Ethical Hackers

Penelitian Etika di Kantor

2011-11-23T18:18:00.000-08:00

Etika dibuat untuk membuat segala sesuatu menjadi lebih baik dan lebih pantas terlihat dari yang terbayangkan. Etika kalih ini saya akan membahas tentang bagaimana sebuah etika di kantor adalah sesuatu yang masih pantas untuk di perbincangkan. karena, faktok bangsa indonesia merupakan salah satu negara yang penduduknya banyak bekerja di kantor walaupun petanipun masih banyak.

Etika yang harus diterapkan adalah :

1. Jangan menggunakan alasan apapun untuk terlambat apalagi untuk tidak masuk kantor.
2. Jangan membuka situs social networking, membuka fasilitas chat, dll. yang tidak berhubungan dengan pekerjaan kantor selama masih bekerja.
3. Jangan bermain game selama bekerja.
4. Jangan bergosip selama bekerja.
5. Jangan melakukan pelecehan sexual selama di kantor.
6. Jangan merokok dan minum-minuman keras selama di kantor.
7. Jangan mengusik orang/teman yang sementara bekerja di kantor.
8. Jangan membuang sampah sembarangan.
9. Jangan memegang komputer orang lain tampa ijin.
10. Jangan melihat,menghapus,mengcopy,bahkan mengedit pekerjaan orang lain.
11. Jangan mengeluarkan kata-kata kotor di kantor.

Dunia Etika Komputer

2011-11-10T00:51:00.000-08:00

Isu Seputar Etika Komputer

Lahirnya etika komputer sebagai sebuah disiplin ilmu baru dalam bidang teknologi tidak dapat dipisahkan dari permasalahan-permasalahan seputar penggunaan komputer yang meliputi kejahatan komputer, netiket, e-commerce, pelanggaran HAKI (Hak Atas Kekayaan Intelekstual) dan tanggung jawab profesi.

Kejahatan Komputer

Kejahatan komputer atau computer crime adalah kejahatan yang ditimbulkan karena penggunaan komputer secara ilegal. Kejahatan komputer terus berkembang seiring dengan kemajuan teknologi komputer saat ini. Beberapa jenis kejahatan komputer meliputi Denial of Services (melumpuhkan layanan sebuah sistem komputer), penyebaran virus, spam, carding (pencurian melalui internet) dan lain-lain.

Netiket

Internet merupakan aspek penting dalam perkembangan teknologi komputer. Internet merupakan sebuah jaringan yang menghubungkan komputer di dunia sehingga komputer dapat mengakses satu sama lain. Internet menjadi peluang baru dalam perkembangan bisnis, pendidikan, kesehatan, layanan pemerintah dan bidang-bidang lainnya. Melalui internet, interaksi manusia dapat dilakukan tanpa harus bertatap muka. Tingginya tingkat pemakaian internet di dunia melahirkan sebuah aturan baru di bidang internet yaitu netiket. Netiket merupakan sebuah etika acuan dalam berkomunikasi menggunakan internet. Standar netiket ditetapkan oleh IETF (The Internet Engineering Task Force), sebuah komunitas internasional yang terdiri dari operator, perancang jaringan dan peneliti yang terkait dengan pengoperasian internet.

E-commerce

Berkembangnya penggunaan internet di dunia berpengaruh terhadap kondisi ekonomi dan perdagangan negara. Melalui internet, transaksi perdagangan dapat dilakukan dengan cepat dan efisien. Akan tetapi, perdagangan melalui internet atau yang lebih dikenal dengan e-commerce ini menghasilkan permasalahan baru seperti perlindungan konsumen, permasalahan kontrak transaksi, masalah pajak dan kasus-kasus pemalsuan tanda tangan digital. Untuk menangani permasalahan tersebut, para penjual dan pembeli menggunakan Uncitral Model Law on Electronic Commerce 1996 sebagai acuan dalam melakukan transaksi lewat internet.

Pelanggaran HAKI (Hak Atas Kekayaan Intelektual)

Berbagai kemudahan yang ditawarkan oleh internet menyebabkan terjadinya pelanggaran HAKI seperti pembajakan program komputer, penjualan program ilegal dan pengunduhan ilegal.

Tanggung Jawab Profesi

Berkembangnya teknologi komputer telah membuka lapangan kerja baru seperti programmer, teknisi mesin komputer, desainer grafis dan lain-lain. Para pekerja memiliki interaksi yang sangat tinggi dengan komputer sehingga diperlukan pemahaman mendalam mengenai etika komputer dan tanggung jawab profesi yang berlaku.

Etika Komputer di Indonesia

Indonesia merupakan salah satu negara pengguna komputer terbesar di dunia sehingga penerapan etika komputer dalam masyarakat sangat dibutuhkan. Indonesia menggunakan dasar pemikiran yang sama dengan negara-negara lain sesuai dengan sejarah etika komputer yang ada. Pengenalan teknologi komputer menjadi kurikulum wajib di sekolah-sekolah, mulai dari Sekolah Dasar (SD) hingga Sekolah Menengah Atas (SMA sederajat). Pelajar, mahasiswa dan karyawan dituntut untuk bisa mengoperasikan program-program komputer dasar seperti Microsoft Office. Tingginya penggunaan komputer di Indonesia memicu pelanggaran-pelanggaran dalam penggunaan internet. Survei Business Software Alliance (BSA) tahun 2001 menempatkan Indonesia di urutan ketiga sebagai negara dengan kasus pembajakan terbesar di dunia setelah Vietnam dan China. Besarnya tingkat pembajakan di Indonesia membuat pemerintah Republik Indonesia semakin gencar menindak pelaku kejahatan komputer berdasarkan Undang-Undang Hak Cipta No. 19 Tahun 2002 (penyempurnaan dari UUHC No. 6 Tahun 1982 dan UUHC No. 12 Tahun 1997). Upaya ini dilakukan oleh pemerintah RI untuk melindungi hasil karya orang lain dan menegakkan etika dalam penggunaan komputer di Indonesia.

Sejarah Etika Komputer

2011-11-10T00:49:00.001-08:00

Sejarah Etika Komputer

Komputer ditemukan oleh Howard Aiken pada tahun 1973 Penemuan komputer di tahun 1973 ini menjadi tonggak lahirnya etika komputer yang kemudian berkembang hingga menjadi sebuah disiplin ilmu baru di bidang teknologi.

Generasi I (Era 1940-an)

Terdapat 2 peristiwa penting pada tahun 1940-an yaitu Perang Dunia II dan lahirnya teknologi komputer. Selama Perang Dunia II, Profesor Norbert Wiener mengembangkan sebuah meriam antipesawat yang mampu melumpuhkan setiap pesawat tempur yang melintas di sekitarnya. Pengembangan senjata tersebut memicu Wiener untuk memperhatikan aspek lain selain kemajuan ilmu pengetahuan dan teknologi yaitu etika. Dalam penelitiannya, Wiener meramalkan terjadinya revolusi sosial dari perkembangan teknologi informasi yang dituangkan dalam sebuah buku berjudul Cybernetics: Control and Communication in the Animal and Machine. Penelitian Wiener masih terus berlanjut hingga tahun 1950-an. Meskipun Wiener tidak pernah menggunakan istilah etika komputer dalam setiap bukunya, konsep pemikirannya telah menghasilkan fondasi yang kuat dalam perkembangan etika komputer di masa mendatang.

Generasi II (Era 1960-an)

Meningkatnya jumlah penggunaan komputer pada era tersebut membuat Donn Parker dari SRI International Menlo Park California melakukan berbagai penelitian terhadap penggunaan komputer secara ilegal. Menurut Parker, kejahatan komputer terjadi karena kebanyakan orang mengabaikan etika dalam penggunaan komputer. Pemikiran Parker menjadi pelopor kode etik profesi di bidang komputer (Kode Etik Profesional).

Generasi III (Era 1970-an)

Kecerdasan buatan atau artificial intelligence memicu perkembangan program-program komputer yang memungkinkan manusia berinteraksi secara langsung dengan komputer, salah satunya adalah ELIZA. Program psikoterapi Rogerian ini diciptakan oleh Joseph Weizenbaum dan mengundang banyak kontroversi karena Weizenbaum telah melakukan komputerisasi psikoterapi dalam bidang kedokteran. Istilah etika komputer kemudian digunakan oleh Walter Maner untuk menanggapi permasalahan yang ditimbulkan oleh pemakaian komputer pada waktu itu. Era ini terus berlanjut hingga tahun 1980-an dan menjadi masa kejayaan etika komputer, khususnya setelah penerbitan buku teks pertama mengenai etika komputer yang ditulis oleh Deborah Johnson dengan judul Computer Ethics.

Generasi IV (Era 1990-an)

Penelitian dan pelatihan etika komputer berkembang pesat mulai tahun 1990 hingga saat ini. Berbagai konferensi, riset, jurnal, artikel dan buku mengenai etika komputer terus berkembang sehingga masyarakat dunia menyadari pentingnya etika dalam penggunaan komputer. Etika komputer juga menjadi dasar lahirnya peraturan atau undang-undang mengenai kejahatan komputer.

Etika Komputer

2011-11-10T00:47:00.000-08:00

Etika komputer adalah seperangkat asas atau nilai yang berkenaan dengan penggunaan komputer. Etika komputer berasal dari 2 suku kata yaitu etika (bahasa Yunani: ethos) adalah adat istiadat atau kebiasaan yang baik dalam individu, kelompok maupun masyarakat dan komputer (bahasa Inggris: to compute) merupakan alat yang digunakan untuk menghitung dan mengolah data. Jumlah interaksi manusia dengan komputer yang terus meningkat dari waktu ke waktu membuat etika komputer menjadi suatu peraturan dasar yang harus dipahami oleh masyarakat luas.

Linux

2011-04-27T19:33:00.000-07:00

Did you know that Linux is a creature that can live in two worlds? The first is the natural "Text" and the second is the natural "Graphics / GUI".
Linux today has a lot of "evolved", its existence has now been proved that Linux is the most adaptable creatures. In ancient times, Linux is the only living creatures in nature text only, and only certain people can maintain Linux, they are the Wizard and the Hacker. That only with gcc, bash, emacs, and other tools from the GNU, Linux was born into the world of mortal, very wild and can only be controlled by certain people only.

But now, even appearing in the Linux KDE, Gnome too, BlackBox, Enlightenment, IceWM, XFCE, WindowMaker and other desktop environment that has its own beauty and convenience for the wearer who is said to lay still.

But can not be denied again, the power of Linux still in the wild text or console or tty or terminal, where each user always type the mantra-mantra through a combination of commands and scripts or in the form of codes that make Linux can do many things just in one execution.

For users new to Linux, is still understandable that the use of graphics in Linux is an exciting addition to the user who is also very flexsibel easy, everything can be arranged in accordance with user preferences. Any Linux developers trying to introduce to the user who is still in the opium Microsoft to get to know Linux even further by implying that Linux is easy, just click here click there then all is done, not much different from their habits when they are still alive in the wild Microsoft is beautiful and completely easy, but in their daily life they never be separated from various problems.

Linux is very powerful. For expert users or Linux Wizard or the Hacker Linux, text mode is always the top choice in conducting their daily work. They make magic spells in their terminals, they made only one execution to resolve some of the problems they face. Linux Commands which they set no arbitrary commands, so type the enter key a few times, then the target computer will "explode". Excellence is a combination of Linux commands, has been exploited by hackers since the legendary world of ancient times long before Linux was born, which since its time-sharing-Time UNIX, Linux ancestors in the 70s and 80s.

We can even now posing as them, pretending to be an expert or become the expert by familiarizing themselves are in the dark nature, that is by leaving the graphics mode and start using beautiful text mode, press "ctrl + alt + F1" then we will be in era of the 70s, where all the legendary computer world experienced periods of glory by the king of the wild world of virtual networks.

Graphics / GUI in Linux was not a problem, as we always use the xterm (terminal) or konsole (KDE) or rxvt or whatever it's called in order to familiarize themselves still lived in the text. Let me look cool, use Blackbox or Fluxbox or WindowMaker or Enlightenment, do not use KDE or Gnome. Let me look good, use the "wterm-tr-sh-fg red-bg white-sl 1500-fn lucida10" as your toy terminal, in WindowMaker or Blackbox. Familiarize yourself using "vi" or Emacs as your editor everyday, do not use the "Edit +", it is not cool. Memorize Linux commands, system calls are also a very powerful programming languages like C, Perl, Shell Scripting, Java, Python and others. Practice using the stream editor like sed or awk or ed, with the stream editor you can edit files without having to open the file. note the following command:

[Root @ linux] # for data in `find / var-type f`; do cat $ data | sed 's/192.168.1.130 / \
> 192.168.1.150 / g '> $ data.bak; mv $ data.bak $ data; done

This command will search all regular files in the folder / var, and if the file contains no IP address is 192.168.1.130 in it it will be changed to 192.168.1.150. This is used to remove traces of the hackers who have entered into the target computer system.

(There is no magic from the above command, this is because the author was still young in the affairs of the experience)

So easy to do many things in just one execution. The above command instructs to search the files in the folder / var that may amount to hundreds or even thousands of files, and then change the string contained in the files that have been found without us having to open the file one by one, if the file number reaches hundreds files or even thousands, imagine if we have to edit them one by one just to change our log files in the system, due to the fear we will be caught off guard by the administrator.

Linux easier for all of them. If we are good at looking for internet sources of knowledge about Linux, then we will eventually prevail, and make Linux as our weapon to face competition in the world of information technology is increasingly heating up in our homeland and throughout the world, why? because we have mastered the tools are a mainstay of the hackers of the world that has become a legend for many decades in the digital nature.

The difficulty in using Linux is the beginning of our learning process in mastering what is the history of the world's information technology, namely the operating system GNU / Linux. So do not ever give up in finding out, because the hacker is a person full of curiosity and want to learn, no matter with what will happen because of his curiosity and did not care about the environment. So do not be shy to find out, quite the contrary, we should feel proud, because we are studying what is a hot topic of information technology in the world today, especially those related to security, stability and ability.

So the point is, we learn Linux is not to make ourselves, but we're doing our improvement in studying the logic-logic in the computer world in general. With Linux know we came to know that a program can be run because there is a kernel, we can also know what makes the operating system is running, we know analogies programming as well as basic concepts. Because "Linux was created hackers for hackers." (Linus Torvalds)

Macintosh

2011-04-27T19:32:00.000-07:00

Macintosh, or abbreviated as Mac, is one type of PowerPC-based personal computers manufactured by Apple. This computer is named for the McIntosh, a kind of apple you like Jef Raskin. Macintosh was first introduced in January 1984 through the Super Bowl ads are phenomenal. Macintosh was the first to introduce a computer system graphical user interface (GUI). At that time, the steps taken by Apple is a revolutionary development in the world of personal computers.

Microsoft Windows

2011-04-27T19:30:00.000-07:00

Microsoft Windows or better known as Windows is a family of operating systems. developed by Microsoft, by using a graphical user interface.

Windows operating systems have evolved from the MS-DOS, an operating system-based textmode and command-line. The first Windows version, Windows Graphic Environment 1.0 was first introduced on November 10, 1983, but the new exit the market in November 1985, which was made to meet the needs of a computer with a pictorial display. Windows 1.0 is a software 16-bit extra (not an operating system) that runs on MS-DOS (and some variants of MS-DOS), so he will not be able to run without the DOS operating system. Version 2.x, 3.x version is the same. Some of the latest version of Windows (starting from version 4.0 and Windows NT 3.1) is an independent operating system that no longer depend on MS-DOS operating system. Microsoft Windows and can be developed and can competently use an operating system until it reaches 90%.

Oracle Certified

2011-04-27T01:25:00.000-07:00

Oracle Certified

Database Management System (DBMS), or simply called a database, which is currently the most widely used by the enterprise (big companies) is Oracle. The easiest indicator is job Database Administrator (DBA) Oracle is the most widely among the existing vacancies DBA. Try it in jobsdb.com vacancy search with the keyword "database" or "DBA", which appears most [nearly] certainly Oracle DBA.

With many Oracle DBA's vacancy, certainly adds an opportunity for job seekers. Here are the things that need to be possessed by job seekers tsb:
- Understanding the concept of an Oracle database (required)
- Experience as a DBA (usually optional, not mandatory for entry-level)
- Training Oracle database (virtue)
- Oracle DBA Certificate (virtue)

Having a certificate is a virtue, let alone working as a DBA at the consulting firm (vendor). The certificate indicates that the holder has a deep knowledge of Oracle databases. With the same knowledge and experience, certificate holders have more opportunities to get jobs and higher salaries.

Oracle DBA issued several types of certificates
- Oracle Certified Associate (OCA)
- Oracle Certified Professional (OCP)
- Oracle Certified Master (OCM)

Currently, Oracle issued a certificate to a database version 9i, 10g, and 11g. Certificates for the database version 8i down is no longer valid.

Cisco Certified

2011-04-27T01:15:00.000-07:00

Cisco Certified

cisco at first was a network in the campus located in the United States, which is made by the students there for the connections between computers, then made the devices to support the needs of the network, which ultimately arise Cisco name.

the more time passes, eventually issued a certification cisco we know academic CNAP (Cisco Network Academy Program). There are levels of certification :

Level Basic :
- CCENT (Cisco Certified Entry Networking Technician)

Level Associate :
- CCNA (Cisco Certified Network Associate), dibagi lagi : Security, Service Provider, Voice, Wireless
- CCDA (Cisco Certified Design Associate)

Level Profesional :
- CCNP (Cisco Certified Network Professional)
- CCDP (Cisco Certified Design Professional)
- CCIP (Cisco Certified Internetwork Professional)
- CCSP (Cisco Certified Security Professional)
- CCVP (Cisco Certified Voice Professional)

Level Advance/Expert :
- CCIE (Cisco Certified Internetwork Expert)
- ada bagian Routing Switching (CCIE RS)
- ada bagian Service Provider (CCIE SP)
- ada bagian Security (CCIE Security)
- CCDE (Cisco Certified Design Expert)

Script Kiddie

2009-07-23T16:21:00.000-07:00

In hacker culture, a script kiddie, occasionally script bunny, skiddie, skid, script kitty, script-running juvenile (SRJ), or similar, is a derogatory term used to describe those who use scripts or programs developed by others to attack computer systems and networks. It is generally assumed that script kiddies are juveniles who lack the ability to write sophisticated hacking programs or exploits on their own, and that their objective is to try to impress their friends or gain credit in computer-enthusiast communities.The term can also be used as a name for someone with a good knowledge of computers who uses the premade tools as a shortcut or just for fun.

Script kiddies have at their disposal a large number of effective, easily downloadable malicious programs capable of harassing even advanced computers and networks.Such programs have included WinNuke applications, Back Orifice, NetBus, Sub7, Metasploit, ProRat and often software intended for legitimate security auditing.

Another simple means of attack is a mass mailer worm. These are spread through e-mails and, once opened, they can be automatically sent throughout entire systems, often without the users realizing it. The purpose of a worm varies, from sapping the targeted computer or network of bandwidth and therefore slowing performance, to deleting or encrypting files. Other commands are possible.

In a denial-of-service (DoS) attack, the attacker tries to shut down network activity in a target system by sapping the computer network of bandwidth or other resources. A number of distinct DoS attacks have been created that pursue this goal through different means, such as SYN flood, ICMP butt-flood (a.k.a Smurf attack) and ping floods. If the server gets overwhelmed with excessive amounts of information, it will stop responding and may require a restart.

Grey Hat

2009-07-23T16:13:00.000-07:00

A grey hat, in the hacking community, refers to a skilled hacker who sometimes acts illegally, sometimes in good will, and sometimes not. They are a hybrid between white and black hat hackers. They usually do not hack for personal gain or have malicious intentions, but may or may not occasionally commit crimes during the course of their technological exploits.

One reason a grey hat might consider himself to be grey is to disambiguate from the other two extremes: black and white. For example, a grey hat hacker may penetrate a computer system without authorization, an illegal act in most countries. However, the hacker may simply patch the security hole that allowed them access without damaging the system. In this situation, they may or may not disclose their activities, due to legal ramifications. It is possibly misleading to say that grey hat hackers do not hack for personal gain. While they do not necessarily hack for malicious purposes, grey hats do hack for a reason, a reason which more often than not remains undisclosed. A grey hat will not necessarily notify the system administrator of a penetrated system of their penetration. A grey hat will prefer anonymity at almost all cost, carrying out their penetration undetected and then leaving undetected. Consequently, grey hat penetrations of systems tend to be far more passive activities such as testing, monitoring, or less destructive forms of data transfer and retrieval.

In addition, they may be further disambiguated by their stance as it refers to the proper disclosure of computer security flaws. Whereas a white hat will generally work with a vendor to correct the flaw, within a time frame, or under certain conditions. They also may attempt to pressure vendors to release a patch for a flaw through the possibility of disclosure. Their intention is to make systems safer. A black hat will generally never disclose information to the public, since doing so will cause systems to be patched and greatly reduce the effectiveness of the vulnerability. In fact there has been a long standing controversy of black hats opposed to the white hat policy of full disclosure. Grey hats may or may not release vulnerabilities to the vendor or the public. They may attempt to sell them to black hats or white hats.

White Hat

2009-07-23T16:02:00.000-07:00

A white hat is the hero or good guy, especially in computing slang, where it refers to an ethical hacker or penetration tester who focuses on securing and protecting IT systems.

White hat hackers, also known as "ethical hackers," are computer security experts, who specialize in penetration testing, and other testing methodologies, to ensure that a company's information systems are secure. Such people are employed by companies where these professionals are sometimes called "sneakers."[citation needed] Groups of these people are often called tiger teams or red teams. These security experts may utilize a variety of methods to carry out their tests, including social engineering tactics, use of hacking tools, and attempts to evade security to gain entry into secured areas.

The National Security Agency offers certifications such as the CNSS 4011. Such a certification covers orderly, ethical hacking techniques and team management. Aggressor teams are called "red" teams. Defender teams are called "blue" teams.

Black Hat

2009-07-23T15:36:00.000-07:00

A black hat is the villain or bad guy, especially in a western movie in which such a character would wear a black hat in contrast to the hero's white hat. The phrase is often used figuratively, especially in computing slang, where it refers to a hacker who breaks into networks or computers, or creates computer viruses.

Black Hat Hackers (also called "crackers"), are hackers who specialize in unauthorized penetration. They may use computers to attack systems for profit, for fun, or for political motivations or as a part of a social cause. Such penetration often involves modification and/or destruction of data, and is done without authorization and hence they should not be confused with ethical hackers.

They also may distribute computer viruses, Internet worms, and deliver spam through the use of botnets. The term may also refer to hackers who crack software to remove protection methods: copy prevention, trial/demo version, serial number, hardware key, date checks, CD check (NO-CD) or software annoyances like nag screens and adware.

Backdoor

2009-07-19T17:33:00.000-07:00

Backdoor or "back door", in the security computer system, refers to mechanisms that can be used to access the system, application, or network, apart from the general mechanisms that are used (through the logon process, or other authentication process). Is also known as a back door.

Backdoor initially created by computer programmers as the mechanism that allows them to obtain special access to them in the program, often used to justify and improve the code in the program that they created when a crash occurs due to a bug.

The term now used by the backdoor hacker-hacker to refer to a mechanism that allows the system can access peretas back a system that has been attacked before the process without the need to exploit the system or network, as it did the first time. Generally, once a network has been attacked by using the exploit (to a Handling / Vulnerability), an attacker will cover all jejaknya in the system concerned with modifying the file system record (log) or delete it, and then menginstalasikan a backdoor in the form of a software or to add a special user account that has rights to access the network administrator or system administrator. If the owner and the network or system to realize that the system has been attacked, and then close all Handling is known in the system (but does not detect the existence of the backdoor installed), still before the attacker will be able to access the system, discovered by the owner without the network, especially after registering himself as a legitimate user in the system or network. Have the right as the network administrator, he can do things that can damage the system or remove the data. In cases like the above, a commonly used way is to make re-installation of the system or network, or with restoration of the backup / backup that is still clean from the backdoor.

Rootkit

2009-07-19T17:27:00.000-07:00

Rootkit is inserted into the computer by computer after the attacker successfully taken over. Rootkit is useful to remove trace assault, such as log and remove the malware process itself. Rootkit can also contain backdoor in the future so that later, the attacker can re-take system. Rootkit detection in this difficult, The rootkit in an operating system in kernel level, the core operating system level. The best way that can be relied upon to detect the rootkit is not in the computer is shut off with the computer and boot back to the hard drive but not with other media such as CD-ROM or USB disk. Rootkit is not running can not be concealed, and most antivirus can identifies. Manufacturers usually have security devices integrate rootkit in pendeteksi products. Although the rootkit hides itself during the scanning process is running, which can still recognizes. Also if the rootkit withdraw temporarily from the system, which can still find them using detection "fingerprint" unique alias bytes from the rootkit. Rootkit is dodgy. He can analyze the processes that are running. If he suspects a process as anti-virus measures, he could hide. When the distance there is complete, it is active again. There are several programs that can be used to detect the rootkit on the system. Rootkit detector kit, chkrootkit and Rkhunter are examples that can be used.

Exploit

2009-07-19T17:05:00.000-07:00

Exploit is software that attacks the fragility security (security Vulnerability) a specific but not always aims to reinforce actions that are not desired. Many researchers use the computer security exploit to demonstrate that a system has a fragility. There is a body of researchers who work with software producers. Researchers are responsible explore the fragility of a software and if they find it, reported their findings to the manufacturer so the manufacturer can take action. However exploit sometimes become part of a malware attack fragility duty security. Unlike the exploit that directly attack the system.

Browser Hijacker

2009-07-19T17:03:00.000-07:00

A browser hijacker is a form of malware or spyware that replaces the existing internet browser home page, error page, or search page with its own. These are generally used to force hits to a particular website.

Adware

2009-07-19T16:47:00.000-07:00

Adware or advertising-supported software is any software package which automatically plays, displays, or downloads advertisements to a computer after the software is installed on it or while the application is being used. Some types of adware are also spyware and can be classified as privacy-invasive software.

Computer Virus

2009-07-18T20:11:00.000-07:00

A computer virus is a computer program that can copy itself and infect a computer without the permission or knowledge of the owner. The term "virus" is also commonly but erroneously used to refer to other types of malware, adware, and spyware programs that do not have the reproductive ability. A true virus can only spread from one computer to another (in some form of executable code) when its host is taken to the target computer; for instance because a user sent it over a network or the Internet, or carried it on a removable medium such as a floppy disk, CD, DVD, or USB drive. Viruses can increase their chances of spreading to other computers by infecting files on a network file system or a file system that is accessed by another computer.

The term "computer virus" is sometimes used as a catch-all phrase to include all types of malware. Malware includes computer viruses, worms, trojan horses, most rootkits, spyware, dishonest adware, crimeware, and other malicious and unwanted software), including true viruses. Viruses are sometimes confused with computer worms and Trojan horses, which are technically different. A worm can exploit security vulnerabilities to spread itself to other computers without needing to be transferred as part of a host, and a Trojan horse is a program that appears harmless but has a hidden agenda. Worms and Trojans, like viruses, may cause harm to either a computer system's hosted data, functional performance, or networking throughput, when they are executed. Some viruses and other malware have symptoms noticeable to the computer user, but many are surreptitious.

Most personal computers are now connected to the Internet and to local area networks, facilitating the spread of malicious code. Today's viruses may also take advantage of network services such as the World Wide Web, e-mail, Instant Messaging, and file sharing systems to spread.

Malware

2009-07-16T16:55:00.000-07:00

Malware, short for malicious software, is software designed to infiltrate or damage a computer system without the owner's informed consent. The expression is a general term used by computer professionals to mean a variety of forms of hostile, intrusive, or annoying software or program code.The term "computer virus" is sometimes used as a catch-all phrase to include all types of malware, including true viruses.

Spyware

2009-07-16T16:43:00.000-07:00

Spyware is a type of malware that is installed surreptitiously on personal computers to collect information about users, their computer or browsing habits without their informed consent.

While the term spyware suggests software that secretly monitors the user's behavior, the functions of spyware extend well beyond simple monitoring. Spyware programs can collect various types of personal information, such as Internet surfing habits and sites that have been visited, but can also interfere with user control of the computer in other ways, such as installing additional software and redirecting Web browser activity. Spyware is known to change computer settings, resulting in slow connection speeds, different home pages, and/or loss of Internet or functionality of other programs. In an attempt to increase the understanding of spyware, a more formal classification of its included software types is captured under the term privacy-invasive software.

Worm

2009-07-15T20:39:00.000-07:00

A computer worm is a self-replicating computer program. It uses a network to send copies of itself to other nodes (computers on the network) and it may do so without any user intervention. Unlike a virus, it does not need to attach itself to an existing program. Worms almost always cause at least some harm to the network, if only by consuming bandwidth, whereas viruses almost always corrupt or devour files on a targeted computer.

Trojan Horse

2009-07-15T20:01:00.001-07:00

A Trojan horse, or trojan for short, is a term used to describe malware that appears, to the user, to perform a desirable function but, in fact, facilitates unauthorized access to the user's computer system. The term comes from the Trojan Horse story in Greek mythology. Trojan horses are not self-replicating which distinguishes them from viruses and worms. Additionally, they require interaction with a hacker to fulfil their purpose. The hacker need not be the individual responsible for distributing the Trojan horse. It is possible for hackers to scan computers on a network using a port scanner in the hope of finding one with a Trojan horse installed.

Info About Certified Security

2009-07-14T02:36:00.000-07:00

EC-Council Certified Security Analyst

Introduction

EC-Council Certified Security Analyst (ECSA) complements the Certified Ethical Hacker (CEH) certification by exploring the analytical phase of ethical hacking. While CEH exposes the learner to hacking tools and technologies, ECSA takes it a step further by exploring how to analyze the outcome from these tools and technologies. Through groundbreaking penetration testing methods and techniques, ECSA class helps students perform the intensive assessments required to effectively identify and mitigate risks to the security of the infrastructure.

This makes ECSA a relevant milestone towards achieving EC-Council’s Licensed penetration Tester, which also ingrains the learner in the business aspect of penetration testing. The Licensed Penetration Tester standardizes the knowledge base for penetration testing professionals by incorporating the best practices followed by experienced experts in the field.

The objective of EC-Council Certified Security Analyst is to add value to experienced security professionals by helping them analyze the outcomes of their tests. ECSA leads the learner into the advanced stages of ethical hacking.

Advanced Penetration Testing and Security Analysis

The ECSA/LPT training program is a highly interactive 5-day security class designed to teach Security Professionals the advanced uses of the available methodologies, tools and techniques required to perform comprehensive information security tests. Students will learn how to design, secure and test networks to protect your organization from the threats hackers and crackers pose. By teaching the LPT methodology and ground breaking techniques for security and penetration testing, this class will help you perform the intensive assessments required to effectively identify and mitigate risks to the security of your infrastructure. As students learn to identify security problems, they also learn how to avoid and eliminate them, with the class providing complete coverage of analysis and network security-testing topics.

Requirements

Pass exam 412-79 to achieve EC-Council Certified Security Analyst (ECSA) certification.

Benefits

1. ECSA is for experienced hands in the industry and is backed by a curriculum designed by the best in the field.
2. Greater industry acceptance as seasoned security professional.
3. Learn to analyze the outcomes from using security tools and security testing techniques.
4. Requirement for the LPT certification.

EC-Council Licensed Penetration Tester

Introduction

EC-Council’s Licensed Penetration Tester (LPT) is a natural evolution and extended value addition to its series of security related professional certifications. The LPT standardizes the knowledge base for penetration testing professionals by incorporating best practices followed by experienced experts in the field.

The objective of the LPT is to ensure that each professional licensed by EC-Council follows a strict code of ethics, is exposed to the best practices in the domain of penetration testing and aware of all the compliance requirements required by the industry.

Unlike a normal security certification, the LPT is a program which trains security professionals to analyze the security posture of a network exhaustively and recommend corrective measures authoritatively. EC-Council's license vouches for their professionalism and expertise thereby making these professionals more sought after by organizations and consulting firms globally.
Requirements

1. Achieve the Certified Ethical Hacker (CEH) Certification.
2. Achieve the EC-Council Certified Security Analyst (E|CSA) certification.
3. Complete the LPT Training Criteria
4. Fill up and submit the LPT Application form
5. Remit payment of USD500 for the first License fees which is valid for two years. For subsequent years, it will be USD250 per renewal. You can make your payment here.
6. Documentation on criminal background check, or an authentication from an investigation agency absolving a criminal history. Click here for police verification in your country
7. Alternatively, candidates may sign a Declaration of No Criminal Convictions ( which will be sent to the candidates that have met all of the above criteria when requested via e-mail).
8. Resume with detailed professional experience, previous certification /certificates and references for verification to be submitted.
9. Agree to EC-Council Code of Ethics.

Mail the application to:
EC-Council Certification Department
EC-Council
3819 Osuna NE
Albuquerque, NM 87109
USA
Tel: 1-505-764-5975
Fax: 1-505-212.0667

Benefits

* EC-Council's prestigious endorsement as a licensed penetration testing professional, allowing successful candidates to practise penetration testing and consulting internationally.
* Industry acceptance as a legal and ethical security professional.
* Access to proprietary EC-Council software, templates and penetration testing methodologies.
* License to practice and conduct security testing in organizations accredited by EC-Council.
* Acquire knowledge from experienced hands-on penetration testing methodologies and latest penetration testing practices.

Computer Hacking Forensic Investigator

2009-07-14T02:23:00.001-07:00

Computer Hacking Forensic Investigator

Computer hacking forensic investigation is the process of detecting hacking attacks and properly extracting evidence to report the crime and conduct audits to prevent future attacks. Computer forensics is simply the application of computer investigation and analysis techniques in the interests of determining potential legal evidence. Evidence might be sought in a wide range of computer crime or misuse, including but not limited to theft of trade secrets, theft of or destruction of intellectual property, and fraud. CHFI investigators can draw on an array of methods for discovering data that resides in a computer system, or recovering deleted, encrypted, or damaged file information.

Securing and analyzing electronic evidence is a central theme in an ever-increasing number of conflict situations and criminal cases. Electronic evidence is critical in the following situations:

• Disloyal employees
• Computer break-ins
• Possession of pornography
• Breach of contract
• Industrial espionage
• E-mail Fraud
• Bankruptcy
• Disputed dismissals
• Web page defacements
• Theft of company documents

Computer forensics enables the systematic and careful identification of evidence in computer related crime and abuse cases. This may range from tracing the tracks of a hacker through a client’s systems, to tracing the originator of defamatory emails, to recovering signs of fraud.

The CHFI course will provide participants the necessary skills to identify an intruder’s footprints and to properly gather the necessary evidence to prosecute in the court of law.

The CHFI course will benefit:

• Police and other law enforcement personnel
• Defense and Military personnel
• e-Business Security professionals
• Systems administrators
• Legal professionals
• Banking, Insurance and other professionals
• Government agencies
• IT managers

Certified Ethical Hacker

2009-07-14T01:48:00.000-07:00

Informatics Professional Development Center(IPDC) is proud to be an approved training institution to offer a preparatory course leading to the Certified Ethical Hacker certification from The International Council of Electronic Commerce Consultants (ec-council), New York, USA.
The CEH certification will be significantly benefit security officers, auditors, security professionals, site administrators and anyone who is concerned about the integrity of the networks infrastructure. To achieve a CEH certification, one must pass an exam that covers the standards and language involved in common exploits, vulnerabilities, and countermeasures. One must also have the knowledge of the tools used by hackers in exposing common vulnerabilities, as well as the tools used by security professionals for implementing countermeasures.
Prior to attending this course, you will be asked to sign an agreement stating that you will not use the newly acquired skills for illegal or malicious attacks and you will not use such tools in an attempt to compromise any computer system, and to indemnify EC-Council with respect to the use or misuse of these tools, regardless of intent.
Certified Ethical Hacker is a skilled professional who understands and knows how to look for the weakness and vulnerabilities in a system.
FACTS

Did you know that…?
1. 90% of large companies & govt. agencies had computer security breaches in 2001
2. Three-quarters suffered financial losses.
3. Less than 1% of the world’s population are Certified Ethical Hackers
4. 75% of hacking incidents are actually inside jobs.
5. Most frequent problem: Computer viruses (85%), Abuse of Internet Access (79%), Web-site Vandalism (64%)

How recognized is CEH?
1. CEH is only certification in the world which Certified Ethical Hacker
2. FBI, Microsoft, CIA, US Navy, US Military, Dell and other have earned these certification.
3. CEH certification looks at security in a different angel compared to more traditional approach.
Certification
The Certified Ethical Hacker certification exam 312-50 will be conducted on the last day of training. Students need to pass the online Prometric exam to receive CEH certification. To achieve a CEH certification, one must pass an exam that cover the standards and language involved in common exlpoits, vulnerabilities, as well as the tools used by security professionals for implementing countermeasures

Course Mission:
Ethical Hacking and Countermeasures course mission is to educate, introduce and demonstrate hacking tools for penetration testing purposes only.

What CEH offers?
1. CEH is about ‘hacking technology’.
2. CEH offers in-depth knowledge across 20 domains and over 300 tools.
3. CEH provides the most exhaustive, in-depth knowledge across 20 domains that will definitely find a place in an organization. Each domain details several tools that a hacker can use and the countermeasures you can take against their use.
CEH offers a dynamic methodology that is moldable with the security posture of the client.
4. There cannot be strategy without analysis, and success without strategy.
5. CEH uniquely balances theoretic knowledge with real world application.
6. Why hacker tools?” – because you need to:
7. think like a hacker,
8. penetrate through the mind of a hacker and work like a hacker, if you want to test the impregnability of your network.

Benefits
As one of a leading IT education, we offer a preparatory course leading to the Certified Ethical Hacker. This certificate is the first in Indonesia, and one of the certification the most wanted in the world.
According to FBI Computer Crime & Security Survey, 90% of large companies & government agencies had computer security breaches in 2001. Three-quarters suffered financial losses. Less than 1% of world’s population are Certified Ethical Hacker. 75% of hacking incidents are actually inside job. Most frequent problem: Computer viruses (85%), abuse of internet access (79%), web-site vandalism (64%).

History Computer

2009-07-13T23:58:00.001-07:00

Previously many people who use a typewriter both normal and electric typewriter. Well, the keyboard has the function of the same form and with the typewriter. The difference is the result of the output or displayed. When we use the typewriter, we can not delete or cancel any course that is one type, and each letter or symbol of the type we see the results directly on the paper. Not so with the keyboard. What type of results we keluarannya or can we see on the screen first, then we can modify or make changes in writing, typing errors and the other. As well as "mouse", the keyboard is connected to a computer with a cable that are on the keyboard. End of the cable is inserted into the port of the computer CPU. Keyboard input is a tool that is used to type information into the computer and run the various commands to intruksi or in the computer. The creation of a computer keyboard inspired by the creation of the basic engine type design created by Christopher Latham year 1868 and many marketed in 1877 by the Remington Company. Computer keyboard is adapted from the first pelubang card (punch card) technology and allow any posts distance (Teletype). Year 1946 computer ENIAC using the hole cards (punched card reader) as a means of input and output. When you hear the word "keyboard" then our minds can not be separated from the existence of a computer, because the keyboard is a board consisting of the buttons to type the sentence, and special symbols on the other computer. Keyboard in the Indonesian language means the keyboard or the keypad. On the keyboard there are buttons letters A - Z, a - z, numbers 0 - 9, the key and special characters such as: `~ @ # $% ^ & * () _ - + = <> /,. ? :; " '\ | Keys and other special is a whole number of 104 key. While in the machine type number is a 52 button keypad. The form of keyboard is generally rectangular, but the current model keyboard is vary. Keyboard is the most famous QWERTY keyboard which has 101 units key (the key). Most keyboards have a key is arranged in part as follows:
A. Alphanumeric Key
B. Numeric Keypad
C. Function Key
D. Modifier Key
E. Cursor Key Movement

Mouse was first created in 1963 by Dauglas Engelbart of wood with one button. Both models are equipped with 3 buttons. In the year 1970, Douglas Engelbart introduced the Mouse who can know the X-Y position on a computer screen, Mouse is known by the name X-Y Position Indicator (X-Y position indicator).

The form of the most common Mouse has two buttons, each in the top left and right that can be pressed. However, computer-based Macintosh computers typically use one-button Mouse.

Working with the captured mouse movement using the ball touches the surface of the hard and flat. Mouse is a more modern does not use the ball again, but use the rays to detect the movement optically. In addition, some are already using wireless technology, both based radio, infrared rays, and bluetooth.
Currently, the technology already allows the Mouse laser system so that the resolution can reach 2000 dots per inch (dpi), which can even reach the 4800 point per inch. Mouse Usually this kind is for video game fans.