IT Organizations in the Philippines
1.)
Name: Information Technology Foundation of the Philippines (ITFP)
Address: 32nd Flr Philam Life Tower
8767 Paseo de Roxas Ave, Makati City E Mail: cynthia.mamon@sun.com.ph
Tel No: (632) 750-3742
Fax No: (632)
Website: www.itfp.org.ph
About: The Information Technology Foundation of the Philippines (ITFP) is a non-stock and non-profit organization. It is the federation of all the Philippine Computer IT organization.
Programs & Projects: 8-POINT PROGRAM-ITFP aims to achieve the following:
For the ITFP Organization itself
Be financially strong and stable
Professionally run and managed.
For the Member Associations
Improve members well-being and supports its interest
For the IT Industry
Focus on the local market but supports global competitiveness
Support the national thrust to become the e-services hub of Asia
Be strong lobby group
For the Public (Government and the civil society)
To promote social responsibility
To support and assist in e-governance
2007 Programs
Push for "Strengthen CICT to DICT
Procurement Law and its implementation (CICT and DBM)
- Forum
- Training (With ITAP-NCI)
Automation of the Electoral System
ICT Training and Certification (CICT, NCI, ITAP, TESDA, PAQTVET)
Good Governance of IT Organizations and Associations (Code of Ethics)
MOA re Promoting English Proficiency (PEP)
Fund Raising
Vision: "The voice and the medium of the ICT community in the country that supports the ICT programs of the government and private sector."
Mission: To contribute to the contribute to the economic, social and political development of the country
- by advocating the wise and widespread use of ICT;
- by representing the needs and interest of the ICT industry and community;
- by supporting the ICT-based programs of government and private sector; and
- by strengthening the country's global competitiveness through ICT
Objectives: To accelerate the development of the Philippine Information Technology industry and help the profession by conducting and supporting projects and activities that will lead to the attainment of its purposes.
To support and fund selected IT related activities of its member Associations.
To contribute towards the social and economic development to the country through the promotion of IT utilization in all sectors of the Philippine society.
To represent the IT industry in the government in the formulation and implementation of policies, laws, regulations and statues affecting the IT industry.
Date Founded:
Contact Person: Ellen Almazon
List of Officers
CYNTHIA R. MAMON, President
SUN MICRO SYSTEMS PHILIPPINES
(632) 885-7867, 885-0401
(632) 885-7866
cynthia.mamon@sun.com.ph
2.)University of the Philippines Information Technology Training Center
The University of the Philippines Information Technology Training Center (UP ITTC) is a program of the University of the Philippines together with the Japan International Cooperation Agency (JICA) solely devoted to training professionals in information technology. The UP ITTC also hosts the Philippine Youth Congress in Information Technology or Y4IT every September, the largest gathering of IT enthusiasts from all over the Philippines.
University of the Philippines
Information Technology
Training Center
Helping You Build a Solid IT Career
Address
Quirino Avenue cor. Velasquez Street
Vidal A. Tan Hall
UP Diliman
Quezon City, 1101
Philippines
Coordinates- 14°39′7.60″N 121°4′5.88″ECoordinates: 14°39′7.60″N 121°4′5.88″E Information
Opened -2004
Authority University of the Philippines System
Director Dr. Jaime D.L. Caro
Website http://ittc.up.edu.ph/
3.) International Organization for IT
The heart of AITP lies in its local chapters. Chapter activities provide unique opportunities for informal but direct contact with other IT professionals. For more information about AITP chapter locations, contact the AITP Membership Department, call 1-800-224-9371 or visit a chapter’s Web site.
AITP gives you online access to local chapters by state or city. Chapter e-mail addresses and Web site pages are provided where available.
Wednesday, March 31, 2010
What is PROFESSIONAL?
This are some definition of a Professional
professional traditionally means a person who has obtained a degree in a professional field. The term professional is used more generally to denote a white collar working person, or a person who performs commercially in a field typically reserved for hobbyists or amateurs.
professional engaged in a profession or engaging in as a profession or means of livelihood; "the professional man or woman possesses distinctive qualifications"; "began her professional career after the Olympics"; "professional theater"; "professional football"; "a professional cook"; "professional actors and athletes"
-or pertaining to a profession, or calling; conforming to the rules or standards of a profession; following a profession; as, professional knowledge; professional conduct.
-A person who prosecutes anything professionally, or for a livelihood, and not in the character of an amateur; a professional worker.
references:
Ethics in Information Technology by George Reynolds (2006)
http://www.thefreedictionary.com/professional
http://www.brainyquote.com/words/pr/professional207054.html
-> Professional are those who engaged in a profession or engaging in as a
profession or means of livelihood.
-> It also a person engaged in one of the learned professions or an athlete who
plays for pay.
Resources: Wikipedia.com
professional traditionally means a person who has obtained a degree in a professional field. The term professional is used more generally to denote a white collar working person, or a person who performs commercially in a field typically reserved for hobbyists or amateurs.
professional engaged in a profession or engaging in as a profession or means of livelihood; "the professional man or woman possesses distinctive qualifications"; "began her professional career after the Olympics"; "professional theater"; "professional football"; "a professional cook"; "professional actors and athletes"
-or pertaining to a profession, or calling; conforming to the rules or standards of a profession; following a profession; as, professional knowledge; professional conduct.
-A person who prosecutes anything professionally, or for a livelihood, and not in the character of an amateur; a professional worker.
references:
Ethics in Information Technology by George Reynolds (2006)
http://www.thefreedictionary.com/professional
http://www.brainyquote.com/words/pr/professional207054.html
-> Professional are those who engaged in a profession or engaging in as a
profession or means of livelihood.
-> It also a person engaged in one of the learned professions or an athlete who
plays for pay.
Resources: Wikipedia.com
Attack Case Study2
Government computers under attack - SC Magazine US: "Based on data provided to USA Today by US-CERT, unauthorized access to government computers and installations of hostile programs rose from a combined 3,928 incidents in 2007 to 5,488 in 2008.
The culprits seem to be after military secrets, said Brad Curran, Frost & Sullivan senior aerospace & defense industry analyst. They want to steal technology, or in a new strategy, what he calls asymmetric warfare.
“With our military capabilities, these groups cannot compete or stand toe to toe, so they look for asymmetric gaps to exploit,” Curran told SCMagazineUS.com. “State actors want to exploit information gaps on our networks, and read or alter our email.”"
The culprits seem to be after military secrets, said Brad Curran, Frost & Sullivan senior aerospace & defense industry analyst. They want to steal technology, or in a new strategy, what he calls asymmetric warfare.
“With our military capabilities, these groups cannot compete or stand toe to toe, so they look for asymmetric gaps to exploit,” Curran told SCMagazineUS.com. “State actors want to exploit information gaps on our networks, and read or alter our email.”"
Major Types af Attack
Ans.
• Malicious code-include execution of worms, viruses, Trojan horses
• Back door-attacker gains access to a system through an access path that bypasses usual security control
• Cracking-attempts to reverse-calculate a password
• Denial-of-service-attacker sends a such large number of connection or information request
• Spoofing-an intruder sends message to a computer with an IP address that indicates that message is coming from a trusted host
• Man-in-the-middle or TCP hijacking-attacker sniffs packets from the network, modifies them, insert them back into the network
• Spam-attacks involving sending unsolicited commercial e-mail
• Mail Bomb-attacker routes large quantities of e-mail to the target
• Sniffer-programs or devices that can monitor data traveling over a network
• Social engineering-attacker uses social skills to convince people reveal access credentials or other valuable information
• Buffer Overflow-involving an application error that occurs when more data is sent to a buffer than it can handle.
• Timing attack-attacks that work by exploring the contents of a Web browser's cache.
Source: Michael E. Whitman and Herbert J. Mattord, Principles of Information Security, Second Edition,Thompson Course Technology, 2005
2n post
• Malicious code-include execution of worms, viruses, Trojan horses
• Back door-attacker gains access to a system through an access path that bypasses usual security control
• Cracking-attempts to reverse-calculate a password
• Denial-of-service-attacker sends a such large number of connection or information request
• Spoofing-an intruder sends message to a computer with an IP address that indicates that message is coming from a trusted host
• Man-in-the-middle or TCP hijacking-attacker sniffs packets from the network, modifies them, insert them back into the network
• Spam-attacks involving sending unsolicited commercial e-mail
• Mail Bomb-attacker routes large quantities of e-mail to the target
• Sniffer-programs or devices that can monitor data traveling over a network
• Social engineering-attacker uses social skills to convince people reveal access credentials or other valuable information
• Buffer Overflow-involving an application error that occurs when more data is sent to a buffer than it can handle.
• Timing attack-attacks that work by exploring the contents of a Web browser's cache.
Source: Michael E. Whitman and Herbert J. Mattord, Principles of Information Security, Second Edition,Thompson Course Technology, 2005
2n post
Types of Attacks to Computer System
List of different forms of attack that threatens Computer Security.
1. Trojan horse - Comes with other software.
2. Worm - Self-reproducing program. Creates copies of itself. Worms that spread using e-mail address books are often called viruses.
3. Logic Bomb - Dormant until an event triggers it (Date, user action, random trigger, etc.)
4. DoS- Denial of Service
5. Virus - Reproduces itself by attaching to other executable files.
Hacker Attacks are various forms that exploit weakneses in security. Many of these may cause loss of service or system crashes.
1. Password cracking - Used to get the password of a user or administrator on a network and gain unauthorized access.
2. DNS poisoning - This is an attack where DNS information is falsified. This attack can succeed under the right conditions, but may not be real practical as an attack form. The attacker will send incorrect DNS information which can cause traffic to be diverted. The DNS information can be falsified since name servers do not verify the source of a DNS reply. When a DNS request is sent, an attacker can send a false DNS reply with additional bogus information which the requesting DNS server may cache. This attack can be used to divert users from a correct webserver such as a bank and capture information from customers when they attempt to logon.
3. Gaining access through source routing. Hackers may be able to break through other friendly but less secure networks and get access to your network using this method.
4. IP spoofing - An attacker may fake their IP address so the receiver thinks it is sent from a location that it is not actually from.
5. Server spoofing - A C2MYAZZ utility can be run on Windows 95 stations to request LANMAN (in the clear) authentication from the client. The attacker will run this utility while acting like the server while the user attempts to login. If the client is tricked into sending LANMAN authentication, the attacker can read their username and password from the network packets sent.
6. Man in the middle attack -
7. Session hijacking - An attacker may watch a session open on a network. Once authentication is complete, they may attack the client computer to disable it, and use IP spoofing to claim to be the client who was just authenticated and steal the session.
1. Trojan horse - Comes with other software.
2. Worm - Self-reproducing program. Creates copies of itself. Worms that spread using e-mail address books are often called viruses.
3. Logic Bomb - Dormant until an event triggers it (Date, user action, random trigger, etc.)
4. DoS- Denial of Service
5. Virus - Reproduces itself by attaching to other executable files.
Hacker Attacks are various forms that exploit weakneses in security. Many of these may cause loss of service or system crashes.
1. Password cracking - Used to get the password of a user or administrator on a network and gain unauthorized access.
2. DNS poisoning - This is an attack where DNS information is falsified. This attack can succeed under the right conditions, but may not be real practical as an attack form. The attacker will send incorrect DNS information which can cause traffic to be diverted. The DNS information can be falsified since name servers do not verify the source of a DNS reply. When a DNS request is sent, an attacker can send a false DNS reply with additional bogus information which the requesting DNS server may cache. This attack can be used to divert users from a correct webserver such as a bank and capture information from customers when they attempt to logon.
3. Gaining access through source routing. Hackers may be able to break through other friendly but less secure networks and get access to your network using this method.
4. IP spoofing - An attacker may fake their IP address so the receiver thinks it is sent from a location that it is not actually from.
5. Server spoofing - A C2MYAZZ utility can be run on Windows 95 stations to request LANMAN (in the clear) authentication from the client. The attacker will run this utility while acting like the server while the user attempts to login. If the client is tricked into sending LANMAN authentication, the attacker can read their username and password from the network packets sent.
6. Man in the middle attack -
7. Session hijacking - An attacker may watch a session open on a network. Once authentication is complete, they may attack the client computer to disable it, and use IP spoofing to claim to be the client who was just authenticated and steal the session.
Subscribe to:
Posts (Atom)
