Hi, 

I know most of you will be looking for the information on “How to become a Software Engineer”. So here i am giving you some hints to your questions.
Hope this will be helpful…

Question: How can I become a Software Engineer

Introduction

Software engineering (SE) is the application of a systematic, disciplined, quantifiable approach to the design, development, operation, and maintenance of software, and the study of these approaches; that is, the application of engineering to software. People who is mainly handling with software engineering known as Software Engineers.


Courses and streams

There are two streams to qualify to become software engineer. Minimum entry criteria is Plus Two. You should study Mathematics as a subject in Plus Two.

Stream 1

Join Engineering course in any of the recognized institute. Most preferably you should choose any of the branches below. This courses known B.E. and B.Tech in various universities in India
  • Computer Engineering
  • Information Technology
  • Electronics and Instrumentation

The branches like Mechanical Engineering, Electrical Engineering etc. also eligible to apply for the various aptitude test conduction by the software companies. But preference will be given to the candidate who studying in computer related subjects like Computer Organization, Software Engineering and various computer languages during engineering.

You should pass the entrance exam conducting by various authorities to eligible to apply for this courses.

Stream 2

If you are not getting selected in the Entrance Exam or didn’t get chance to go for engineering study, This stream will help you to become software engineer. 
You have to study any of the courses given below during graduation
  • Bachelor of Computer Applications
  • Bachelor of Computer Science
  • BSc. Information Technology
  • Any Bachelor degree with Mathematics as a subject (some times any degree also counts!!!, with some courses like Java, C, C++, Testing, Web designing, SAS, DBA etc).

Companies like Wipro, Infosys, IBM are conducting the aptitude test after graduation. They will publish the notification in various newspapers and the websites. If you pass the aptitude they will post you as a software engineer trainees and will give the chance to pursue Masters degree in computer science in the affiliated universities.


You can also go for the post graduation your own for  the following courses after graduation.

  • Master of computer applications MCA
  • MSc Computer Science
  • MSc in Information Technology.
After passing of Bachelors graduation or any of the above of Masters degree will be eligible to apply in the various IT companies for the post of software engineers.

Opportunities

Demand for software engineers increasing year to year as released by Nasscom. The earning potential for software engineers is high compared to other categories for freshers. 
A fresh software engineer can get a minimum of CTC (cost to company – annual salary) 2 to 4 lahs in top tier companies.


Important to note

You should gain the following to pass the aptitude test and the interviews after that to get a ticket to your dream companies

For aptitude test

  • Analytical aptitude skill
  • Mathematics skill


For interview 

  • Good communication skills
  • Knowledge of computer topics like various computer languages, Operating system etc.
  •  Knowledge of computer languages like Java, C, C++, Testing, Web designing etc.

Conclusion

Software engineering is a good career who have thrive to learn and face challenges in the life.


All the best guys…

Please Share / Like / Join our community If you LIKE…
Advertisements

Golf is a strategic game, very few people like & play this game. We should have lot of patience to play. When ever i play i feel a matured kind of difference by compare to normal situation.

We con’t or should not play golf like any other game, it has its own style, passion, strategy, feeling.

My personal experiance when ever i play golf i evaluate my grit, vision, patience, decision making skills, ability to take the small ball for a long way saving through sand bunkers, water hazards, by drive, by chip, by putt to finish the game.
I was just thinking, leading the organisation in recession is same as playing golf in desert.

To play golf in green filed / golf range itself we need many qualities, then if we want to play golf in desert!!!!!!!

Do you think it is easy???????????

We should analys the wind, surface, to where to drive or chip, putting is the toughest thing, because most of the time we fail / give up in end only.
I belive leading organisation in recession succesfully is same as playing golf in desert, as per my knowledge we should ready to work on worst case scenarios, because beyond that there is an end. If we strongly prepared for this kind of situation then surely we can expect the result minimum with worst case values or maximum with best case value.

What ever we need to have lot of strategies to direct organisation in safe way to reach our destination.

Please comment back to me …. email: arunste@gmail.com.

Why have you been so successful in reaching some of your goals, but not others? If you aren’t sure, you are far from alone in your confusion. It turns out that even brilliant, highly accomplished people are pretty lousy when it comes to understanding why they succeed or fail. The intuitive answer — that you are born predisposed to certain talents and lacking in others — is really just one small piece of the puzzle. In fact, decades of research on achievement suggests that successful people reach their goals not simply because of who they are, but more often because of what they do.

1. Be Specific. When you set yourself a goal, try to be as specific as possible. “Lose 5 pounds” is a better goal than “lose some weight,” because it gives you a clear idea of what success looks like. Knowing exactly what you want to achieve keeps you motivated until you get there. Also, think about the specific actions that need to be taken to reach your goal. Just promising you’ll “eat less” or “sleep more” is too vague — be clear and precise. “I’ll be in bed by 10pm on weeknights” leaves no room for doubt about what you need to do, and whether or not you’ve actually done it.

2. Measure the act on your goals.
Given how busy most of us are, and how many goals we are juggling at once, it’s not surprising that we routinely miss opportunities to act on a goal because we simply fail to notice them. Did you really have no time to work out today? No chance at any point to return that phone call? Achieving your goal means grabbing hold of these opportunities before they slip through your fingers.

To seize the moment, decide when and where you will take each action you want to take, in advance. Again, be as specific as possible (e.g., “If it’s Monday, Wednesday, or Friday, I’ll work out for 30 minutes before work.”) Studies show that this kind of planning will help your brain to detect and seize the opportunity when it arises, increasing your chances of success by roughly 300%.

3. Know exactly how far you have left to go. Achieving any goal also requires honest and regular monitoring of your progress — if not by others, then by you yourself. If you don’t know how well you are doing, you can’t adjust your behavior or your strategies accordingly. Check your progress frequently — weekly, or even daily, depending on the goal.

4. Be a realistic optimist.
When you are setting a goal, by all means engage in lots of positive thinking about how likely you are to achieve it. Believing in your ability to succeed is enormously helpful for creating and sustaining your motivation. But whatever you do, don’t underestimate how difficult it will be to reach your goal. Most goals worth achieving require time, planning, effort, and persistence. Studies show that thinking things will come to you easily and effortlessly leaves you ill-prepared for the journey ahead, and significantly increases the odds of failure.

5. Focus on getting better, rather than being good.
Believing you have the ability to reach your goals is important, but so is believing you can get the ability. Many of us believe that our intelligence, our personality, and our physical aptitudes are fixed — that no matter what we do, we won’t improve. As a result, we focus on goals that are all about proving ourselves, rather than developing and acquiring new skills.

Fortunately, decades of research suggest that the belief in fixed ability is completely wrong — abilities of all kinds are profoundly malleable. Embracing the fact that you can change will allow you to make better choices, and reach your fullest potential. People whose goals are about getting better, rather than being good, take difficulty in stride, and appreciate the journey as much as the destination.

6. Have grit.
Grit is a willingness to commit to long-term goals, and to persist in the face of difficulty. Studies show that gritty people obtain more education in their lifetime, and earn higher college GPAs. Grit predicts which cadets will stick out their first grueling year at West Point. In fact, grit even predicts which round contestants will make it to at the Scripps National Spelling Bee.

The good news is, if you aren’t particularly gritty now, there is something you can do about it. People who lack grit more often than not believe that they just don’t have the innate abilities successful people have. If that describes your own thinking …. well, there’s no way to put this nicely: you are wrong. As I mentioned earlier, effort, planning, persistence, and good strategies are what it really takes to succeed. Embracing this knowledge will not only help you see yourself and your goals more accurately, but also do wonders for your grit.

7. Build your willpower muscle. Your self-control “muscle” is just like the other muscles in your body — when it doesn’t get much exercise, it becomes weaker over time. But when you give it regular workouts by putting it to good use, it will grow stronger and stronger, and better able to help you successfully reach your goals.

To build willpower, take on a challenge that requires you to do something you’d honestly rather not do. Give up high-fat snacks, do 100 sit-ups a day, stand up straight when you catch yourself slouching, try to learn a new skill. When you find yourself wanting to give in, give up, or just not bother — don’t. Start with just one activity, and make a plan for how you will deal with troubles when they occur (“If I have a craving for a snack, I will eat one piece of fresh or three pieces of dried fruit.”) It will be hard in the beginning, but it will get easier, and that’s the whole point. As your strength grows, you can take on more challenges and step-up your self-control workout.

8. Don’t tempt fate. No matter how strong your willpower muscle becomes, it’s important to always respect the fact that it is limited, and if you overtax it you will temporarily run out of steam. Don’t try to take on two challenging tasks at once, if you can help it (like quitting smoking and dieting at the same time). And don’t put yourself in harm’s way — many people are overly-confident in their ability to resist temptation, and as a result they put themselves in situations where temptations abound. Successful people know not to make reaching a goal harder than it already is.

9. Focus on what you will do, not what you won’t do. Do you want to successfully lose weight, quit smoking, or put a lid on your bad temper? Then plan how you will replace bad habits with good ones, rather than focusing only on the bad habits themselves. Research on thought suppression (e.g., “Don’t think about white bears!”) has shown that trying to avoid a thought makes it even more active in your mind. The same holds true when it comes to behavior — by trying not to engage in a bad habit, our habits get strengthened rather than broken.

If you want to change your ways, ask yourself, What will I do instead? For example, if you are trying to gain control of your temper and stop flying off the handle, you might make a plan like “If I am starting to feel angry, then I will take three deep breaths to calm down.” By using deep breathing as a replacement for giving in to your anger, your bad habit will get worn away over time until it disappears completely.

hope after reading about the nine things successful people do differently, you have gained some insight into all the things you have been doing right all along. Even more important, I hope are able to identify the mistakes that have derailed you, and use that knowledge to your advantage from now on. Remember, you don’t need to become a different person to become a more successful one. It’s never what you are, but what you do.

Kerberos – The Three Headed Dog

Posted: February 1, 2012 in Kerberos

What is Kerberos?

Kerberos is an ancient name STRONGEST THREE HEADED WATCH DOG.

Kerberos is a network authentication protocol. It is designed to provide strong authentication for client/server applications by using secret-key cryptography.

A free implementation of this protocol is available from the Massachusetts Institute of Technology. Kerberos is available in many commercial products as well.

The Internet is an insecure place. Many of the protocols used in the Internet do not provide any security. Tools to “sniff” passwords off of the network are in common use by malicious hackers. Thus, applications which send an unencrypted password over the network are extremely vulnerable. Worse yet, other client/server applications rely on the client program to be “honest” about the identity of the user who is using it. Other applications rely on the client to restrict its activities to those which it is allowed to do, with no other enforcement by the server.

Some sites attempt to use firewalls to solve their network security problems. Unfortunately, firewalls assume that “the bad guys” are on the outside, which is often a very bad assumption. Most of the really damaging incidents of computer crime are carried out by insiders. Firewalls also have a significant disadvantage in that they restrict how your users can use the Internet. (After all, firewalls are simply a less extreme example of the dictum that there is nothing more secure then a computer which is not connected to the network — and powered off!) In many places, these restrictions are simply unrealistic and unacceptable.

Kerberos was created by MIT as a solution to these network security problems. The Kerberos protocol uses strong cryptography so that a client can prove its identity to a server (and vice versa) across an insecure network connection. After a client and server has used Kerberos to prove their identity, they can also encrypt all of their communications to assure privacy and data integrity as they go about their business.

Kerberos is freely available from MIT, under copyright permissions very similar those used for the BSD operating system and the X Window System. MIT provides Kerberos in source form so that anyone who wishes to use it may look over the code for themselves and assure themselves that the code is trustworthy. In addition, for those who prefer to rely on a professionally supported product, Kerberos is available as a product from many different vendors.

In summary, Kerberos is a solution to your network security problems. It provides the tools of authentication and strong cryptography over the network to help you secure your information systems across your entire enterprise.

These “White Hat” security researchers are ethical hackers, whose discoveries and inventions shake things up — as they try to stay one step ahead of their underground “Black Hat” cousins . 

Let’s know some of them.

Robert Rsanke Hansen

It’s not unusual to hear someone say “Rsnake found out..” and Hansen’s manic inventiveness includes the “Slowloris” low-bandwidth denial-of-service tool, which ended up being used by anti-Iranian protesters to attack the Iranian leadership Web sites; another called “Fierce” does DNS enumeration to find non-contiguous IP space to make attacking targets easier.

 

Greg Hoglund
Since 1998 has been investigating rootkits and buffer overflows, founded the Rootkit Web site and also co-authored the books “Rootkits, Subverting the Windows Kernel” and “Exploiting Software.” One of his most memorable feats was exposing vulnerabilities associated with the online game World of Warcraft, detailed in a book he co-authored with security expert Gary McGraw, “Exploiting Online Games.”
 
 
 
 
 
Dan Kaminsky
History may remember Kaminsky as the diplomat and statesman in the “White Hat” because of his work behind the scenes with software and service providers to patch a flaw he discovered in 2008 in the DNS protocol, which if exploited, would have led to mass disruption of the Internet.Though some argued he should have immediately disclosed the flaw, others praised his discretion in quietly working to fix the problem before it was widely publicized.
 
 
 
Zane Lackey
This co-author of “Hacking Exposed: Web 2.0” and contributing editor to “Hacking VoIP” and “Mobile Application Security” digs into flaws in mobile and VoIP systems. In the past, some of his public talks and demos about compromising VoIP System have been so detailed that chief information security officers at major corporations said they couldn’t advocate investing in VoIP until the issues raised were addressed by vendors. 
 
 
 
Marc Maiffret
Once the bad boy ‘Chameleon’ in hacking group “‘Rhino9,” Maiffret luckily realized his hacking skills could be put to use in protecting Windows-based computers when, at age 17, he turned over a new leaf to co-found eEye Digital Security in 1997, working with security researchers Derek Soeder and Barnaby Jack. A demon at discovering Windows-based vulnerabilities, Maiffret also played a role in zeroing in on the infamous “Code Red ” worm in 2001, which exploded across the Internet ravaging Microsoft-based computers.
 
 
 
Charlie Miller
Co-author of the “Mac hacker’s handbook,” Miller has hacked Safari the last three years at the Pwn2Own contest, found an iPhone exploit that consisted entirely of SMS text messages, and was the first to hack Apple’s iPhone in 2007 and the Android phone in 2008. He also is credited with writing the first “virtual world” exploit for Second Life.
 
 
 
HD Moore

The open-source penetration testing platform, the Metasploit Project, founded in 2003 by Moore as chief architect, has become one of the most influential security inventions of the era with its penetration-testing and exploits used to uncover network weaknesses…by the good, the bad and the ugly.

 
 
 
Joanna Rutkowska
This brainy Polish researcher has made it an obsession to figure out how stealth malware, such as rootkits, can be so well hidden in software and hardware that few are ever likely to find it. Her “Blue Pill” attack against Microsoft’s Vista kernel protection mechanism, which brought a crowded room of security geeks at Black Hat to a standing ovation in 2006, was just her first revelation publicly to show how easy it is for dangerous code to hide in plain sight.
 
 
 
Sherri Sparks

Like Rutkowska, researcher Sparks has made rootkits and stealth malware her pursuit, and at one Black Hat Conference showed how operating system-independent rootkits, such as the proof-of-concept System Management Mode-based rootkit she built with colleague and co-founder Shawn Embleton, could be used to subvert and compromise computer networks

 
 
 
Joe Stewart
With expertise in tracking malware and botnets used by cyber-criminals for financial gain, Stewart is often the first to identify dangerous new code specimens and how they work, such as the elusive Clampi Trojan and how the SoBig worm was sending spam. It all gives him an unpleasantly close look at East European and Chinese cyber-gang activity.
 
 
 
Christopher Tarnovsky
Like a surgeon re-tooling a pulsing heart, Tarnovsky makes use of specialized tools in his lab to bypass supposedly tamper-resistant hardware circuitry in semiconductors to gain root control to tap into data. As described in a Black Hat session, he did this recently with the Infineon processor with the Trusted Platform Module used in PCs, smart cards and even Microsoft’s Xbox. Others aren’t likely to duplicate his feats. Or are they?
 
 
 
Dino Dia Zovi
Co-author of the “Mac Hacker’s Handbook” and “The Art of Software Security Testing,” Zovi discovered and exploited a multi-platform security vulnerability in Apple’s QuickTime for Java in one night in order to hack a fully patched MacBook Pro to win the first Pwn2Own competition. He also was the first to publicly demonstrate VM hyperjacking using Intel VT-x in a live demo at Black Hat 2006. He says he can’t discuss “the hardest things” he ever hacked since that gets into non-disclosure agreement territory.
 
 
So now you know some big guns in the field of security!! Try to know what have they done in details, it will be very informative and interesting and think how would they have done?
 
 

All of us working in IT, for us the word “BUG” is very common. That to being a test engineers we are very familiar with bug 🙂 & its severity / priority.

For Developers some time it will be night mare, but we enjoy.

 

Here i am going to tell you the word BUG came to IT world….!!!!!!!!!!!!!!

 

software bug is the common term used to describe an error, flaw, mistake, failure, or fault in a computer program or system that produces an incorrect or unexpected result, or causes it to behave in unintended ways. Most bugs arise from mistakes and errors made by people in either a program’s source code or its design, and a few are caused by compilers producing incorrect code. A program that contains a large number of bugs, and/or bugs that seriously interfere with its functionality, is said to be buggy. Reports detailing bugs in a program are commonly known as bug reports, fault reports, problem reports, trouble reports, change requests, and so forth.

 

Here is the first bug photo……

 

The First “Computer Bug” Moth found trapped between points at Relay # 70, Panel F, of the Mark II Aiken Relay Calculator while it was being tested at Harvard University, 9 September 1947.

The operators affixed the moth to the computer log, with the entry: “First actual case of bug being found”.

They put out the word that they had “debugged” the machine, thus introducing the term “debugging a computer program”.

 In 1988, the log, with the moth still taped by the entry, was in the Naval Surface Warfare Center Computer Museum at Dahlgren, Virginia, which erroneously dated it 9 September 1945.

The Smithsonian Institute’s National Museum of American History and other sources have the correct date of 9 September 1947 (Object ID: 1994.0191.01). The Harvard Mark II computer was not complete until the summer of 1947.

 

 

The key is for organizations to treat security vulnerabilities like software defects, aka “bugs.”

Why do these vulnerabilities escape the notice of the highly skilled developers that create the applications and websites that increasingly underpin our global economy? How can we, as security professionals, achieve secure Web development and provide the developers with the tools required to reduce the number and frequency of these types of vulnerabilities? The key is for organizations to treat security vulnerabilities like software defects, aka “bugs.”

The first step in this paradigm shift, and perhaps the hardest one, is to get development managers and security officers to agree that security vulnerabilities should be treated the same way as usability or functionality bugs. Most development managers are focused on functional defects  —  defects that prevent the software from working correctly. The challenge comes in getting them to understand that security vulnerabilities, if exploited, also cause the software to function incorrectly, resulting in not only downtime to fix the defect, but also in financial and/or reputational losses to the organization.

Security vulnerabilities are software defects, and need to be handled exactly the same way. It can be challenging to reach that point of agreement; development managers often don’t understand the potential impact security vulnerabilities have on a business, they don’t know how to identify security vulnerabilities, and they often don’t know how to remediate them even if they could find them.

In order to support developers in overcoming these challenges, security teams can increase Web application security testing during regularly scheduled vulnerability assessments on applications and websites already in production. Web security scanning tools like those offered by IBM or Vercode Inc. can be used for this type of testing. After testing is complete, developers should be charged with creating formal remediation plans for the security “bugs” that are found. By doing this, the developers become familiar with the security testing and remediation cycle.

Once developers are accustomed to the security testing and remediation cycle for software already in production, the next step is to incorporate security testing into the pre-production QA process, again using the same tools used for security assessments. At this point, security bug tickets should start to be opened in the same way other bug tickets are opened, using the same bug-tracking systems the developers already have at their disposal.

As a next step, we can further leverage the software development life cycle (SDLC) model to ensure consistency in the way Web applications are developed and tested. Even smaller businesses that produce software strictly for internal use are establishing rigid SDLCs as a means to reduce bugs. Those same processes can be leveraged effectively to locate security bugs as well. In order to leverage those established SDLC processes, developers will likely need training to use the aforementioned tools to identify security defects. Several vendors offer Web-based platforms that can easily be integrated into an SDLC, and can allow the developers to test their code at the unit level, early in the SDLC. As an added benefit, many such tools can provide remediation advice to developers at the time of detection. Finally, most of these tools can be integrated with the bug-tracking tools that developers already use, closing the loop on treating security vulnerabilities as functional defects.

By redefining security vulnerabilities as functional defects or bugs, and providing Web developers with the tools and processes they need to identify the bugs and remediate them, security stakeholders can make security an integral part of an organization’s SDLC, building security in, rather than bolting it on. And that will lead to websites and Web applications that are not only cheaper, but also more secure.

In its recent Website Security Statistics Report, WhiteHat Securityi found that during 2010, the average website had 230 vulnerabilities that could lead to a breach or loss of data. Other recent studies have shown that roughly 70% to 80% of Web applications contain significant vulnerabilitiesii. And in its Top Ten 2010 report, The Open Web Application Security Project (OWASP) again reported that 10 software risks were responsible for the vast majority of vulnerabilities in website software.

These reports are only the latest in a series stretching back many years, all identifying almost exactly the same problem: Websites and applications are still being published with security vulnerabilities that could be corrected relatively easily. Unfortunately, most of these security vulnerabilities are being found only after the applications and websites are published. A hoary old cliché about security is it’s easier (and cheaper) to build security in, rather than trying to bolt it on afterwards, through remediation.