Tuesday, January 5, 2010

What is PROFESSIONAL?

This are some definition of a Professional

professional traditionally means a person who has obtained a degree in a professional field. The term professional is used more generally to denote a white collar working person, or a person who performs commercially in a field typically reserved for hobbyists or amateurs.

professional engaged in a profession or engaging in as a profession or means of livelihood; "the professional man or woman possesses distinctive qualifications"; "began her professional career after the Olympics"; "professional theater"; "professional football"; "a professional cook"; "professional actors and athletes"
-or pertaining to a profession, or calling; conforming to the rules or standards of a profession; following a profession; as, professional knowledge; professional conduct.
-A person who prosecutes anything professionally, or for a livelihood, and not in the character of an amateur; a professional worker.
references:



Ethics in Information Technology by George Reynolds (2006)
http://www.thefreedictionary.com/professional
http://www.brainyquote.com/words/pr/professional207054.html
Posted by at No comments:

Types of Attacks to Computer System

List of different forms of attack that threatens Computer Security.
  1. Trojan horse - Comes with other software.
  2. Worm - Self-reproducing program. Creates copies of itself. Worms that spread using e-mail address books are often called viruses.
  3. Logic Bomb - Dormant until an event triggers it (Date, user action, random trigger, etc.)
  4. DoS- Denial of Service
  5. Virus - Reproduces itself by attaching to other executable files.

Hacker Attacks are various forms that exploit weakneses in security. Many of these may cause loss of service or system crashes.

  1. Password cracking - Used to get the password of a user or administrator on a network and gain unauthorized access.
  2. DNS poisoning - This is an attack where DNS information is falsified. This attack can succeed under the right conditions, but may not be real practical as an attack form. The attacker will send incorrect DNS information which can cause traffic to be diverted. The DNS information can be falsified since name servers do not verify the source of a DNS reply. When a DNS request is sent, an attacker can send a false DNS reply with additional bogus information which the requesting DNS server may cache. This attack can be used to divert users from a correct webserver such as a bank and capture information from customers when they attempt to logon.
  3. Gaining access through source routing. Hackers may be able to break through other friendly but less secure networks and get access to your network using this method.
  4. IP spoofing - An attacker may fake their IP address so the receiver thinks it is sent from a location that it is not actually from.
  5. Server spoofing - A C2MYAZZ utility can be run on Windows 95 stations to request LANMAN (in the clear) authentication from the client. The attacker will run this utility while acting like the server while the user attempts to login. If the client is tricked into sending LANMAN authentication, the attacker can read their username and password from the network packets sent.
  6. Man in the middle attack -
  7. Session hijacking - An attacker may watch a session open on a network. Once authentication is complete, they may attack the client computer to disable it, and use IP spoofing to claim to be the client who was just authenticated and steal the session.
Posted by at No comments:
Subscribe to: Posts (Atom)