सूचना प्रविधीको अध्ययनका लागि जान्नैपर्ने केही कुराहरू

–       चन्द्रविलास भूर्तेल (srijucb@gmail.com)

मेरो अनुभवमा नेपालमा स्नातक तहको अध्ययनका लागि नेपालका विश्वविद्यालयहरुले बिभिन्न नामका सूचना प्रविधीका पाठ्यक्रमहरु उपलब्ध गराइरहेका छन् । जस्तैः बि.सि.ए., बि.आई.टी., बि.आई.एम., बि.एस्सी. कम्प्युटर साइन्स, बि.एस्सी. कम्प्युटर साइन्स एण्ड आई.टी., बि.सि.आई.एस., बि.ई. कम्प्युटर, बि.ई. आई.टी., बि.ई. सफ्टवेयर ईन्जिनियरिङ्ग आदी ।

सूचना प्रविधीको क्षेत्रमा कुन विश्वविद्यालय, कुन पाठ्यक्रम भन्नुभन्दा सिपको मुल्याङ्कन बढी हुने हुँदा आफूले गर्न चाहेको के हो र आफ्नो उद्देश्य के हो भन्ने कुरामा सचेत हुनु जरुरी छ । आफ्नो उद्देश्य पुर्तीका लागि हामीले रोजेको कोर्समा उपयुक्त पाठ्यक्रम उपलब्ध छ छैन भन्ने कुरामा विश्वस्त हुनु जरुरी छ । पाठ्यक्रममा बिषयका नाम उस्तै देखिए पनि त्यसमा प्रयोगात्मक भार कति छ र त्यसको बिषयगत गहिराई कति छ र पाठ्यक्रम योजनाबद्ध छ कि छैन भन्ने हेर्नु पनि जरुरी छ । कुन पाठ्यक्रमले हामीलाई कस्तो पेशामा प्रवेश गराउँछ र उक्त पेशामा त्यसले पछिसम्म पार्ने प्रभाव के हो भन्ने पनि बुझ्नु जरुरी छ । दश जोड दुईमा कम्प्युटर विज्ञान पढ्दैमा हामीले सूचना प्रविधीको अध्ययन गर्न पाउँछौ भन्ने सुनुश्चितता गर्न सकिदैंन । देश वा विदेशमा उपलब्ध केहि शैक्षिक कार्यक्रमका लागि दश जोड दुईमा विज्ञान विषय लिएर पढेकै हुनुपर्ने वाध्यता छ । तर नेपालमा हामीले जुनसुकै संकायबाट दश जोड दुई वा समकक्षी योग्यता हासिल गरेका विद्यार्थीहरुले बि.सि.ए. कार्यक्रममा भर्ना भई सूचना प्रविधीको अध्ययन गर्न पाउने व्यवस्था छ । कम्प्युटर विज्ञानलाई पूर्णरुपमा सूचना प्रविधीसँग जोडेर हेर्न मिल्दैन भन्ने तथ्यलाई पनि मध्यनजर गर्नुपर्दछ ।

सिधै कलेजमा पुगेर त्यहाँ उपलब्ध भएका कार्यक्रमहरुका बारेमा बुझ्नुभन्दा पहिले अन्य माध्यमद्वारा त्यस सम्बन्धमा जानकारी लिई आफूलाई उचित लागेको र वैधता कायम भएको कार्यक्रममा भर्ना भई अध्ययन गर्नु राम्रो हुन्छ । कलेजका विषयमा त्यस कलेजले प्रदान गर्ने सुविधा, उपलब्ध विज्ञ/शिक्षक/प्राध्यापकहरु, कलेजबाट दिक्षित हुँदै गरेका विद्यार्थीहरुले हासिल गरेका उपलब्धीहरु, त्यस कलेजमा उपलब्ध प्रयोगशाला, श्रोत र साधनहरु लगायत त्यस कलेजको अन्तराष्ट्रिय मुल्य तथा मान्यताको विषयमा पनि हेर्नुपर्ने हुन्छ । साथमा आफूले पढ्न चाहेको विषयको क्रेडिट  र त्यसको अन्तराष्ट्रिय समकक्षताको बारेमा के व्यवस्था छ भन्ने पनि हेर्नुपर्दछ । उक्त विषयको प्रयोगात्मक भार र विषयगत उपयोगिता तथा प्रायः अन्तिम सेमेष्टरमा पढाई हुने ऐच्छिक विषयको उपलब्धताको बारेमा पनि उत्तिकै जानकार हुनुपर्दछ ।

यदि तपाईंलाई सूचना प्रविधीको क्षेत्रमा वेब तथा कम्प्युटर प्रोग्रामर, नेटवर्क विषेषज्ञ, डाटावेश विषेषज्ञ, सिस्टम अनालिष्ट, सफ्टवेयर टेष्टर, नेटवर्क सेक्युरिटी विषेषज्ञ, सफ्टवेयर डिजाइनर, नेटवर्क व्यवस्थापक, सूचना प्रविधी विश्लेषण सम्बन्धि क्षेत्रमा आफ्नो भविष्य निर्धारण गर्ने लक्ष्य छ भने निश्चयनै बि.सि.ए. को पाठ्यक्रम उपयुक्त हुन्छ । तपाईंलाई थप रुपमा आर्टिफिसियल ईन्टेलिजेन्स, ईमेज प्रोसेसिङ, रोबोटिक्स, डाटा कम्युनिकेसन, डाटा माइनिङ आदि क्षेत्रमा अवसर चाहनुहुन्छ भने पनि बि.सि.ए. को पाठ्यक्रम उचित हुनसक्छ । उल्लेखित बाहेक सूचना प्रविधीमा अन्य धेरै क्षेत्रहरू छन्, जसको सहज उपयोग तथा पहुँचका लागि तपाईंलाई बि.सि.ए.का पाठ्यक्रमले सुनौला ढोका उघारिदिनेछन् । आज विश्व सूचना प्रविधीको विश्लेषण गर्ने हो भने बि.सि.ए. पाठ्यक्रम पढेका विद्यार्थीहरुको नेपाल लगायत भारत तथा विश्वका अन्य मुलुकहरुमा उच्च माग हुनुले यसको पुष्टी पनि गर्दछ ।

त्रिभुवन विश्वविद्यालयद्वारा सञ्चालित बि.सि.ए. यस्तो पाठ्यक्रम हो, जुन समय-सापेक्ष किसिमले बजारको नयाँ आवश्यकतालाई पूर्ति गर्ने हिसाबले सिघ्र परिमार्जित भइरहन्छ। विश्व बजारको बढ्दो मागलाई ध्यानमा राखेर बि.सि.ए. कार्यक्रमलाई सेमेष्टर प्रणालीमा आधारित चार वर्षे बनाईएको छ भने, बि.सि.ए.को पाठ्यक्रममा हरेक सेमेष्टरमा अनिवार्य प्रयोगात्मक कक्षाको व्यवस्था गरिएकोले पठन-पाठनका क्रममा पढिएको विषयको वास्तविक जिवनमा उपादेयता के हो भनेर बुझाउने गर्दछ । सो बाहेक पनि विद्यार्थीको लागि आवश्यक सेमेष्टर प्रोजेक्ट पनि समावेश गरिएको यो कार्यक्रममा प्रविधिको उचित प्रयोग गरि आफ्नो कौशल देखाउनुपर्ने हुन्छ जसले गर्दा हाम्रो सफ्टवेयर बनाउने क्षमता, त्यसको डकुमेन्टेसन (रिपोर्ट) र प्रेजेन्टेसनले गर्दा धेरै हदसम्म विद्यार्थीको क्षमता अभिवृद्धी गर्दछ । ईन्टर्नसीपमा तपाईंले जुन संस्थामा ईन्टर्न गरिरहुनुभएको छ उसले प्रयोग गर्ने प्रविधि र संस्थागत आचरण लगायत परियोजनामा संलग्न बिभिन्न व्यक्तिहरुले सामुहिक रुपमा कसरी काम गर्दछन् भन्ने ज्ञान प्राप्त हुन्छ । करिब १२० घण्टा क्रेडिटको भार पढ्नुपर्ने यी दुवै कोर्समा पहिलो दुई सेमेष्टरमा सूचना प्रविधीको सुरुवाती तथा अनिवार्य ज्ञान दिईन्छ भने तेस्रो सेमेष्टरदेखि सूचना प्रविधीको भित्री अत्यावश्यक ज्ञानको पठनपाठन हुन्छ । अन्तिम दुई सेमेष्टरमा ऐच्छिक विषय (विशेषज्ञता)को पनि व्यवस्था गरिएको हुनाले पनि देश तथा विदेशमा प्राध्यापक तथा अनुसन्धान केन्द्रहरुले बि.सि.ए. अध्ययन गरेका बिद्यार्थीहरुलाई विशेष प्राथमिकता दिनुले पनि पुष्टी गर्दछ ।

बजारमा हाल उच्च माग देखिएको मोबाईल टेक्नोलोजी (आई.ओ.एस. तथा एण्ड्रोइड मोबाईल एप्लिकेशन) डेभलपमेन्ट पनि समेटी सकेको बि.सि.ए. कोर्स बजार प्रतिस्पर्धि छ भन्ने कुरा बिभिन्न बिश्लेषणहरुले देखाइसकेका छन् ।

यदि तपाईंले बि.सि.ए. पढ्ने मानसिकता बनाइसक्नुभएको छ भने अब तपाईंले पढ्न चाहेको कलेजसँग उपर्युक्त पुस्तकालय, कम्प्युटर ल्याब, दक्ष अध्यापक तथा अन्य भौतिक पूर्वाधार छन् कि छैनन् भन्ने बुझ्नु अति जरुरी छ । कलेजको बजारमा सामाजिक सम्बन्ध तथा भइरहेका सूचना प्रविधी सम्बन्धि प्रतियोगिता, सेमिनार, वर्कसप तथा अन्य कार्यक्रममा रहने सहभागिताको पनि ठूलो अर्थ रहन्छ । देखावटी सजावटमा भन्दा सुविधामा केन्द्रित हुनपर्ने मानसिकता बनाई कुनै कलेजले कतिवटा पुस्तक दिन्छ र उसको पुस्तकालयमा कतिवटा पुस्तक छ भन्नुभन्दा पाठ्यक्रमले निर्धारण गरेका र आवश्यक पाठ्यपुस्तक छ वा छैन हेर्नुपर्दछ । कोर्स भन्दा पछाडी आवश्यक पर्ने अतिरिक्त ज्ञान उपलब्ध गराउन सक्ने पुस्तकको उपलब्धता पनि हेर्नुपर्दछ ।

धन्यवाद् ।

(लेखक कम्प्युटर एसोसियशन नेपाल महासंघ (CAN Federation) का सह कोषाध्यक्ष हुनुहुन्छ भने तथा सूचना प्रविधी समाज (ITS) नेपाल का पूर्व अध्यक्ष रहिसक्नुभएको छ ।)

BEST 10 WEBSITE THAT EVERY PROFESSIONAL HACKER USE

🌀Dnsdumpster :- dns recon & research , find & lookup dns records

🌀Verify email address :- Verify email address online using free email verification tool.

🌀ZOOMEY :- find iot device and bugs in android WordPress PHPMyAdmin and much more

🌀Search CVE List :- Common Vulnerabilities and Exposures (CVE®) is a list of entries — each containing an identification number, a description, and at least one public reference — for publicly known cybersecurity vulnerabilities.

🌀NATIONAL VULNERABILITY DATABASE :- NVD is the U.S. government repository of standards-based vulnerability management data represented using the Security Content Automation Protocol (SCAP). This data enables the automation of vulnerability management, security measurement, and compliance. NVD includes databases of security checklists, security-related software flaws, misconfigurations, product names, and impact metrics

🌀GREYNOISE :- GreyNoise Intelligence is a cyber security company that collects, labels, and analyzes Internet-wide scan and attack data.

🌀SEEBUG 1 :- You can find bugs here

🌀SHODAN :- Shodan is the world’s first search engine for Internet-connected devices. … Use Shodan to discover which of your devices are connected to the Internet,

🌀Website Vulnerability Scanner :- The Web Vulnerability Scanner finds website vulnerabilities like SQLi, XSS, server misconfiguration and many more. Use our Website Scanner to check your web security.

🌀Hack This Site :- HackThisSite! is a legal and safe network security resource where users test their hacking skills on various challenges and learn about hacking and network security. Also provided are articles, comprehensive and active forums, and guides and tutorials. Learn how to hack!“

Hacking Basics

🔰What is Hacking🔰

In the cyber security world, the person who is able to find the weakness of the system and exploit it for his reason(Good or bad) is referred to as a hacker and the process is called hacking.

Hacking is not just about hacking someones facebook account or hacking games, that’s still a part of hacking but it’s just a micron of the whole thing… So keep this I mind before we get hacking.

🔰Types of Hackers🔰

🌀 1. Script Kiddie🌀

are the hackers who copy other people’s work and use their software, not hacking themselves.

🌀 2. White hat hackers🌀

are hackers who hack into systems for good proposes and are hackers who work for companies to protect their websites or systems from hackers.

🌀 3. Black hat hackers🌀

are hackers who hack systems and websites for malicious reasons.

🌀 4. Grey hat hackers🌀

are hackers who neither hack for good or bad purposes, they stay neutral, but can become either at any time.

🌀 5. Hacktivists🌀

are hackers who use their hacking skills to protest,
Well know you know the types of hackers, now you choose your path.

🗃 What Is Identity Theft? 🗳

Identity theft is a two-step process. First, someone steals your personal information.

Second, the thief uses that information to impersonate you and commit fraud.

Of course, stealing your personal information isn’t the worst of the crime; it’s the second part of this process that does the most harm , using your information to commit credit card fraud, mortgage and utilities scams; and leave you with emptied bank accounts.

Most Common Types of Online Scams

🔥 Phishing 🔥

The top online scam today is Phishing. Internet thieves prey on unsuspecting users by sending out phishing emails. In these emails, a cybercriminal tries to trick you into believing you are logging into a trusted website that you normally do business with. This could be a bank, your social media account, an online shopping website, shipping companies, cloud storage companies and more.

Another type of popular phishing scam is the Nigerian Prince, or 419 scam. These are phishing emails in which you’re asked to help bring large sums of money into the country, cash phony money orders or wire money to the thief. The trick is that the scammer first asks you for a small fee because the larger sum of money is “tied up” whether it be in wire transfer fees, processing fees or some other tall tale.

🔥 Fake AV 🔥

One close to our industry is fake security software, which is also known as scareware. These start with a pop up warning saying that you have a virus. Then the popup leads the user to believe that if they click on the link, the infection will get cleaned up.Cybercriminals use the promise of “Free Anti-Virus” to instead implant malware on a victim’s device.

🔥 Social Media Scams 🔥

Social media scams are a variety of posts you will see in your news feeds- all with the goal of getting you to click on a link that could potentially be hosting malware.

🔥 Mobile Scams 🔥

Mobile scams can come in many forms, but the most common are phishing apps. These apps are designed to look like the real thing, just like phishing emails. It is exactly the same premise, however, instead of emails, the malware is passed through a fake app.

🔥 Social Engineering Scams 🔥

Social engineering is a way that cybercriminals use human-to-human interaction in order to get the user to divulge sensitive information. Since social engineering is based on human nature and emotional reactions, there are many ways that attackers can try to trick you- online and offline.

🗃 Cyber Safety for Kids 🗳

The online world is becoming every child’s favorite playground. With more children accessing the Internet with different devices, they are learning and growing more each day. When used appropriately the cyber world can be your child’s portal to achieve great things.

While every parent wants their child to have access to the latest and best information, they also know that safety is paramount.

🔰 How can parents help their child? 🔰

Learning is not limited to children alone. It is important for parents to know what is out there. With the launch of new apps and social media sites, children are exposed to new things – things with the potential to make or break them.

As a parent, it is best to stay fortified with all the information there is know about emerging threats, the latest school yard jargon and ways to deal with issues that emerge as a result of cyber behavior.

Learn About Worms

It is an type of virus only which affects drastically.

So without wasting any time let’s dive in it.❤️

🔶 What Is A Computer Worm? 🔶

A computer worm is a type of malware that spreads copies of itself from computer to computer.

A worm can replicate itself without any human interaction, and it does not need to attach itself to a software program in order to cause damage.

🌀 How Do Computer Worms Work? 🌀

Worms can be transmitted via software vulnerabilities.

Or computer worms could arrive as attachments in spam emails or instant messages (IMs).

Once opened, these files could provide a link to a malicious website or automatically download the computer worm. Once it’s installed, the worm silently goes to work and infects the machine without the user’s knowledge.

Worms can modify and delete files, and they can even inject additional malicious software onto a computer.

Sometimes a computer worm’s purpose is only to make copies of itself over and over — depleting system resources, such as hard drive space or bandwidth, by overloading a shared network.

In addition to wreaking havoc on a computer’s resources, worms can also steal data, install a backdoor, and allow a hacker to gain control over a computer and its system settings.

🔥 Stuxnet: The Most Famous Computer Worm 🔥

In July 2010, the first computer worm used as a cyber weapon was discovered by two security researchers after a long string of incidents in Iran.

Dubbed “Stuxnet,” this worm appeared to be much more complex than the worms researchers were used to seeing.

This attracted the interest of high-profile security specialists around the world, including Liam O’Murchu and Eric Chien of the Security Technology and Response (STAR) team at Symantec.

Their extensive research led them to conclude that the worm was being used to attack an Iranian power plant, with the ultimate goal of sabotaging nuclear weapon production.

Although the attack ultimately failed, this computer worm is still active on the threat landscape today.

🔰 How To Tell If Your Computer Has A Worm? 🔰

If you suspect your devices are infected with a computer worm, run a virus scan immediately. Even if the scan comes up negative, continue to be proactive by following these steps.

  1. Keep an eye on your hard drive space. When worms repeatedly replicate themselves, they start to use up the free space on your computer.
  2. Monitor speed and performance. Has your computer seemed a little sluggish lately? Are some of your programs crashing or not running properly? That could be a red flag that a worm is eating up your processing power.
  3. Be on the lookout for missing or new files. One function of a computer worm is to delete and replace files on a computer.