current blog at www.sunilsaripalli.com


Find out the Country (Location) of the person you are chatting with.

If you are chatting with a person on Yahoo Messenger, do you know how to find the Location of the person you are chatting with? You can use a simple command and some googling to find out the location of the person you are chatting with.


When ever you use the Internet, in fact any network, the communication should happen between 2 Computers which are uniquely identified by 2 IP Address. But in most cases these IP Address might not be unique for your Computer but unique for your ISP. Simply speaking the router at your ISP is connected to the Internet. The connection between your computer and your ISP is a local network. Your ISP Routers acts as the middle man is making the Internet requests on your behalf and getting the Internet results back to your machine. So you can in most cases trace back an internet connection to the ISP, i.e. to the Country, State, City and ISP.


When ever you chat with a person using Yahoo Messenger your messages are sent to a Yahoo Server and the Server relays the messages to the person you the chatting with. So if you find the IP Address in such a scenario you will find the IP Address of the Server but not of the person who is chatting with you. Yahoo Messenger uses P2p Technology when you transfer a file from your system to the other persons system. So when you find out the IP Address of the Destination Computer when you do a Yahoo File Transfer you can actually find out the IP of the other person and hence the location.


When you are trying to find out the Location of the person chatting with you, you should make him accept a file transfer request, in this way a connection would be established between your computer and his computer. Remember to send a file which is at least 3-4 MB in size so that you have some time to capture the active connections. Once he accepts and the file transfer starts, open command prompt and type the command netstat –n, this would give active TCP Connections on each Port.


C:\Documents and Settings\User Name>netstat –n


Active Connections


  Proto  Local Address          Foreign Address        State







C:\Documents and Settings\User Name>


The out put of netstat –n command would be something similar to the above. From the above list you need to filter the Foreign Address filed to get the IP Address of the Person chatting with you. When you are trying this close all Internet Applications like Messengers and File Sharing application and close all browser windows. Then you would have very few results and you can easily filter the IP Addresses.


You can use the Wiki link http://en.wikipedia.org/wiki/Netstat to find more about the Netstat command.


You can use the Wiki link http://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers to filter the foreign address based on port numbers.


Once you find the IP Address you can go a site like http://tools.whois.net/whoisbyip/  to find who is of that IP Address. Whois basically gives details like the address of registration, company name and contact details.


To find your own IP Address you can use the command ipconfig /all.


If you need any further clarification please get back to me.

For more blogs of Technology check my current blog at www.sunilsaripalli.com



1 Comment

Think before you print…

I would dedicate this Blog for the environment. I am someone who never thought about the environment, for example I always used to throw the paper plates I eat and cool drink bottles I drink out of my car onto the road without even thinking, What am I doing? I never felt it wrong until I had a friend, who doesn’t like to do that. After her warning me few times I realized what I am doing. And now I don’t drop them out but drop them in a dust bin.


It’s a very small thing which we need to do and these small things would cumulate to make a difference. I would also say that we need to educate people around us that small things make a big difference. So my Blog today would be part Technical and part Nature Saving.


I would like to talk about Printers and printing. What is the cost of an Inkjet Printer? The answer would be a few thousand rupees depending on the functionality of the printer. What is the cost of the Ink Cartridge? The answer would be a few thousand rupees depending on the make and model of the Cartridge. I have seen printers in the market which sell for 3000 INR and the cost of the Ink Cartridge would be 2000 INR. So is the actual cost of the printer 1000 INR.


The answer would be No. The Printer manufacturers actually sell the printer at a loss and would make up by selling the Ink Cartridges. On an average an Inkjet Printer Cartridge would last for around 500 prints or 6 Months. So if you buy a printer and use it for 3 years you are actually paying him 3000+12000=15000 INR.


You might say that we can use off-market or refilled cartridges, then you need compromise on print quality and manufacturer warranty for your printer. So when are you thinking of buying a Printer choose Laser over Inkjet. Because laser printers use Toner in place of ink and would last few thousand copies compared with the few hundred copies inkjet cartridges last.


Also make it a habit to print on both sides of the paper. Agreed it would need some effort if you don’t have a printer that supports duplex printing, but you can always print odd pages first and then print the even pages.

For more blogs of Technology check my current blog at www.sunilsaripalli.com




1 Comment

Hi to all

Hi to everyone who are visiting my Blog…sorry for not posting blogs in the last 2 months…i have shifted from CTS to Deloitte and an trying to find my feet in Deloitte…so not finding the time to blog..but i would be back to myself sometime soon and my blogs will flow…..

One of my friend had a small idea and we want to materialise it…the idea was to start a website on conserving the environment…..we have registered a domain and hosted a template at www.save2survive.com do look at the template and get back with ur comments….i would also encourage active participation of all of you people becuase its something for all of us….we would be hosting a blog and updating the stuff shortly…ur contibutions and comments are welcome…

As per my blogs goes i can promise you a blog a day from now on…..keep comming back…feel free to ask if you need some technical help…if i dont have the solution i will try to get it for you….and remember to post some comments….which is something which would encourage me to blog even better……those comments….would be the energy for me……:)

For more blogs of Technology check my current blog at www.sunilsaripalli.com

Leave a comment

A blog on Windows…

What is an Operating System? A good answer would be “A set of programs that provide a GUI to interact with various devices in a computer”. This definition would hold good until a few years back, when an operating system is just a few icons and menus that you see when you switch on your computer. Operating systems provided file and device management using a Basic GUI.


But with the development of computers, operating systems also evolved a lot. From simple file and device management solution, modern day operating systems should be stable and secure the data stored on a computer. The data stored on a computer can be anything from music, movies and photos to data that you have generated and stored in different files. It takes only a small virus, a power surge or a device failure to destroy data.

Today’s operating systems try to anticipate such scenarios and issue warning messages and take pro-active steps to minimize the data loss. I would talk about Windows XP and Windows Vista because 80% of computers run on Windows Operating system and Windows Vista is an upgrade to Windows XP.

Windows XP has been around for 8 years now and in considered one of the best operating systems released by Microsoft. When Windows XP was released it was considered a resource hogger. Windows XP required 128 MB of RAM to run smoothly. And there are many complaints from long installation times to frequent crashes. Microsoft released Service Pack 1 and things changed. Most of the security holes are fixed and Windows XP became stable. Windows XP was built to give a better user experience by easy installation and plug & play capability.

After a few years with XP, internet threats have grown and Microsoft started bundling Anti-spyware products along with Windows XP. This didn’t help much, and since Windows XP is the most used, hackers tried to find ways to break into Windows XP systems. This triggered the need for a more secure operating system and there came Windows Vista into picture.

Some of the problems with Windows XP are that password protection is not secure enough, users can use Bootable live CD’s like miniPE or Road Starter to bypass Passwords and access the file system. The other major issue is Internet Explorer 6 which is the number one target for hackers. By exploiting the security homes in IE6 hackers can take control of IE and hence the Windows XP box. And last but not least, when you try to search for a file under Windows XP, you have a terribly slow search tool.

Now its Windows Vista which is structurally more robust and is much more visually appealing. Vista comes with Encrypted File System (EFS) which takes care of file level security. Vista allows one to encode an entire partition or hard disk with just a few clicks. In Windows Vista Internet Explorer runs with restricted permission. If a malicious piece of code enters the system through the browser it cannot do much harm, since Vista simply refuses to permit to run it. File Searching has improved a lot with Vista.

But 2 of the night mares with Vista are getting your old hardware running and the annoying popup prompting you to allow or block any action you have performed.

For more blogs of Technology check my current blog at www.sunilsaripalli.com