Wind Energy The Use of Wind Turbines

With the approaching vitality emergency, humanity looked for the ideal arrangement that will take care of the issue of overdependence on non-renewable energy source. There is no compelling reason to expand the way that oil based goods got from petroleum derivative is over the top expensive and simultaneously make poisonous vapor that dirty the earth. However, the most squeezing concern is the acknowledgment that some time or another petroleum derivative will be drained. Therefore various elective vitality arrangements were made and used by various nations everywhere throughout the world.Advertising We will compose a custom research paper test on Wind Energy: The Use of Wind Turbines explicitly for you for just $16.05 $11/page Learn More One of the most encouraging is wind vitality, explicitly the utilization of wind turbines to create perfect and sustainable power source. One can simply envision the capability of wind vitality. It is essentially limitless in light of the fact that it is by all accounts accessible all the time. Thus wind turbines are being introduced from California to Sweden and even in Asia. However, don't be deluded in light of the fact that breeze vitality isn't as useful answer for the vitality issue of this nation. Foundation In the logical upheaval that cleared current history, humankind found the utilization of non-renewable energy source. He had the option to outfit the fuel starting from the earliest stage used it with cost-proficient techniques for extraction, conveyance, and application. As an outcome of effective use of logical information, humanity had the option to encounter progress at no other time known since the historical backdrop of the world. Urban areas were made for all intents and purposes for the time being as production lines were worked around train stations that convey individuals and crude materials required by assembling offices. Towns and rural areas were built up to suit the quantity of laborers that moved from t he provincial territories to the urban communities. They are pulled in to stable pay rates rather than unusual nature of homestead work. As urban communities extend the answer for the issue of versatility was the vehicle that empower laborers to live outside the city and drive to and fro to work. Transportation costs incorporate the estimation of the vehicle as well as the fuel expected to ship individuals and merchandise. Houses require in excess of a kitchen, room and lounge area. The advanced home expects power to control the various devices it contains. It didn't take well before industrialized nations like the United States expected to import oil based goods from oil creating nations like those that can be found in the Middle East. At some point, everybody understood that they can no longer manage the cost of the expense of fuel. Be that as it may, the most hazardous issue is the possibility that some time or another there will be no non-renewable energy source to control vehic les, homes and electronic devices that 21st century individuals can't live without (Satterlee 1).Advertising Looking for investigate paper on natural examinations? How about we check whether we can support you! Get your first paper with 15% OFF Learn More Wind Energy Aside from being costly and the lack of quality of gracefully, there is another tricky part of consuming petroleum product and it is the natural effect that debases the earth and human life. In this way, it isn't sufficient to find another wellspring of vitality. The following significant issue is to discover one that is modest and inexhaustible. In such manner, wind power fits all the prerequisites referenced before. Another elective wellspring of vitality that is spotless and boundless is wind power. Obviously superior to sun based force, wind power requires almost no logical expertise to construct and use. The logical premise of wind turbines is that it utilizes turbines simply loved those that can be found in planes . As the breeze blows it turns the breeze turbine. The breeze turbine is associated with a pole. The ceaseless development of the system inside the pole empowers a close by electric generator to deliver power. From the outset, wind vitality is by all accounts the ideal arrangement since it doe not require any type of non-renewable energy source to work (Walsh 1). In any case, there are issues that must not be disregarded. The principal issue is that breeze is flighty. A non-logical perception of wind and breeze may lead an individual to presume that a breeze or a whirlwind wind is by all accounts a standard event in a moderately breezy zone. Yet, as a general rule there are times when there is no wind to drive the turbines (Burton Jenkins 15). The individuals who introduced wind turbines to create the vitality necessity of a solitary home may not feel the strain to continually convey vitality from the source to the client. In any case, the individuals who introduced wind turbines so as to help a mechanical zone may feel baffled on account of their failure to create power for their customers. Another risky part of wind vitality is the size of the breeze turbines. The tremendous size of some business wind turbines made issues for the individuals who needed to safeguard the common excellence of their condition. When a breeze turbine has been set up in a given region it is basic to fabricate others since its vitality limit isn't sufficient to satisfy the needs of many family units (European Wind Energy Association 24). Another genuine blemish of wind vitality is in its ability to create vitality. It was found that â€Å"the introduced wind turbine creating limit was low to such an extent that its yield was seen as by power transmission administrators as negative burden that provided vitality however had no impact in supporting the activity of the force framework and keeping up its stability.Advertising We will compose a custom research paper test on Wind Energy: The Use of Wind Turbines explicitly for you for just $16.05 $11/page Learn More Those who bolster the utilization of wind vitality might be astonished to discover that a solitary colossal estimated windmill can just deliver a 1 MW of power (Gallman 10). Then again the normal estimated power plant that sudden spikes in demand for petroleum derivative can create at any rate 200 MW of vitality (Gallman 15). On the off chance that one will consolidate this data along with the acknowledgment that there is a need to fabricate more wind turbines on account of the restricted yield limit of every unit, at that point, there is a need to manufacture wind ranches. It can thusly be contended that now and again it is not, at this point handy to develop wind ranches. Consider for example the arrangement to create 22% of the nation’s vitality needs through wind ranches. The underlying count uncovered that at one MW of vitality for every section of land every year, it will require 14, 000 squ are miles of wind ranch so as to hit that target (Gallman 14). Another serious issue of wind turbines is the manner in which their size and structure are seen by the individuals from the nearby network. One needs to remember that the breezy zones are likewise puts that are on slopes and close to the shore. In any town or city, the most wonderful territories are those close to beachfront property and moving slopes. Consequently, one can envision the aggravation by the individuals who would no like to demolish the magnificence of the normal scene. ï‚ § A potential answer for this issue is to create bigger turbines that are progressively productive in the age of intensity. It is just through the structure of greater turbines that one can for all intents and purposes profit by wind vitality source. The main issue is that it is progressively costly to assemble huge breeze turbines. Consider for example a normal, mechanical kind of turbine can arrive at the tallness of 258 feet over th e water and rotor measurement can arrive at in excess of 365 feet (Gallman 12). In view of these figures one can have a general thought of how costly a breeze turbine can be from the creation of the turbine, to shipment and afterward establishment. By and large wind turbines are introduced in the water similarly that oil rigs are developed above water. This sort of activity isn't just confused yet over the top expensive. Another issue is the materials expected to fabricate a breeze turbine. In the event that the majority of the areas are close to the shore, at that point it will require turbines that are impervious to the components as well as to the destructive intensity of saltwater. End from the get go it appears that breeze vitality is the best answer for the looming vitality emergency that will before long influence the entire world. The decreasing flexibly of petroleum derivative forces countries and governments to discover elective wellsprings of energy.Advertising Searching for inquire about paper on ecological examinations? How about we check whether we can support you! Get your first paper with 15% OFF Find out More Wind vitality offers an endless gracefully of vitality that doesn't likewise contaminate nature. However, upon closer assessment it was found that it is illogical to fabricate wind ranches. The issue is the absence of room; the requirement for costly materials; expensive establishment; and exorbitant support of the equivalent. Works Cited Burton, Tony and Nick Jenkins. Wind Energy Handbook. New Jersey: John Wiley Sons, 2011. Print. European Wind Energy Association. Wind Energy. VA: Earthscan Publishers, 2009. Print. Gallman, Philip. Green Alternative and National Energy Strategy. NC: The Johns Hopkins University Press, 2011. Print. Satterlee, Robert. Wind Energy an Impractical Solution. 26 Dec. 2010. Web. http://www.wind-watch.org/news/2010/12/26/wind-vitality an-unreasonable arrangement/. Walsh, Bryan. â€Å"Carbon Capture Isn’t Dangerous.† Time Magazineâ 13 Sept. 2011:12. Print. http://science.time.com/2011/09/13/carbon-catch isnt-perilous however is-it-justified, despite all the trouble/. This examination paper on Wind Energy: The Use of Wind Turbines was composed and put together by client Kade Warren to help you with your own investigations. You are allowed to utilize it for research and reference purposes so as to compose your own paper; notwithstanding, you should refer to it as needs be. You can give your paper here.

Teenage Drama Shows Essay -- Communication, Media, MTV

Adolescents are a noteworthy fragment of the American populace. Nonetheless, adolescent dramatization shows didn't make a critical development until the 1990’s. Before the 90’s, there were a bunch of shows that had youths as supporting or fundamental characters however the shows were not outfitted towards a youngster crowd. Never Too Young was one of the first alleged â€Å"teen drama† shows that debuted in 1965 and publicized for a solitary season. The show had drama components and chronicled the lives of adolescents. Youngster shows instead of teenager circumstance comedies have drama components to them. Some youngster shows can be comprehended according to the long-running sequential structure in their accentuation on reiteration and deferral of goals, and in this regard, are near drama in account association (Moseley 54). A school setting or home is the place numerous adolescent shows occur. Like dramas, youngster dramatizations likewise base on spot, charact er, and connections, and passionate show is frequently elevated using close-up and (by and large sentimental pop) scoring (Moseley 54). High schooler dramatization is equipped towards a juvenile crowd, in this manner scenes address adolescent issues: sex, drugs, self - regard, love, and school brutality. The fleeting adolescent show, My So Called Life managed these issues yet because of low appraisals was dropped. My So Called Life was a sensible and dynamic show that ought not have been ended unexpectedly. One of the first teenager shows, Degrassi Junior High and later Degrassi High, turned out to be extremely well known in both Canada and the US while airing on PBS in the late 80s and mid 90s (Silverblatt 21).Several years after Degrassi's debut, Darren Star made Beverly Hills, 90210 of every 1990, alongside popular maker Aar... ...MSCL. It was not excessively emotional however not excessively counterfeit in its portrayal of young people and their folks. There were relatively few shows of its sort in the mid 1990’s and there are as yet very few teenager dramatizations of its sort today. All in all, there are relatively few high schooler shows period. A considerable lot of the youngster shows are sitcoms or circumstance comedies. The couple of adolescent shows on TV incorporate Gossip Girl, Vampire Diaries, and The Secret Life of the American Teenager. Out of these three shows, just The Secret Life of the American Teenager has any expansive authenticity to it. Tattle Girl features the life of well off young people and Vampire Diaries is a dream appear. My So Called Life had a decent equalization of tending to genuine themes like homosexuality, inappropriate behavior, parental contending, and medication use in a reasonable style. MSCL caught the nervousness of youngster existence without getting excessi vely optimistic. Young Drama Shows Essay - Communication, Media, MTV Youngsters are a critical section of the American populace. Be that as it may, young dramatization shows didn't make a critical development until the 1990’s. Before the 90’s, there were a bunch of shows that had young people as supporting or primary characters yet the shows were not outfitted towards a high schooler crowd. Never Too Young was one of the first supposed â€Å"teen drama† shows that debuted in 1965 and circulated for a solitary season. The show had drama components and chronicled the lives of youngsters. Youngster shows instead of high schooler circumstance comedies have drama components to them. Some high schooler dramatizations can be comprehended comparable to the long-running sequential structure in their accentuation on redundancy and deferral of goals, and in this regard, are near drama in account association (Moseley 54). A school setting or home living arrangement is the place numerous adolescent shows occur. Like dramas, youngster dramatiza tions additionally revolve around spot, character, and connections, and enthusiastic show is frequently uplifted using close-up and (for the most part sentimental pop) scoring (Moseley 54). High schooler dramatization is equipped towards a juvenile crowd, in this way scenes address adolescent issues: sex, drugs, self - regard, love, and school viciousness. The brief high schooler show, My So Called Life managed these issues however because of low evaluations was dropped. My So Called Life was a reasonable and dynamic show that ought not have been ended unexpectedly. One of the first teenager shows, Degrassi Junior High and later Degrassi High, turned out to be well known in both Canada and the US while airing on PBS in the late 80s and mid 90s (Silverblatt 21).Several years after Degrassi's debut, Darren Star made Beverly Hills, 90210 out of 1990, alongside popular maker Aar... ...MSCL. It was not excessively sensational yet not excessively counterfeit in its delineation of youngsters and their folks. There were relatively few shows of its sort in the mid 1990’s and there are as yet very few youngster dramatizations of its sort today. By and large, there are relatively few adolescent shows period. A significant number of the youngster shows are sitcoms or circumstance comedies. The couple of high schooler dramatizations on TV incorporate Gossip Girl, Vampire Diaries, and The Secret Life of the American Teenager. Out of these three shows, just The Secret Life of the American Teenager has any wide authenticity to it. Tattle Girl features the life of well off adolescents and Vampire Diaries is a dream appear. My So Called Life had a decent equalization of tending to genuine subjects like homosexuality, inappropriate behavior, parental contending, and medication use in a sensible style. MSCL caught the uneasiness of high schooler existence without gettin g excessively hopeful.

Causes and Spread of infection

Causes and Spread of disease Result 1 †Understand the reasons for contamination 1:1 Identify the contrasts between microscopic organisms, infections, growths and parasites The contrasts between microscopic organisms, infections, growths and parasites are; Growths have cell dividers made up of chitin (found in external skeleton of bugs, shrimps and lobsters †additionally utilized in mending operators). Growths and parasites are multi cell (Ref: www.euchis.org) Infections are not living, they are just made of complex proteins and atomic acids Microorganisms are unicellular smaller scale life forms Parasites and microorganisms are creatures (Microorganisms, growths and parasites are living life forms) (Dundas Welsby 2002, pp99-106) 1:2 Identify basic diseases and contaminations brought about by microbes, infections, organisms and parasites Basic ailments and diseases brought about by microorganisms, infections, organisms and parasites are; Viruses†¦ Chicken pox Shingles Laryngitis Pneumonia Mumps Basic virus Helps Challenging hack Measles Parasites†¦ Intestinal sickness Intestinal Scabies Ringworm Tapeworm Crab mite Fungi†¦ Conjunctivitis Competitors foot Ringworm Thrush Parasitic nail Intertrigo (yeast) Bacteria†¦ Colds Influenza Fevers Meningitis Pneumonia Gastroenteritis Impetigo MRSA Extreme gastrointestinal (brought about by E-coli) Skin inflammation (Brooker Nicol 2003, pp254-255) 1:3 Describe what is implied by â€Å"infection† and â€Å"colonisation† The importance of colonization happens when miniaturized scale living beings possess on a piece of the body for instance, skin yet don’t cause signs and side effects of disease colonized pathogens can possibly make contamination whenever spread an alternate pieces of the body contingent upon the small scale creature colonized pathogens which can be given from individual to individual from contacting objects or not washing hands. This is a significant course of colonization inside the medicinal services offices. Colonization of smaller scale living beings can possess the host by being in or being on, they don’t cause harm or attack the tissue, yet on the off chance that they do attack tissue this can make the individual wiped out, which thusly will transform into a disease. Despite the fact that the host may not give indications of disease, they can at present give it to other people. (Lister Dougherty 2008, pp1112-1113) 1:4 Describe what is implied by â€Å"systemic infection† and â€Å"localised infection† The skins work is to shield the body from irresistible life forms, however when there has been a break in the skin diseases can represent a danger. The importance of restricted disease is a contamination that is constrained to a particular body district. The importance of foundational contamination is the point at which the pathogen is conveyed all through the entire body by the circulation system. Foundational disease: Conjunctiva disease can cause enduring harm if not treated in time Low invulnerable frameworks because of diabetes, kidney disappointment and so on. The old or youngsters may cause inconveniences with contamination because of their age Confined contamination: Growing Redness Temperature changes in contaminated zone 1:5 Identify poor practices that may prompt the spread of contamination Secured on ECA course Training focus Result 2 †Understand the transmission of disease 2:1 Explain the conditions required for the development of miniaturized scale creatures The conditions required for the development of miniaturized scale creatures are supplements for them to recreate. It additionally requires warmth and dampness. They are not noticeable with the unaided eye. The factor that supports the development of small scale life forms is sustenance, oxygen, temperature, PH and dampness. The PH and temperature decides the pace of development. The dampness carry’s nourishments into the cell, and carry’s the waste away from the cell to keep up the substance of cytoplasm (ground substance in where various parts are found). Every single smaller scale living being have a PH at which they can develop. (Brooker Nicol 2003, pp.254-255) 2:2 Explain the manners in which an infective specialist may enter the body An infective specialist may enter the body through the mouth, stomach, digestion tracts. The stomach related tract. It can likewise be through broken skin. Zones of disease: The respiratory framework nose, lungs, windpipe. The stomach related framework †ruined food, unclean hands or articles. The urinary tract urethra, bladder, kidneys. Wounds on the skin †cuts, touches, injury to the skin. There is likewise auxiliary infective operator: Genital †explicitly transmitted, non-sexual PH irregularity (cleansers, showers, creams). Conjunctival †to the eye (dust, infections, microorganisms, contact focal points) The ways that picks up section to the individual is by contaminating the cells: Injury chomp †contaminated creature, human, bug Inherent †unborn child (created through pregnancy. Rubella, chickenpox, herpes, syphilis) 2:3 Identify regular wellsprings of disease The best hotspot for disease is ineffectively chilled, warmed or tainted food. Tainted clothing on a low warmth setting, clinical waste, and polluted hardware, others that might be contaminated. Unclean work surfaces in kitchens. We as a whole come into contact with hands, some fair don’t pay attention to hand cleanliness and will spread the disease further away from home. 2:4 Explain how infective operators can be transmitted to an individual Airborne †inward breath of pathogens (microorganism malady delivering operator, for example, microscopic organisms, infection). The basic cold and influenza spread the disease to someone else, either sniffling into the air, nasal beads; this might be from a nebuliser. Tainted residue particles containing skin scales may cause a respiratory infection. Direct contact †this would be individual to individual contact, for example, grimy hands upon a patient or opposite way around. Sex, chicken pox/shingles (herpes zoster) with the rash and until the last rankle has evaporated. Impetigo (staphylococcus aureus) which fundamentally influences youngsters and safe stifled individuals. Hands †are the principle part of cross-contamination. This can be moved by organisms to other body territories, for instance: hand to face to telephone (collective), to shared PCs, to individual with a handshake. They thusly have now gotten all that you have contacted. In the event that they don’t wash their hands, the pattern of cross contamination will increase such a large number of others. With the rescue vehicle cross tainting can be spread from individual to hardware including directing wheels, radios, entryway handles. Your body’s outline may have a decent protection from microorganisms in your qualities, yet others you treat or contact may not and might make them extremely sick. Backhanded contact †can be spread by fomites †a lifeless thing that gets sullied with irresistible life forms and afterward ship those life forms to someone else. This can incorporate children’s toys, hacking sheets, baby’s nappies, breathing apparatuses, Entonox breathing connectors. They can live for a couple of moments or a couple of hours. Circuitous contact can likewise be spread by slithering or flying creepy crawlies these are instances of vectors these are life forms that transmits pathogens and parasites (individual, bug, creature). Creepy crawly nibbles may cause an assortment of diseases, one being jungle fever. Ingestion †the life forms that contaminate the gastro-intestinal tract are ingested through the mouth by items, for example, the hands, in drink, uncooked food, fecal/oral spread, eating food with unclean hands. Cross tainting is eat food while sharing communual consoles/workstations who might thusly give to others by contracting ailment and the runs and by not following hand washing strategies, this will proceed until the cycle is broken. Vaccinations †there might be an opportunity of a â€Å"needle stick† injury brought about by contaminated needles that may contain Hepatitis B infection, and as the immunization has been put straightforwardly into the circulatory system of the patient, a disease is high. 2:5 Identify the key factors that will make it more probable that contamination will happen The key factors that will make it almost certain that contamination will happen are people powerless to disease; these would incorporate more established individuals with brought invulnerability due down to different ailments or conditions, kids or children. Bargained flow besides to fringe vascular infection. Individuals with diabetes have a danger of creating contaminations if their glucose is lower than ordinary. Urinary catheters or percutaneous endoscopic gastrostomy tubes (PEGS). IV lines whenever kept in excessively long (when a paramedic embeds a needle to oversee drugs, you should take note of the time and date it was embedded and place on the encompassing site of the needle, this keeps clinic staff mindful the period of time it has been in). Poor individual cleanliness can be a factor and open to contaminations. Zones around skin creases because of heftiness, as diseases develop in wet territories, for example, the crotch, stomach and under the bosoms, contaminations can in crease quickly in these regions. Youthful and untimely infants with immature lungs and heart, this is because of the lungs not being completely evolved influencing the oxygen levels in the cells. Disease might be more if the patient or individual is contact with infectious specialists. Referencing utilizing Harvard/RefME Brooker, C. Nicol, M., 2003. Nursing Adults: The Practice of Caring, United Kingdom: Mosby Elsevier Health Science. Dundas, S. Welsby, P., 2002. Basic Hospital Infections Unknown. E. Sheppard, ed., London: Science Press. European Chitin Society, 1996. What is chitin? https://www.google.co.uk/webhp?gws_rd=ssl#q=chitin. Accessible at: http://euchis.org/[Accessed October 26, 2014]. Hateley, P., 2003. Disease Control. In C. Brooker M. Nicol, eds. Nursing Adults: The Practice of Caring. Joined Kingdom: Mosby Elsevier Health Science. Hendry, C., 2011. Capacity of the safe framework. Nursing Standard, 27. Lister, S. Dougherty, L., 2008. The Royal Marsden Hospital Manual of Clinical Nursing Procedures, Student Edition seventh ed., United Kingdom: Wiley-Blackwell (an

‘Of Mice and Men’ by John Steinbeck Essay

‘Of Mice and Men’ is composed by John Steinbeck. The tale is set during the 1930s during the extraordinary despondency in California. The two hero characters, George and Lennie are ranch laborers who have a fantasy of one-day possessing their own farm. They look for some kind of employment in a farm close to Soledad, in the wake of getting away from Weed due to George’s occurrence. They are met by various characters on the homestead that all have a fantasy. To be desolate intends to need companions or friendship and to feel disengaged. The vast majority of the characters are desolate and the main thing that keeps them alive is their fantasies. The absolute loneliest characters they meet are Candy, an elderly person with just one hand, Crooks, a dark handicapped person and Curley’s Wife, a lady who has no personality, she is desolate despite the fact that she is hitched. In spite of the fact that they are all on the farm together, they are forlorn due to wha t their identity is and their history. ‘Of Mice and Men’ is an enthusiastic story with a wide range of topics and characters. Steinbeck presents Curley’s spouse as the main ladies in the farm and in light of the fact that she doesn’t have a name it shows that she isn't significant and she is someone’s having a place. The first occasion when you find out about Curley’s spouse is when candy portrays her to George. Candy utilizes articulation, for example, â€Å"she got the eye† and proceeds to portray her as taking a gander at other man in view of this they consider her a â€Å"tart†. Through Candy’s words, we could build up an underlying impression of Curley’s spouse as Flirty and even indiscriminate. This controls us by driving us into having a negative perspective on her. Her first appearance in the Novel spotlights on her appearance. The manner in which she acts, the manner in which she looks and the manner in which she talks with others. The primary sentence about her was â€Å"the square shape of daylight in the entryway cut off† this shows how she remains there to get consideration and get saw by the farmers. This make us think as a peruser in other manner she remained in that specific spot since she realizes that they will take a gander at her. Her physical appearance of â€Å"full†, â€Å"rough lips† and â€Å"wide-divided eyes†,† Heavily made up† and â€Å"her fingernails were red† this shows how observe got the characteristic shape on an entertainer. The â€Å"heavily made up† this shows she need to make herself look alluring so the farmers will take a gander at her and feel love in her. The shading â€Å"red† shows that it’s an image of threat and on the opposite side the thick brilliant hues stands apart from different things so this can cause herself to get saw by others that is all she needed. George appears to trust Candy he says to Lennie â€Å"don’t you even investigate that bitch† this shows the sentiments that George got towards Curley’s spouse. She is desolate â€Å"stands there looking in† which demonstrates she nothing to do and on account of her depression she needed to be cherished by others so she acts like she is being a tease. They state she is a â€Å"flirty† yet it is the main way she realizes how to get consideration.

TEDxHultAshridge eventâ€Provoking Change

As disruptive innovators, Provoking Change was a fitting theme for the recent TEDxHultAshridge collaboration held at our  Ashridge Estate Campus just outside London. Over 15 Hult research faculty from our campuses around the world came together to present TEDx talks on their areas of expertise. All of Hults research is primarily focused on tackling two challenges: Transforming Behavior and Creating Disruption. Subjects presented by our experts ranged from the importance of sleep, modern slavery in the supply chain, to philosophy and Artificial Intelligence. View the  TEDx Playlist here  to catch all of the talks from the day. See below five highlights from this inspiring day: How your power silences truth Leaders need their people to have the confidence to speak up and deliver sometimes uncomfortable truths about what is really going on in their organization. But getting others to open up is as much about you as it is about them. In this thought-provoking talk, Dr. Megan Reitz warns of the three traps we all fall into that have the effect of silencing others.  Do you know how scary you really are? Human values and power in a world of Artificial Intelligence AI is already being applied to everything from the environment and elder-care to peace-keeping and psychotherapy. But there is a potential dark side. One of the key issues facing industry today is the inability of robots to use morals or apply human values to their decisions and interactions. Global Professor of Strategy, Innovation, and Economics Dr. Olaf Groth believes we need to bring global stakeholders together to develop a new Magna Carta to drive transparent governance of AI in the digital age. Entrepreneurial success and self-confidence through rejection Professor of Entrepreneurship and former grizzly bear biologist Dr. Ted Ladd explores the role that rejection plays in shaping successful startups. Entrepreneurs who scientifically evaluate their ideas are likely to be significantly more successful than those who rely on instinct alone. And research shows that those who rejected ideas because their hypothesis didn’t stack up had an even higher chance of ultimately achieving success. So why is rejection more important than confirmation when it comes to successful entrepreneurship? Do business schools develop leadership capability? In this provocative talk, behavioral scientist Amanda Nimon Peters suggests that business schools need to rethink the way they develop leadership behaviors in their students. Typical business school programs are geared up to equipping students with knowledge and assessing them on their ability to demonstrate that knowledge. But knowing is not the same as doing, and there is now widespread acknowledgement that academic success is not necessarily a predictor of good performance in the workplace. Dr. Amanda shares insights from a major research study exploring the steps and time frames necessary for students to improve their leadership behaviors. The results are surprising—watch Amandas talk to uncover the three key implications for the way business schools should design their leadership programs. The business of sleep: The wake-up call If all employees slept for 7-9 hours every night for a year, it could save the UK a staggering  £38 billion. In this fascinating talk, Dr. Vicki Culpin highlights the cost to industry of a workforce where staff are under-performing because of the physical and emotional effects of sleep deprivation. She argues that this is a business issue as well as a personal one, and a situation that organizations ignore to their cost. Businesses need to examine their working practices, provide support and information for employees, and employ the same predictive maintenance techniques that are prevalent in manufacturing to the well-being of their people. Participants ended the day buzzing with their own ideas, challenged to think about what steps were needed to transform behavior and create positive disruption within their own organizations. You can watch all of the talks here. If youd like to speak to any of our faculty regarding their talks or subject areas please do  get in touch. To find out more about Hult’s global business programs,  download a brochure here. Step up your game with executive education at Ashridge agile business school. To find out more, take a look at our blog Hult undergrads build their leadership skills: The Ashridge Cohort Experience, or firm up your exec career footing with a Masters in International Business from Hult. Download a brochure or get in touch today to find out how Hult can help you learn everything about the business world, the future, and yourself. Hult Rotation offers you a chance to study in a truly global way. Our rotation program allows you to study and be immersed in some of the finest cities in the world. 📠¸: @jasminmanzano . Hult Rotation offers you a chance to study in a truly global way. Our rotation program allows you to study and be immersed in some of the finest cities in the world. 📠¸: @jasminmanzano . Each year, Hult seeks to enroll a talented and ambitious incoming class from all over the world. We look for diverse students with a wide range of experiences, perspectives, and interests—students who will thrive in our unique educational atmosphere. Are you ready for a truly global experience? 📠¸: @iambrunadiniz . Each year, Hult seeks to enroll a talented and ambitious incoming class from all over the world. We look for diverse students with a wide range of experiences, perspectives, and interests—students who will thrive in our unique educational atmosphere. Are you ready for a truly global experience? 📠¸: @iambrunadiniz . We’re excited to start 2020 on a ranking high! Hult is proud to have been placed #28 in Poets Quants 2020 rankings for Best Undergraduate Business Schools in the US. Taking a huge leap of 32 places from our 2019 position, we’re also very happy to have secured top positions in key categories like: life-changing experience, practicality of the degree, and global immersion. . With five global campuses, a student body of over 130 nationalities, and a learn-by-doing approach—Hult offers a student experience like no other. . We’re excited to start 2020 on a ranking high! Hult is proud to have been placed #28 in Poets Quants 2020 rankings for Best Undergraduate Business Schools in the US. Taking a huge leap of 32 places from our 2019 position, we’re also very happy to have secured top positions in key categories like: life-changing experience, practicality of the degree, and global immersion. . With five global campuses, a student body of over 130 nationalities, and a learn-by-doing approach—Hult offers a student experience like no other. . â€Å"I’m from an engineering background and needed a whole new skill set for the industry I wanted to switch to. I learned a lot about myself and how I deal with being out of my comfort zone. I learned both soft and hard skills, from how to work in very diverse teams to key accounting metrics and strategy. I was surprised by how weak I was at certain tasks in English or how strong I actually was in other areas. Hult gave me opportunities to try new things and meet people from places I never thought I would have friends. . My internship experiences gave me the chance to broaden my view of different cultures and different companies. I had the opportunity to work and live with people whose values differed from people in my home country. I thought that this would be difficult, but it gave me the chance to reflect on my own values and assess if they were a result of my home country environment or if they were intrinsically mine. . Diederick ter Kulve (@diederick.terkulve) Netherlands Masters in International Business . â€Å"I’m from an engineering background and needed a whole new skill set for the industry I wanted to switch to. I learned a lot about myself and how I deal with being out of my comfort zone. I learned both soft and hard skills, from how to work in very diverse teams to key accounting metrics and strategy. I was surprised by how weak I was at certain tasks in English or how strong I actually was in other areas. Hult gave me opportunities to try new things and meet people from places I never thought I would have friends. . My internship experiences gave me the chance to broaden my view of different cultures and different companies. I had the opportunity to work and live with people whose values differed from people in my home country. I thought that this would be difficult, but it gave me the chance to reflect on my own values and assess if they were a result of my home country environment or if they were intrinsically mine. . Diederick ter Kulve (@diederick.terkulve) Netherlands Masters in International Business . Say a big hello to our Bachelor of Business Administration program cover star, Elisa Orus Plana âÅ" ¨ . â€Å"I’m excited for the future—especially that I cant predict whats going to happen. Maybe Ill end up in Mexico working for a trading company or maybe in Africa, developing my own business. Everything is possible, and the options are constantly changing. I love the idea that Im never going to be stuck doing the same job until the end of my life if I dont want it to be like this. . Hult really supports me and my ambitions and truly believes that we deserve to be considered as professionals as well as students. Here, I get to express not just my opinions but all elements of myself. From my creative side with the Fashion Society to my finance and business sides in Trading Club and the Management Consulting Club. We get a different type of learning here. Not just essential knowledge and theory, but practical skills and mindset. The school is always evolving. We’re encouraged to innovate and to always look for new ways of doing traditional things. We learn how to be more confident and become aware of how we can impact our environment. The school aims to help you become a better version of yourself and to stand out from the crowd.â€Å" . Elisa Orus Plana French Bachelor of Business Administration Class of 2021 Say a big hello to our Bachelor of Business Administration program cover star, Elisa Orus Plana âÅ" ¨ . â€Å"I’m excited for the future—especially that I cant predict whats going to happen. Maybe Ill end up in Mexico working for a trading company or maybe in Africa, developing my own business. Everything is possible, and the options are constantly changing. I love the idea that Im never going to be stuck doing the same job until the end of my life if I dont want it to be like this. . Hult really supports me and my ambitions and truly believes that we deserve to be considered as professionals as well as students. Here, I get to express not just my opinions but all elements of myself. From my creative side with the Fashion Society to my finance and business sides in Trading Club and the Management Consulting Club. We get a different type of learning here. Not just essential knowledge and theory, but practical skills and mindset. The school is always evolving. We’re encouraged to innovate and to always look for new ways of doing traditional things. We learn how to be more confident and become aware of how we can impact our environment. The school aims to help you become a better version of yourself and to stand out from the crowd.â€Å" . Elisa Orus Plana French Bachelor of Business Administration Class of 2021"> During the final days of 2019, you probably reflected on what you’ve accomplished this year—and even this decade—and what you’d like to achieve in 2020. Let us know in the comments below. During the final days of 2019, you probably reflected on what you’ve accomplished this year—and even this decade—and what you’d like to achieve in 2020. Let us know in the comments below. â€Å"The first time we did group work on the program, I went head-to-head with a colleague. It taught me a lot about how I see people, how people see me, and how conflict can be resolved in a kind and productive way. The best feedback you get, when delivered constructively, is the most critical because it really feeds into how you lead. I’ve completely reversed my leadership style—the result is so much richer and more powerful when you lead from behind and lead with strength. . Studying in tandem with working, whilst challenging, gave me the perfect platform to directly apply learning concepts into my business environment, the competitive landscape, and the real-estate industry as a whole. When I started the program, I was very happy in my corporate role. But my courage and aspirations grew to the point that I took on a whole new direction. Having my career coach, Joanna, as a sounding board allowed me to really be strategic and get to know myself. She coached me thro ugh all the interviews, the research, and the questions. It went in parallel with what I was doing academically and after six months everything just clicked. . I went into the EMBA knowing I had nothing to lose and I’ve come out with everything. Great strength, global friends, amazing learning, mentors from professors, a job I love, and the knowledge that I can set my mind to achieve anything and with the right support and resources I’ll get there.† . Kashani Wijetunga British, New Zealand Sri Lankan Associate Director Senior Strategy Consultant CBRE EMBA Class of 2019 . â€Å"The first time we did group work on the program, I went head-to-head with a colleague. It taught me a lot about how I see people, how people see me, and how conflict can be resolved in a kind and productive way. The best feedback you get, when delivered constructively, is the most critical because it really feeds into how you lead. I’ve completely reversed my leadership style—the result is so much richer and more powerful when you lead from behind and lead with strength. . Studying in tandem with working, whilst challenging, gave me the perfect platform to directly apply learning concepts into my business environment, the competitive landscape, and the real-estate industry as a whole. When I started the program, I was very happy in my corporate role. But my courage and aspirations grew to the point that I took on a whole new direction. Having my career coach, Joanna, as a sounding board allowed me to really be strategic and get to know myself. She coached me thro ugh all the interviews, the research, and the questions. It went in parallel with what I was doing academically and after six months everything just clicked. . I went into the EMBA knowing I had nothing to lose and I’ve come out with everything. Great strength, global friends, amazing learning, mentors from professors, a job I love, and the knowledge that I can set my mind to achieve anything and with the right support and resources I’ll get there.† . Kashani Wijetunga British, New Zealand Sri Lankan Associate Director Senior Strategy Consultant CBRE EMBA Class of 2019 . â€Å"It was now or never. I knew that I’d have likely stayed in my neighborhood for years to come if I didn’t take this opportunity. I’d not lived or studied outside of the U.S. before. So I left my job as a global strategist at an advertising agency and moved halfway around the world. I’ve come back a more culturally aware, well-versed person. I’ve realized that everything is a learning experience and an opportunity for growth. Ill definitely carry this mindset with me into the future. Technology and social media allow us to be different people in several places at once. Im excited to see how I can establish myself in whatever city Ill be lucky enough to call home and still maintain deep connections with people all over the world. I’m inspired by my classmates every day. Hearing some of their life stories and how getting this degree fits into their greater mission has been very humbling. My biggest challenge has been finding the ‘right’ path for me. There have been rooms Ive felt like I shouldnt be in, but now Im proud to feel as though I truly belong, wherever I am.† . Dwayne Logan, Jnr. American MBA Class of 2019 . â€Å"It was now or never. I knew that I’d have likely stayed in my neighborhood for years to come if I didn’t take this opportunity. I’d not lived or studied outside of the U.S. before. So I left my job as a global strategist at an advertising agency and moved halfway around the world. I’ve come back a more culturally aware, well-versed person. I’ve realized that everything is a learning experience and an opportunity for growth. Ill definitely carry this mindset with me into the future. Technology and social media allow us to be different people in several places at once. Im excited to see how I can establish myself in whatever city Ill be lucky enough to call home and still maintain deep connections with people all over the world. I’m inspired by my classmates every day. Hearing some of their life stories and how getting this degree fits into their greater mission has been very humbling. My biggest challenge has been finding the ‘right’ path for me. There have been rooms Ive felt like I shouldnt be in, but now Im proud to feel as though I truly belong, wherever I am.† . Dwayne Logan, Jnr. American MBA Class of 2019 . Happy New Year, Hultians! . Happy New Year, Hultians! .

The Metaphor of the Cave - Literature Essay Samples

Plato introduces his famous allegory of the cave with the phrase, like this: thus establishing that the passage is structured as a metaphor, and therefore must be read both as a figurative description and a symbolic representation of a concrete state of being (VII:514). He also emphasizes that the reader must imagine, a command that reinforces the allegorical nature of the work the reader enters into the text as both a voyeur and an actual conceptualist of the image being imagined (VII: 514). As the passage goes through its multiple spatial and metaphysical levels of creation, the reader experiences the exact procession of which he is reading about in the work, thus creating a replication of the same education that Plato addresses within The Republic as a whole. This experience also clarifies for the reader the role of the philosopher king and the notion of the kallipolis a construct based around this vision of truth and wisdom with its multifaceted synthesis of many topos within the dialogue. Thus the allegory is not only a self-contained vision of the effects of education on our nature, but a prolonged metaphor whose figurative language both intrinsically and superficially draws upon the greater themes at play within the work as a whole (VII:514).After Platos beginning introduction of the passage as a metaphor, the author goes on togeographically set up the scene for the reader, choosing images that directly reflect their symbolic purpose. The passage works within a pattern of ideological introductions followed by figurative illustrations, an interplay that creates a series of linked revelations that formulate a complete world of allegorical context. The underground, cavelike dwelling, inspires connotations of darkness and suppression within the imagination of the reader, and the detailed spatial layout and human inhabitation only serve to heighten the sense of figurative tension (VII:514). These humans have been there since childhood, fixed in the sa me place, with their necks and legs fettered, thus indicating that they have developed fully within the cave, and know nothing but the small plane of vision, shadows reflected upon the cave, offered to them within their shackles (VII:514).This idea of imprisonment becomes significant as the metaphor continues and the fusion of the figurative with the concrete beings to render itself within the text. Glaucon replies to this scene with, Its a strange image youre describing, and strange prisoners, providing the viewpoint of the reader within the allegory, drawing it once again back to the actual as did the command of imagine at the beginning of the metaphor (VII:515).After the monologue of the set up, the passage returns to the traditional exchange of the dialogue, with the startling statement of theyre like us, drawing the reader into the world of the allegory even more deeply the association between the actual and the allegorical now begins to take form as the dialogue progresses, its structure mimicking the actual mental processes of the function of comprehension (VII:515). Plato follows this association with a series of suppositions, invoking Glaucon to conceptualize and legitimate the vision of the cave as Plato ventures deeper into the metaphor. The reader is then asked to consider what [the prisoners] being released from their bonds and cured of their ignorance would naturally be like if something like this came to pass (VII:515c). The use of ÂÅ'naturally here is extremely significant, because it not only evokes the theme of nature, but in doing so also reveals the deeper topos of justice there is a natural order to a just person that is independent of human decision and passion, an idea of put[ing] himself in ordernot concerned with someones doing his own externally, but with what his inside him, that is an analogous image to the enclosed situation of the cave (IV: 443d). So what happens when one of the prisoners is suddenly compelled to stand up, turn his head, walk, and look up toward the light? (VII:515c). Coming from such a spatially stagnant narrative, this rapid movement both prepares the reader for change and places the forthcoming image in a prism of significance.What follows is the basic figurative illustration of Platos goal of education, his higher truth or Dialectic. The unshackled prisoner goes into the light and sees more correctly, pained and frightened at first, but finally able to study and see in some way the cause of all the things that he used to see (516c). Thus the intellectual voyage of seeing the truth is illustrated in a spatially governed setting, a scene that is almost theatrical in its technical precision and choreography-based imagery. The ensuing struggle of this enlightened human with his ignorant prisoners both echoes and illustrates Platos ideal of the kallipolis with its golden philosophers and silver and bronze populous. The enlightened have to make the ascent and see the good[and ther efore] must go down to live in the common dwelling place of the othersand will see vastly better than the people there. And because [theyve] seen the truth about fine, just, and good things, [theyll] know each image for what it is[and] the city will be governedby people who are awake rather than dreaming (VII:520c-d).Platos constant references to the adjustment of the eyes, the blinding of the sun, and the dimness of the shadows all reflect the dominant metaphor of luminosity. Thus the passage has moved from the spatial to the motional to the visual, indicating the different allegorical stages of his metaphor, and also indicating a metaphysical move from the tangible to the intangible as his allegory and its subject fuse more topically together. Plato even goes so far as to explain the meaning of his whole image, saying it must be fitted together with what [he] said before. The visible realm should be likened to the prison dwelling, and the light of the fire inside it to the pow er of the sun. And if [we] interpret the upward journey and the study of things above as the upward journey of the soul to the intelligible realm, [well] grasp what [he hopes] to convey (VII:517b). Thus Plato both begins and ends his allegory with specific directives, creating a framed vision embedded within an interpretive text that explains as well as draws from its image.Plato continues this metaphor of sight when analyzing this allegory just presented to us within his interpretive text. Education isnt what some people declare it to beputting knowledge into souls that lack it, like putting sight into blind eyes. The power to learn is in everyones soul andthe instrument with which each learns is like an eye that cannot be turned around from darkness to light without turning the whole body. Education takes for granted that the sight is there but that it isnt turned the right way or looking where it ought to look, and it tries to redirect it appropriately (VII:518c-d). This re direction happens when the philosophers go down again to the prisoners in the cave and share their labors and honors, [thus] spread[ing] happiness throughout the city by bringing the citizens into harmony with each other through persuasion or compulsion and by making them share with each other the benefits that each class can confer on the city (VII:519e-520). Plato thus illustrates the major tenets of the work, up to and including the nature of justice and the definition of happiness, with the single dominant metaphor of a ÂÅ'cave in which special, motional, and visual limitations are transcended by the individual and then revealed to the whole.The allegory of the cave culminates a series of allegories in which Plato illustrates his main points within the Republic. This allegory, as the last in the series, is paradoxically almost the easiest to understand the culmination of the education of the reader has allowed him to be enlightened in a more profound way than previously, as he has experienced alongside Glaucon a dramatization of the fundamental process of education. The vision of the cave explains some of the most complex points within Platos work, but does them in such a metaphorical way it is as if we are not being taught, but are enacting the teaching ourselves. This idea of faked involvement, such a noble falsehood, echoes the philosophers noble falsehoods to the populous of the kallipolis, and reveals the narrative structure that guides us throughout the work we are but voyeurs to Platos fabulous constructions.

The Stereotype of Criminally Disposed People in Poverty

For many years, the issue of criminal disposition has been greatly associated with those who reside in poor neighborhoods. Violence may occur within low income or predominant minority communities but much good has come from neighborhoods such as these. Further, this stereotype has generated much controversy: While some believe that all poor neighborhoods are the worst, indeed not all people who come from poor neighborhoods are not criminally disposed. Because of aspiring individuals who are prosperous today; the impact of crime on some poor communities influence the others to strive to improve their community; and not only does crime come from poor neighborhoods but wealthy communities as well. One argument supporting non criminally†¦show more content†¦In addition, another group is the Community Outreach Program; they mainly focus on keeping young adults and children on track and give them other activities to do to keep them off the streets. The program in D.C participates in many positive activities which helps the participants become more involved in school and less involved with negative energy. With programs such as this violence in poor communities are bound to decrease any time soon. In addition to positive leading groups within poor communities, with the accusation that all people that are poor are criminally disposed, many wealthy people as well have done much crime it just was never exposed as greatly as others. Many murders, and gang affiliation has been associated within wealthy communities and have not been reported. Opponents of these views present many arguments. They claim all gangs derive from minority communities. Also of this view, people associate many murders that are acclaimed to derive from poor communities. Moreover, they think that all people from poor communities are uneducated and therefore don’t know any better and result in a life of violence. However these views can be easily refuted. Many gangs start in other countries such as South America and Asia and then relocate to America. Much affiliation and connection with the gangs that reside in America are based off different countries and followers take with

Honeypot and Honeynet - Free Essay Example

Sample details Pages: 31 Words: 9337 Downloads: 4 Date added: 2017/06/26 Category Information Systems Essay Type Narrative essay Topics: Network Essay Did you like this example? Chapter 1 Introduction Honeynet is a kind of a network security tool, most of the network security tools we have are passive in nature for example Firewalls and IDS. They have the dynamic database of available rules and signatures and they operate on these rules. That is why anomaly detection is limited only to the set of available rules. Don’t waste time! Our writers will create an original "Honeypot and Honeynet" essay for you Create order Any activity that is not in alignment with the given rules and signatures goes under the radar undetected. Honeypots by design allows you to take the initiative, and trap those bad guys (hackers). This system has no production value, with no authorized activity. Any interaction with the honeypot is considered malicious in intent. The combination of honeypots is honeynet. Basically honeypots or honeynets do not solve the security problem but provide information and knowledge that help the system administrator to enhance the overall security of his network and systems. This knowledge can act as an Intrusion detection system and used as input for any early warning systems. Over the years researchers have successfully isolated and identified verity of worms exploits using honeypots and honeynets. Honeynets extend the concept of a single honeypot to a highly controlled network of honeypots. A honeynet is a specialized network architecture cond in a way to achieve Data Control, Data Ca pture Data Collection. This architecture builds a controlled network that one can control and monitor all kind of system and network activity. 1.1 Information Security Information Security is the protection of all sensitive information, electronic or otherwise, which is owned by an individual or an organization. It deals with the preservation of the confidentiality, integrity and availability of information. It protects information of organizations from all kinds of threats to ensure business continuity, minimize business damage and maximize the return on investment and business opportunities. Information stored is highly confidential and not for public viewing. Through information security we protect its availability, privacy and integrity. Information is one of most important assets of financial institutions. Fortification of information assets is essential to ascertain and maintain trust between the financial institution and its customers, maintain compliance with the law, and protect the reputation of the institution. Timely and reliable information is compulsory to process transactions and support financial institution and customer decisi ons. A financial institutions earnings and capital can be adversely affected, if information becomes known to unauthorized parties is distorted or is not available when it is needed [15]. 1.2 Network Security It is the protection of networks and its services from any unauthorized access. It includes the confidentiality and integrity of all data passing through the network. It also includes the security of all Network devices and all information assets connected to a network as well as protection against all kind of known and unknown attacks. The ITU-T Security Architecture for Open System Interconnection (OSI) document X.800 and RFC 2828 are the standard documentation defining security services. X.800 divides the security services into 5 categories and 14 specific services which can be summarized as Table 1.1 OSI X.800 Summary[8] â€Å"1. AUTHENTICATION The assurance that the communicating entity is the one that it claims to be. Peer Entity Authentication Used in association with a logical connection to provide confidence in the identity of the entities connected. Data Origin Authentication In a connectionless transfer, provides assurance that the source of received data is as claimed. 2. ACCESS CONTROL The prevention of unauthorized use of a resource (i.e., this service controls who can have access to a resource, under what conditions access can occur, and what those accessing the resource are allowed to do). 3. DATA CONFIDENTIALITY The protection of data from unauthorized disclosure. Connection Confidentiality The protection of all user data on a connection. Connectionless Confidentiality The protection of all user data in a single data block Selective-Field Confidentiality The confidentiality of selected fields within the user data on a connection or in a single data block. Traffic Flow Confidentiality The protection of the information that might be derived from observation of traffic flows. 4. DATA INTEGRITY The assurance that data received are exactly as sent by an authorized entity (i.e., contain no modification, insertion, deletion, or replay). Connection Integrity with Recovery Provides for the integrity of all user data on a connection and detects any modification, insertion, deletion, or replay of any data within an entire data sequence, with recovery attempted. Connection Integrity without Recovery As above, but provides only detection without recovery. Selective-Field Connection Integrity Provides for the integrity of selected fields within the user data of a data block transferred over a connection and takes the form of determination of whether the selected fields have been modified, inserted, deleted, or replayed. Connectionless Integrity Provides for the integrity of a single connectionless data block and may take the form of detection of data modification. Additionally, a limited form of replay detection may be provided. Selective-Field Connection less Integrity Provides for the integrity of selected fields within a single connectionless data block; takes the form of determination of whether the selected fields have been modified. 5. NONREPUDIATION Provides protection against denial by one of the entities involved in a communication of having participated in all or part of the communication. Nonrepudiation, Origin Proof that the message was sent by the specified party. Nonrepudiation, Destination Proof that the message was received by the specified party.† [1] [8], [9], 1.3 The Security Problem System security personnel fighting an unending battle to secure their digital assets against the ever increasing attacks, verity of attacks and their intensity is increasing day by day. Most of the attacks are detected after the exploitations so there should be awareness of the threats and vulnerabilities that exist in the Internet today. First we have to understand that we cannot say that there exists a perfect secure machine or network because the closest we can get to an absolute secure machine is that we unplugged the network cable and power supply and put that machine in to a safe. Unfortunately it is not useful in that state. We cannot achieve perfect security and perfect access at the same time. We can only increase the no of doors but we cannot put wall instead of doors. In field of security we need to find the vulnerably and exploits before they affect us. Honeypot and honeynet provides a valuable tool to collect information about the behavior of attackers in order to d esign and implement better defense. In the field of security it is important to note that we cannot simply state that what is the best type of firewall? Absolute security and absolute access are the two chief points. Absolute security and absolute access are inverse to each other. If we increase the security access will be decrease. There should be balance between absolute security and absolute defense, access is given without compromising the security. If we compare it to our daily lives we observe not much difference. We are continuously making decisions regarding what risks we are ready to take. When we step out of our homes we are taking a risk. As we get into a car and drive to our work place there is a risk associated with it too. There is a possibility that something might happen on the highway which will make us a part of an accident. When we fly and sit on an airplane we are willing to undergo the level of risk which is at par with the heavy amount we are paying for t his convenience. It is observed that many people think differently about what an acceptable risk would be and in majority cases they do go beyond this thinking. For instance if I am sitting upstairs in my room and have to go to work, I wont take a jump straight out of the window. It might be a faster way but the danger of doing so and the injury I would have to face is much greater than the convenience. It is vital for every organization to decide that between the two opposite poles of total security and total access where they need to place themselves. It is necessary for a policy to articulate this system and then further explain the way it will be enforced with which practices and ways. Everything that is done under the name of security must strictly agree to the policy. 1.4 Types of Hacker Hackers are generally divide into two major categories. 1.4.1 Black Hats Black hat hackers are the biggest threat both internal and external to the IT infrastructure of any organization, as they are consistently challenging the security of applications and services. They are also called crackers, These are the persons who specialize in unauthorized infiltration. There could be Varity of reasons for this type of penetration it could be for profit, for enjoyment, or for political motivations or as a part of a social cause. Such infiltration often involves modification / destruction of data. 1.4.2 White Hats White hat hackers are similar to black hat hackers but there is a important difference that is white hat hackers do it without any criminal intention. Different companies all around the world hire/contact these kinds of persons to test their systems and softwares. They check how secure these systems are and point out any fault they found. These hackers, also known as ethical hackers, These are the persons or security experts who are specialize in penetration testing. These types of people are also known as tiger teams. These experts may use different types of methods and techniques to carry out their tests, including social engineering tactics, use of hacking tools, and attempts to bypass security to gain entry into protected areas, but they do this only to find weaknesses in the system[8]. 1.5 Types of Attacks There are many types of attacks that can be categorized under 2 major categories Active Attacks Passive Attacks 1.5.1 Active Attacks Active attacks involve the attacker taking the offensive and directing malicious packets towards its victims in order to gain illegitimate access of the target machine such as by performing exhaustive user password combinations as in brute-force attacks. Or by exploiting remote local vulnerabilities in services and applications that are termed as holes. Other types of attacks include Masquerading attack when attacker pretends to be a different entity. Attacker user fake Identity of some legitimate user. Replay attack In Replay attack, attacker captures data and retransmits it to produce an unauthorized effect. It is a kind of man in middle attack. Modification attack In this type of attack integrity of the message is compromise. Message or file is modified by the attacker to achieve his malicious goals. Denial of service (DOS)attack In DOS attack an attacker attempts to prevent legitimate users from accessing information or services. By targeting your computer and its network connection, or the computers and network of the sites you are trying to use, an attacker may be able to prevent you from accessing email, websites, online accounts (banking, etc.), or other services that rely on the affected computer. TCP ICMP scanning is also a form of active attacks in which the attackers exploit the way protocols are designed to respond. e.g. ping of death, sync attacks etc. In all types of active attacks the attacker creates noise over the network and transmits packets making it possible to detect and trace the attacker. Depending on the skill level, it has been observed that the skill full attackers usually attack their victims from proxy destinations that they have victimized earlier. 1.5.2 Passive Attacks Passive attacks involve the attacker being able to intercept, collect monitor any transmission sent by their victims. Thus, eavesdropping on their victim and in the process being able to listen in to their victims or targets communications. Passive attacks are very specialized types of attacks which are aimed at obtaining information that is being transmitted over secure and insecure channels. Since the attacker does not create any noise or minimal noise on the network so it is very difficult to detect and identify them. Passive attacks can be divided into 2 main types, the release of message content and traffic analysis. Release of message content It involves protecting message content from getting in hands of unauthorized users during transmission. This can be as basic as a message delivered via a telephone conversation, instant messenger chat, email or a file. Traffic analysis It involves techniques used by attackers to retrieve the actual message from encrypted interc epted messages of their victims. Encryption provides a means to mask the contents of a message using mathematical formulas and thus make them unreadable. The original message can only be retrieved by a reverse process called decryption. This cryptographic system is often based on a key or a password as input from the user. With traffic analysis the attacker can passively observe patterns, trends, frequencies and lengths of messages to guess the key or retrieve the original message by various cryptanalysis systems. Chapter 2 Honeypot and Honeynet 2.1 Honeypot Is a system, or part of a system, deliberately made to invite an intruder or system cracker. Honeypots have additional functionality and intrusion detection systems built into them for the collection of valuable information on the intruders. The era of virtualization had its impact on security and honeypots, the community responded, marked by the fine efforts of Niels Provos (founder of honeyd) Thorsten Holz for their masterpiece book â€Å"Virtual Honeypots From Botnet Tracking to Intrusion Detection† in 2007. 2.2 Types of Honeypots Honeypots can be categorized into 2 main types based on Level of interaction Deployment. 2.2.1 Level of interaction Level of interaction determines the amount of functionality a honeypot provides. 2.2.1.1 Low-interaction Honeypot Low-interaction honey pots are limited in the extent of their interaction with the attacker. They are generally emulator of the services and operating systems. 2.2.1.2 High interaction Honeypot High-interaction honeypots are complex solution they involve with the deployment of real operating systems and applications. High interaction honeypots capture extensive amount of information by allowing attacker to interact with the real systems. 2.2.2 Deployment Based on deployment honeypot may be classified as Production Honeypots Research Honeypots 2.2.2.1 Production Honeypots Production honeypots are honeypots that are placed within the production networks for the purpose of detection. They extend the capabilities of the intrusion detection systems. These type of honeypots are developed and cond to integrate with the organizations infrastructure and scope. They are usually implemented as low-interaction honeypots but implementation may vary depending on the available funding and expertise required by the organization. Production honeypots can be placed within the application and authentication server subnets and can identify any attacks directed towards those subnets. Thus they can be used to identify both internal and external threats for an organization. These types of honeypots can also be used to detect malware propagation in the network caused by zero day exploits. Since IDSs detection is based on database signatures they fail to detect exploits that are not defined in their databases. This is where the honeypots out shine the Intrusion detectio n systems. They aid the system network administrators by providing network situational awareness. On basis of these results administrators can take decisions necessary to add or enhance security resources of the organization e.g. firewall, IDS and IPS etc. 2.2.2.1 Research Honeypots Research honeypots are deployed by network security researchers the whitehat hackers. Their primarily goal is to learn the tools, tactics techniques of the blackhat hackers by which they exploit computers network systems. These honeypots are deployed with the idea of allowing the attacker complete freedom and in the process learn his tactics from his movement within the system. Research honeypots help security researchers to isolate attacker tools they use to exploit systems. They are then carefully studied within a sand box environment to identify zero day exploits. Worms, Trojans and viruses propagating in the network can also be isolated and studied. The researchers then document their findings and share with system programmers, network and system administrators various system and anti-virus vendors. They provide the raw material for the rule engines of IDS, IPS and firewall system. Research Honeypots act as early warning systems. They are designed to detect and log maxim um information from attackers yet being stealthy enough not to let attackers identify them. The identity of the honeypot is crucial and we can conclude that the learning curve (from the attacker) is directly proportional to the stealthiest of thehoneypot .These types of honeypots are usually deployed at universities and by the RD departments of various organizations. These types of honeypots are usually deployed as High-Interaction honeypots. 2.3 Honeynet The concept of the honeypot is sometimes extended to a network of honeypots, known as a honeynet. In honeynet we grouped different types of honeypots with different operatrating systems which increases the probability of trapping an attacker. At the same time, a setting in which the attacker explores the honeynet through network connections between the various host systems provides additional prospects for monitoring the attack and revealing information about the intruder. The honeynet operator can also use the honeynet for training purposes, gaining valuable experience with attack strategies and digital forensics without endangering production systems. The Honeynet project is a non-profit research organization that provides tools for building and managing honeynets. The tools of the Honeynet project are designed for the latest generation of high interaction honeynets that require two separate networks. The honeypots reside on the first network, and the second network holds the tools for managing the honeynet. Between these tools (and facing the Internet) is a device known as the honeywall. The honeywall, which is actually a kind of gateway device, captures controls, and analyzes all inbound and outbound traffic to the honeypots[4]. It is a high-interaction honeypot designed to capture wide-range of information on threats. High-interaction means that a honeynet provides real systems, applications, and services for attackers to interact with, as opposed to low-interaction honeypots which provide emulated services and operating systems. It is through this extensive interaction we gain information on threats, both external and internal to an organization. What makes a honeynet different from most honeypots is that it is a network of real computers for attackers to interact with. These victim systems (honeypots within the honeynet) can be any type of system, service, or information you want to provide [14]. 2.4 Honeynet Data Management Data management consist of three process Data control, data capture and data collection. 2.4.1 Data Control Data control is the containment of activity within the honeynet. It determines the means through which the attackers activity can be restricted in a way to avoid damaging/abusing other systems/resources through the honeynet. This demands a great deal of planning as we require to give the attacker freedom in order to learn from his moves and at the same time not let our resources (honeypot+bandwidth) to be used to attack, damage and abuse other hosts on the same or different subnets. Careful measures are taken by the administrators of the honeynet to study and formulate a policy on attackers freedom versus containment and implement this in a way to achieve maximum data control and yet not be discovered or identified by the attacker as a honeypot. Security is a process and is implemented in layers, various mechanisms to achieve data control are available such as firewall, counting outbound connections, intrusion detection systems,intrusion prevention systems and bandwidth restriction etc. Depending on our requirements and risk thresholds defined we can implement data control mechanisms accordingly [4]. 2.4.2 Data Capture Data Capture involves the capturing, monitoring and logging of allthreats and attacker activities within the honeynet. Analysis of this captured data provides an insight on the tools, tactics, techniques and motives of the attackers. The concept is to achieve maximum logging capability at all nodes and hence log any kind of attackers interaction without the attacker knowing it. This type of stealthy logging is achieved by setting up tools and mechanisms on the honeypots to log all system activity and have network logging capability at the honeywall. Every bit of information is crucial in studying the attacker whether its a TCP port scan, remote and local exploit attempt, brute force attack, attack tool download by the haacker, various local commands run, any type of communication carried out over encrypted and unencrypted channels (mostly IRC) and any outbound connection attempt made by the attacker [25]. All of this should be logged successfully and sent over to a remote location to avoid any loss of data due to risk of system damage caused by attackers, such as data wipe out on disk etc. In order to avoid detection of this kind of activity from the attacker, data masking techniques such as encryption should be used. 2.4.3 Data Collection Once data is captured, it is securely sent to a centralized data collection point. Data is used for analysis and archiving which is collected from different honeynet sensors. Implementations may vary depending on the requirements of the organization, however latest implementations incorporate data collection at the honeywall gateway [19]. 2.5 Honeynet Architectures There are three honeynet architectures namely Generation I, Generation II and Generation III 2.5.1 Generation I Architecture Gen I Honeynet was developed in 1999 by the Honeynet Project. Its purpose was to capture attackers activity and give them the feeling of a real network. The architecture is simple with a firewall aided by IDS at front and honeypots placed behind it. This makes it detectable by attacker [7]. 2.5.2 Generation II III Architecture Gen II honeynets were first introduced in 2001 and Gen III honeynets was released in the end of 2004. Gen II honeynets were made in order to address the issues of Gen I honeynets. Gen II and Gen III honeynets have the same architecture. The only difference being improvements in deployment and management, in Gen III honeynets along with the addition of Sebek server built in the honeywall. Sebek is a stealthy capture tool installed on honeypots that capture and log all requests sent to the system read and write system call. This is very helpful in providing an insight on the attacker [7]. A radical change in architecture was brought about by the introduction of a single device that handles the data control and data capture mechanisms of the honeynet called the IDS Gateway or marketing-wise, the Honeywall. By making the architecture more â€Å"stealthy†, attackers are kept longer and thus more data is captured. There was also a major thrust in improving honeypot layer of dat a capture with the introduction of a new UNIX and Windows based data. 2.6 Virtual Honeynet Virtualization is a technology that allows running multiple virtual machines on a single physical machine. Each virtual machine can be an independent Operating system installation. This is achieved by sharing the physical machines resources such as CPU, Memory, Storage and peripherals through specialized software across multiple environments. Thus multiple virtual Operating systems can run concurrently on a single physical machine [4]. A virtual machine is specialized software that can run its own operating systems and applications as if it were a physical computer. It has its own CPU, RAM storage and peripherals managed by software that dynamically shares it with the physical hardware resources. Virtulization A virtual Honeynet is a solution that facilitates one to run a honeynet on a single computer. We use the term virtual because all the different operating systems placed in the honeynet have the appearance to be running on their own, independent computer. Network to a machine on the Honeynet may indicate a compromised enterprise system. CHAPTER 3 Design and Implementation Computer networks, connected to the Internet are vulnerable to a variety of exploits that can compromise their intended operations. Systems can be subject to Denial of Service Attacks, i-e preventing other computers to gain access for the desired service (e.g. web server) or prevent them from connecting to other computers on the Internet. They can also be subject to attacks that cause them to cease operations either temporarily or permanently. A hacker may be able to compromise a system and gain root access as if he is the system administrator. The number of exploits targeted against various platforms, operating systems, and applications increasing regularly. Most of vulnerabilities and attack methods are detected after the exploitations and cause big loses. Following are the main components of physical deployment of honeynet. First is the design of the Deployed Architecture. Then we installed SUN Virtual box as the Virtualization software. In this we virtually installed three O perating System two of them will work as honey pots and one Honeywall Roo 1.4 as Honeynet transparent Gateway. Snort and sebek are the part of honeywall roo operating system. Snort as IDS and Snort-Inline as IPS. Sebek as the Data Capture tool on the honeypot. The entire OS and honeywall functionality is installed on the system it formats all the previous data from the hard disk. The only purpose now of the CDROM is to install this functionality to the local hard drive. LiveCD could not be modified, so after installing it on the hard drive we can modify it according to our requirement. This approach help us to maintain the honeywall, allowing honeynet to use automated tools such asyumto keep packages current [31]. In the following table there is a summry of products with features installed in honeynet and hardware requirements. Current versions of the installed products are also mention in the table. Table 3.1 Project Summary Project Summary Feature Product Specifications Host Operating System Windows Server 2003 R2 HW Vendor HP Compaq DC 7700 ProcessorIntel(R) Pentium ® D CPU 3GHz RAM 2GB Storage 120GB NIC 1GB Ethernet controller (public IP ) Guest Operating System 1 Linux, Honeywall Roo 1.4 Single Processor Virtual Machine ( HONEYWALL ) RAM 512 MB Storage 10 GB NIC 1 100Mbps Bridged interface NIC 2 100Mbps host-only interface NIC 3 100Mbps Bridged interface (public IP ) Guest Operating System 2 Linux, Ubuntu 8.04 LTS (Hardy Heron) Single Processor Virtual Machine ( HONEYPOT ) RAM 256 MB Storage 10 GB NIC 100Mbps host-only vmnet (public IP ) Guest Operating System 3 Windows Server 2003 Single Processor Virtual Machine ( HONEYPOT ) RAM 256 MB Storage 10 GB NIC 100Mbps host-only vmnet (public IP ) Virtualization software SUN Virtual Box Version 3 Architecture Gen III Gen III implement ed as a virtual honeynet Honeywall Roo Roo 1.4 IDS Snort Snort 2.6.x IPS Snort_inline Snort_inline 2.6.1.5 Data Capture Tool (on honeypots) Sebek Sebek 3.2.0 Honeynet Project Online Tenure November 12, 2009 TO December 12, 2009 3.1 Deployed Architecture and Design 3.2 Windows Server 2003 as Host OS Usability and performance of virtualization softwares are very good on windows server 2003. Windows Server 2003is aserveroperating system produced byMicrosoft. it is considered by Microsoft to be the cornerstone of itsWindows Server Systemline of business server products. Windows Server 2003 is more scalable and delivers better performance than its predecessor,Windows 2000. 3.3 Ubuntu as Honeypot Determined to use free and open source software for this project, Linux was the natural choice to fill as the Host Operating System for our projects server. Ubuntu 8.04 was used as a linux based honeypot for our implementation. The concept was to setup an up-to-date Ubuntu server, cond with commonly used services such as SSH, FTP, Apache, MySQL and PHP and study attacks directed towards them on the internet. Ubuntu being the most widely used Linux desktop can prove to be a good platform to study zero day exploits. It also becomes a candidate for malware collection and a source to learn hacker tools being used on the internet. Ubuntu was successfully deployed as a virtual machine and setup in our honeynet with a host-only virtual Ethernet connection. The honeypot was made sweeter i.e. an interesting target for the attacker by setting up all services with default settings, for example SSH allowed password based connectivity from any IP on default port 22, users created were given pri vileges to install and run applications, Apache index.html page was made remotely accessible with default errors and banners, MySQL default port 1434 was accessible and outbound connections were allowed but limited [3]. Ubuntu is a computeroperating systembased on theDebianGNU/Linux distribution. It is named after theSouthern Africanethical ideology Ubuntu (humanity towards others)[5]and is distributed asfree and open source software. Ubuntu provides an up-to-date, stable operating system for the average user, with a strong focus onusabilityand ease of installation. Ubuntu focuses onusability andsecurity. The Ubiquity installer allows Ubuntu to be installed to the hard disk from within the Live CD environment, without the need for restarting the computer prior to installation. Ubuntu also emphasizesaccessibilityandinternationalization to reach as many people as possible [33]. Ubuntu comes installed with a wide range of software that includes OpenOffice, Firefox,Empathy (Pidgin in versions before 9.10), Transmission, GIMP, and several lightweight games (such as Sudoku and chess). Ubuntu allows networking ports to be closed using its firewall, with customized port selection available. End-users can install Gufw and keep it enabled. GNOME (the current default desktop) offers support for more than 46 languages. Ubuntu can also run many programs designed for Microsoft Windows (such as Microsoft Office), through Wine or using a Virtual Machine (such as VMware Workstation or VirtualBox). The use of Ubuntu as a honey pot here would be effective to trick the hacker into believing for the presence of enterprise level server. 3.4 Windows Server 2003 as Honeypot Windows Server 2003 is aserveroperating system produced byMicrosoft. it is considered by Microsoft to be the cornerstone of itsWindows Server Systemline of business server products. Windows Server 2003 is more scalable and delivers better performance than its predecessor,Windows 2000. We can run different type of sevices. FTP and SMTP services are running on this server. 3.5 Sun Virtual Box as Virtualization Software Virtualization software has greatly helped reduce expenses and total cost of ownership (TCO) for organizations on their IT infrastructure. This is achieved by setting up an entire farm of enterprise servers as virtual machines on a single physical machine. Organizations are now developing their own virtualization software and solutions, many of which are free and open source. A few notable names that we considered for deployment include VMware, User-Mode Linux, SUN Virtual Box, Xen, Qemu, Lugest and Linux-Vserver. We selected SUN Virtual Box because light use very less system resources as compare to others. 3.5.1 Installation Procedure SUN Virtual box supports various versions of windows as a host operating system. In addition, Windows Installer 1.1 or higher must be present on your system. This should be the case if you have all recent Windows updates installed. Performing the installation â€Å"The VirtualBox installation can be started either by double-clicking on its executable file (contains both 32- and 64-bit architectures) or by entering VirtualBox.exe -extract on the command line. This will extract both installers into a temporary directory in which youll then find the usual .MSI files. Then you can do a msiexec /i VirtualBox-version-MultiArch_x86|amd64.msi to perform the installation. In either case, this will display the installation welcome dialog and allow you to choose where to install VirtualBox to and which components to install. In addition to the VirtualBox application, the following components are available. Depending on your Windows configuration, you may see warnings about unsigned dri vers or similar. Please select Continue on these warnings as otherwise VirtualBox might not function correctly after installation. The installer will create a VirtualBox group in the programs startup folder which allows you to launch the application and access its documentation. With standard settings, VirtualBox will be installed for all users on the local system. In case this is not wanted, you have to invoke the installer by first extracting it by using VirtualBox.exe -extract and then do as follows VirtualBox.exe -msiparams ALLUSERS=2 or msiexec /i VirtualBox-version-MultiArch_x86|amd64.msi ALLUSERS=2 on the extracted .MSI files. This will install VirtualBox only for the current user.†[15] 3.6 Honeywall Roo Honeywall CDROMis a bootable CDROM it consist of all the tools and functionality required to create maintain and effetely analyze the third generation honeynet. The honeynet project has developed 2 version of the Honeywall CDROM. Honeywall Eyore and Honeywall Roo Released in May, 2005 based on Gen III architecture. (current version 1.4) Honeywall serves as a transparent gateway for the honeynet. It is this gateway that has to perform data capture, data control, data collection and data analysis functions in order to ensure successful operations of a honeynet. Being a transparent gateway, this node is completely undetectable by the attacker when they are interacting with the honeypots. The purpose of the Honeywall CDROM is to automate the installation and maintenance of a honeynet and provide data analysis support for all activity within the honeynet. Deploying Honeynets was a tough task as it involved advance configuration and integration of security tools. There was no stand ard honeynet development till 1999. Many small groups had their own implementation of Honeynets. The Honeynet Project has done remarkably well by developing a complete Honeywall distribution on a CDROM to deploy as an Operating system on disk and thus made Honeynets easy to deploy and manage. Honeywall was initially based on Fedora for quite some time as its base Operating System, but due to frequent updates going on in fedora it is now based on CentOS. This gives freedom to install operating system specific applications using standard package managers like RPM [31]. Honeywall has evolved over the years. Previous version, Eyore had limited features and control. Roo, the advanced version has vastly improved hardware support, administration capabilities, and data analysis functionality. Thus the system is now moving towards giving the administrator more flexibility and control over the operating system. Honeywall Roo comprises of many well known security tools incorporated into it [31]. Table: 3.1 Security Tools of Honeywall Security Tool Discription Snort Sniffer, IDS Hflow2 Data coalescing tool for honeynet data analysis. Snort_inline Sniffer, IPS P0f A Passive OS fingerprinting tool. P0f Tcpdump View Packet headers. Sebek Data capture tool. 3.6.1 Installation First we need to Start the Virtual box and boot it with Honeywall CDROM. Honeynet Project splash screen with Boot loader should appear. At this point the system will wait to let you interact with the installation process. If you press the Enter button, the system will begin the installation process after formatting the existing hard drive. After this installation is a fully automated process, and no need to interact with the installation from this point on. The installation process of Honeywall is very much like a standard Linux kick-start install. Involving following steps. Boot from Honeywall Roo CDROM For our implementation we booted our virtual machine off the Honeywall Roo 1.4 ISO. Choose install (press Enter) from boot menu to wipe out all free space on disk and install the OS on this space. The installation is a fully automated process and does not require any further user interaction. Once the installation process is complete it will eject the CDROM and boot into the new ly installed system [12]. After the system boots,your installation is completeand will be presented with a command line login prompt.Your hard drive now has a minimized and hardened linux operating system with Honeywall functionality. Now you can login and begin the configuration process.In honeywall there is two default system accounts,rooandroot. Both share the same default passwordhoney, which you will want to change right away. You cannot login asroot, so you will have to login asroothensu-. Honeywall Roo creates two default system user accounts roo (uid 501) and root (uid 0) Both these accounts are created with the default password â€Å"honey†. Root login is not allowed by default so one has to login as roo and then â€Å"su -† to root privileges [12]. Two methods can be used to con the Honeywall first is Dialog Menu interface and other is Honewall.conf configuration file 3.7 Maintaining the Honeywall After Honeywall is installed, key issue is to maintain it properly.The new Honeywall gives you three options for configuring and maintaining your installation. 3.7.1 Dialog Menu It is the classic interface to administering the Honeywall CDROM. The new version is very similar to the older one, except it has new features added. We have already cond our Honeywall using Dialog Menu in pervious steps. It can be loaded by typingmenuon shell. 3.7.2 HWCTL It is a powerful command line utility that allows you to con the system variables used by various programs, and the ability to start/start services. The advantage with this tool is you can simply modify the behavior of the system at the command line via local or SSH access. Following are some examples taken from man file [12]. Show all variables currently set with NAME = VALUE form (use -A if you dont want the spaces) # hwctl -a Just print on standard output the value of HwHOSTNAME # hwctl -n HwHOSTNAME Set all four connection rate limits and restart any services that depend on these variables # hwctl -r HwTCPRATE=20 HwUDPRATE=10 HwICMPRATE=30 HwOTHERRATE=10 Load a complete new set of variables from /etc/honeywall.conf and force a stop before changing values, and a start afterwards # hwctl -R -f /etc/honeywall.conf 3.7.3 Walleye It is the honeywall GUI web based interface. The honeywall runs a webserver that can be remotely connected to over a SSL connection on the management interface. This walleye interface allows the user to con and maintain the system using a simple point and click approach. It has an expanding menu making it easy to access and visualize all the information. It also comes with more in-depth explanations of the different options. It also has different roles, allowing organizations to control who can access what through the walleye interface depending on the role they have been assigned. The primary advantage ofWalleyeis its much easier to use then the other two options [7]. The disadvantage is it cannot be used locally, but requires a 3rd network interface on the honeywall used for remote connections. The web-based GUI currently supports almost all the browsers. Lets launch the browser and point it to management interface IP address,https//managementip/. Login withUser Name rooandPas sword honey. â€Å"This GUI allows the user to con and maintain the system using a simple point and click approach. It has an expanding menu making it easy to access and envisage all the information. The prime advantage ofWalleyeis that its much easier to use then the other two options. The disadvantage is it cannot be used locally, but requires a 3rd network interface on the honeywall used for remote connections. The web-based GUI currently supports either Internet Explorer or Firefox browsers† [31]. Following screen shots shows the Snort Alert on walleye Interface. 3.8 Honeywall Email Alerts Any activity on our honeypots INBOUND or OUTBOUND if detected, an email alert will automatically be generated by server to the administrator. Honeywall also sends an automated detailed report at the end of the day to the system administrator. Cond email ID for walleye email alert is [email  protected]/* */ Honeywall has the builtin SMTP server to send mails. SampleEmail outbound alert Oct 28 043217 wall kernel OUTBOUND UDP IN=br0 OUT=br0 PHYSIN=eth1 PHYSOUT=eth0 SRC=192.168.142.155 DST=224.0.0.251 LEN=204 TOS=0x00 PREC=0x00 TTL=255 ID=0 DF PROTO=UDP SPT=5353 DPT=5353 LEN=184 3.9 Snort as IDS and Snort-Inline as IPS Snort is integrated with honeywall and runs in inline mode to provide realtime Intrusion detection with the current updated database of signatures available on snorts website. Snortis afreeandopen sourcenetwork intrusion prevention system(NIPS) andnetwork intrusion detection system (NIDS)capable of performingpacketlogging and real-timetraffic analysisonIPnetworks. It is the most widely used IDS/IDP technology worldwide. Combining the benefits of signature, protocol and anomaly based inspection. Snort performs protocol analysis, content searching/matching, and is commonly used to actively block or passively detect a variety of attacks and probes, such asbuffer overflows, stealthport scans, web application attacks,SMBprobes, andOS fingerprintingattempts, amongst other features. The software is mostly used forintrusion preventionpurposes, by dropping attacks as they are taking place. Snort can be combined with other free software such assguil,OSSIM, and the Basic Analysis and Se curity Engine (BASE) to provide a visual representation of intrusion data [10]. Snort is integrated with honeywall and runs in inline mode to provide realtime Intrusion Detection with the current updated database of signatures available on snorts website.Snort may be used in a variety of ways, including as a packet sniffer, packet logger, or an intrusion detection system (IDS). With the ability to use rulesets to monitor IP packets, Snort is an excellent choice for administrators responsible for security on small- to medium-sized networks. 3.9.2 Experiences with Snort A random attacker on the internet scans the entire class C of 10.10.10.* and our servers are hosted on the same IP range. What will happen when our honeywall detects such attempts? It will send an email alert to the administrator and it will log all data and protocols and ports information including source and destination ip. Following is the screen shoots, a preview of how the logs will look like if viewed from the walleye web interface. SNORT alerts in CLI of Honeywall, we can manage snort alerts from the walleye GUI interface and also from the command line interface of honeywall. 3.10 Sebek as data capture tool Sebek is the most advanced and complex honeynet data capture tool. It is an open-source tool whose purpose is to capture from a honeypot as much information as possible of the attackers activities by intercepting specific system calls (syscalls) at the kernel level. Sebek is based on a client-server architecture. The client is installed on the honeypots and the server is typically deployed on the Honeywall, that is, the honeynet gateway all the traffic entering and leaving the honeynet passes through. The Sebek client component uses techniques similar to those used by kernel-based rootkits. Sebek is implemented in the form of a Linux Kernel Module (LKM) on Linux, as an OS kernel driver on Windows, and as a kernel patch on the various *BSD operating systems. The server module contains user-level tools that allow to gather and display the information captured and exported by the Sebek clients. [18] 3.10.1 Sebeks new capabilities Sniffing network traffic has long been the traditional way of inspecting the actions performed by an attacker remotely accessing a compromised resource. However, this is not possible if the attacker is protecting his communication channel through encryption and the key used is unknown. The first Sebek version intercepted all read kernel syscalls with a length of one byte, which is what allows one to get the keystrokes typed by the honeypot intruder before they are encrypted, including the commands executed or the passwords used. This initial Sebek data capture functionality was later improved in version 2 to capture all read data. This second version also allows to recover entire files copied with SCP or complete IRC and mail messages. Sebek version 3 extends this functionality by intercepting a new set of system calls. Additionally, it retrieves the parent process id (PPID) and the inode associated with any file-related event. These two fields will be added for each Sebek re cord. Apart from intercepting the standard read syscall, the new version hijacks additional read syscalls, the socket syscall, the open syscall, and the fork and clone syscalls. The following descriptions use the Linux version as a reference. The same ideas also apply to the Windows version [26]. 3.10.2 Sebek Architecture The client collects the data from the Honeypot and exports it to the network. The server collects from one of two sources live packet capture from the network or packet capture archive stored as a tcpdumpn formatted file. The client resides entirely in the Honeypot kernel space and records all user data accessed via a system read() call. 3.10.3 Client Module Hiding As Sebek works entirely in kernel space due to this functionality most of the rootkit techniques does not apply. Hiding the existence of the module is a direct benefit. A second module, the cleaner, is also installed it manipulates the linked list of installed module to remove Sebek. This is not completely robust, Users can no longer see that Sebek is installed and users are unable to rmmod the Sebek module [26]. 3.11 Making Honeynet Undetectable for hackers The possibility of an attacker being able to detect a honeynet or honeypot is directly related to its its configuration that, how the honeynet administrator cond it. Since honeynet transparency, the inability for an attacker to detect it, is one of the important goal of a honeynet. 3.11.1 Virtulization Honeynet is deployed as a high interaction honeynet its very difficult to detect its honeypot because it has complete Operating system for hacker to interact with and all the services are running and all the ports are open and closed according to our requirements similar to production system. Some hackers can detect that this Operating system is running on virtualization software , but this is no prove that it is honeypot or honeynet because now a days most of the organizations are using virtualization in their production environment. Virtualization has greatly helped reduce expenses and total cost for organizations on their IT infrastructure. This is achieved by setting up an entire farm of enterprise servers as virtual machines on a single physical machine. Organizations are now developing their own virtualization software and solutions, many of which are free and open source. 3.11.2 IP Address Scheming IP address scheme used is identical to production environment. That is it used the same IP pool on which most of the production system are running. So hacker cannot detect that which system is honeypot and which is not because It has used the public IP pool of production servers and most of the legitimate services are running on these IP pools. From hands on research with honeynets most of the honeynet detection are probabilistic in nature, hacker sometime can predict that It could be honeynet but they cannot prove it. All the online existing data and technical means to detect honeynet will not work on current configuration and its very difficult to detect. Amount of attacks coming on deployed honeynet shows that this honeynet architecture is undetectable for most of the hackers. Chapter 4 Results and Statistics 4.1 Attack Statistics Port Scanningis one the most widely used reconnaissance techniques used by attackers to find out the services running on the system. All types of machines connected to internet and LAN runs many services that listen to different types of ports. Attacker sends a message on different ports, one at a time and gets the response. From this response attacker find outs whether the port is open and then probe further for weakness. Post Scan is kind of ringing the door bell to check whether someones is at home or not. It is not consider a crime but we should not ignore it. We should investigate the person why he is ringing the bell without any reason. Attacks came from verity of IPs from different countries all around the world. Most to the attackers use brute force to gain the access. It is observed that defense mechanism is getting better, different sophisticated tools and techniques are applied by organizations to protect their assets but attackers are also getting smarter in beating the defense mechanism and diversifying their range of threat options. Attackers often attempt to clean their tracks by launching attacks from different locations and from more than one servers and those servers could be located anywhere in the world. This means that attacker is not located in the country from where attack seems to be launched. We have analyzed attacks targeting to honeynet over a period of 30 days (September 12th to October 12th) and documented them as Attacked/Probed ports and services. Attacker IPs. Attackers Country of Origin. 4.2 Attacked Ports and Services We have taken the sample of attacked ports and services. It has been observed that out of total of 19562 probed ports and services, 13504 were targeted at SSH. This indicates the attackers focus on brute force means of gaining access to the server. This is followed by high activity on IRC ports indicating botnet activity. Table 4.1 Probed Ports their frequency Port Discription Frequency Port Discription Frequency 8 Unassigned 50 3259 epncdp2 3 22 SSH 1793 3283 net-assistant 13 43 WHOIS 67 3411 biolink-auth 2 53 DNS 141 5353 mdns 1 69 TFTP 3 6667 IRC 77 80 HTTP 58 14354 RootKit comm 15 135 epmap 36 20268 RootKit comm 3 137 netbios-ns 18 31337 RootKit comm 1 138 netbios-dgm 3 34611 RootKit comm 2 443 https 17 38111 RootKit comm 6 445 microsoft-ds 70 43495 RootKit comm 1 1101 sebek 103 53100 RootKit comm 1 1412 innosys 6 56594 RootKit comm 8 1700 mps-raft 7 56981 RootKit comm 1 2457 rapido-ip 3 60372 RootKit comm 1 Chart 4.1 Pie chart of Probed Ports Public IP addresses are controlled by worldwide registrars, and are unique globally. Port numbers are not so controlled, but over the decades certain ports have become standard for certain services. The port numbers are unique only within a computer system. Port numbers are 16-bit unsigned numbers. The port numbers are divided into three ranges: Well Known Ports (0 1023) Registered Ports (1024 49151) Dynamic and/or Private Ports (49152 65535) Well-Known Ports Ports numbered 0 to 1023 are considered well known (also called standard ports) and are assigned to services by the IANA (Internet Assigned Numbers Authority)[17]. Here are a few samples: echo 7/tcp Echo ftp-data 20/udp File Transfer [Default Data] ftp 21/tcp File Transfer [Control] ssh 22/tcp SSH Remote Login Protocol telnet 23/tcp Telnet domain 53/udp Domain Name Server www-http 80/tcp World Wide Web HTTP Almost 70 percent of the attacks launched at port 22 SSH port and after that port 53 DNS port. In below mentioned chart port 22 SSH port is excluded. Chart 4.2 Pie chart of Probed Ports (Exluding port 22) 4.3 Attacker IPs During its 30 day tenure the honeypot received 22711 attacks from 421 unique IPs. A great amount of these attacks originated from Europe and China. Table 4.2 Attack IPs their origin IP Frequency Country IP Frequency Country 218.30.22.82 3011 CN 80.31.189.175 45 ES 122.225.100.154 1378 CN 69.191.193.47 342 US 60.190.49.243 986 CN 58.218.182.18 518 CN 219.149.53.239 566 CN 125.244.77.67 981 KR 116.71.215.104 1231 PK 82.99.173.51 432 CZ 119.153.3.25 451 PK 140.130.99 45 TW 212.252.124.15 381 CN 125.244.77.34 23 KR 218.75.95.244 768 CN 194.1.9.21 12 SK 218.23.37.51 23 CN 78.111.82.127 9 RU 122.225.100.154 221 CN 218.75.172.38 544 CN 219.149.53.239 12 CN 61.178.91.48 970 CN 195.234.184.111 76 BE 210.188.201.198 322 JP 122.160.23.228 781 IN 2 01.238.235.25 7 CL 59.103.3.169 389 PK 87.62.49.128 37 DK 203.99.163.156 12 PK 204.11.236.213 21 US 189.104.241.232 76 BR 122.160.207.28 91 IN 203.99.163.153 211 PK 207.182.34.45 561 US 151.21.107.21 34 IT 69.73.208.59 32 GD 78.13.99.15 3 IT 218.23.107.51 12 CN 84.221.56.205 691 IT 125.244.147.67 9 KR 208.69.36.11 2217 US 207.10.34.112 376 US In above mentioned PIE graph we selected 20 IPs from different countries with their attack frequencies. China has one of highest total for malicious activities, it could be due to the fact that the china has the most broadband users in the world. More you spent time online the longer your system exposed and more chances that your system will get attacked or compromised. In above mentioned PIE graph we selected 20 IP from different countries with their attack frequencies. 4.4 Attackers Country of Origin 545 unique attacker IP addresses were identified originating from 61 countries across the globe. Out of these 61 countries the highest number of attacks came from China and Europe followed by the US. This proportion also stands for the highest attack frequencies. Table 4.3 Top 20 Attack Frequency vs Country Country Frequency BE 76 BR 76 CL 7 CN 9390 CZ 432 DK 37 ES 45 GD 32 IN 872 IT 728 JP 322 KR 1013 PK 2294 RU 9 SK 12 TW 45 US 3517 Grand Total 18907 4.4.1 No of Attackers IP per Country Table 4.4 Number of attack IPs vs Country Country # of IP CN 68 PK 14 BE 1 BR 1 IT 2 US 43 ES 2 KR 35 CZ 1 TW 21 SK 1 RU 4 JP 13 CL 1 DK 9 IN 23 GD 1 ZA 1 VN 1 AU 2 RO 5 AW 1 NL 3 TR 1 PL 5 Chapter 5 Conclusion 5.1 Overview Success of a honeynet lies in the number of users (attackers) try to access it, honeynets dont have any production value so any interaction with honeypots is suspicious. Information gathered through honeynet will raise the awareness of different types of treats present on internet. Now a days many organization dont realize that they are targeted and who is attacking them and why. Honeynet help us to understand the attacks and basic measures we can take to prevent these threats. It also help us to improve our defense mechanism and secure ways to defend our resources. Through honeynet we can able to know the 0 days attacks, without effecting our production systems. Focus should be done on the attacks initiating from your own enterprise network. These types attacks can do more damage to your own network. Enterprise administrator should take immediate notice of these types of attacks as these attacks indicate machines that have already been compromised within the network. 5.2 Achievements The deployed honeynet has provided the extensive information on different types of attacks, it also helped us to detect the internal (LAN) compromised systems which tying to communicate with honeypot through different types of rootkits. It has been observed that within the period of 30 days out of total of 19562 probed ports and services, 13504 were targeted at SSH. This shows the attackers focus on brute force for gaining access to the server. It also help us to know most common ports used for attacks and through this information we can enforce different types of policies on external firewalls and also block the open unused ports on different servers. It is concluded that most of the attacks are coming from China but more successful attacks are coming from Europe. 5.3 Future Work Keeping in view the existing features of detection mechanism, its working may be enhanced and it can be made more effective in the future by enhancing its capability by increasing the no of honeypots with the functionality of different type of services like DNS, Webhosting and FTP servers etc. Detailed Forensic analysis of attacks can help us to understand working of botnets and identification of different new 0 day attacks. Centralized data sharing, could be a website www.mschoneynetproject.com.pk, where all the information gathered through honeynet is shared with MCS security related students. So they can get realtime information of different latest attacks and understand the attack methodology. References [1] Spitzner.L (2002). Honeypots Tracking Hackers. US Addison Wesley. 1-430. [2] Stoll, C. The Cuckoos Egg Tracking a Spy Through the Maze of Computer Espionage. Pocket Books,New York, 1990 [3] Automated deployments of Ubuntu By Nick Barcet September 2008  © Copyright Canonical 2008 [4] The Honeynet Project http//project.honeynet.org [5] CERT Advisory CA-2001-31 Buffer Overflow in CDE Subprocess Control Service http//www.cert.org/advisories/CA-2001-31.html [6] Provos, N and Holz, T (July 26, 2007). Virtual Honeypots From Botnet Tracking to Intrusion Detection. US Addison-Wesley Professional. [7] Talabis, R. (2005). The Gen II Gen III Honeynet Architecture. Available http//www.philippinehoneynet.org/index2.php? Last accessed June, 2008. [8] William Stallings, â€Å"Cryptography and Network Security Principles and Practices†, Third Edition, Prentice Hall, 2003. [9] Security architecture for open systems interconnection for CCITT applications, ITU-T, Study Group VII Data Communications Networks, 1991 [10] Snort user manual 2.8.3 , www.snort.org [11] Know Your Enemy Sebek, A kernel based data capture tool,The Honeynet Project, http//www.honeynet.org, Last Modified 17 November 2003 [12] Shuja, F. (October, 2006). Virtual Honeynet Deploying Honeywall using VMware Available http//www.honeynet.pk/honeywall/index.htm. Last accessed June, 2008. [13] Robert McGrew, Rayford B. Vaughn, JR. Experiences With Honeypot Systems Development,Deployment, and Analysis. Proceedings of the 39th Hawaii International Conference on System Sciences 2006. [14] Levine.J, LaBella.R, Owen.H, Contis.D, Culver.B. (2003). The Use of Honeynets to Detect Exploited Systems. Proceedings of the 2003 IEEE [15] http//www.securityfocus.com/print/infocus/1855 [16] http//wiki.virtualbox.org/page/User_Guide/Installation/Windows [17] https://www.auditmypc.com/freescan/readingroom/port_scanning.asp [18] Know Your Enemy Sebek A kernel based data capture tool. Honeynet Project (The). 21 April 2004 www.honeynet.org/papers/sebek.pdf [19] Know Your Enemy: Honeynets What a honeynet is, its value, overview of how it works, and risk/issues involved. honeynet Project https://www.honeynet.org Last Modified: 31 May, 2006 [20] Honeynet Learning Discovering IT Security- MARK RYAN DEL MORAL TALABIS Phillipine Honeynet Project Manila, Phillipines [email  protected]/* */ [21] Development and Implementation of the Honeynet on a University Owned Subnet Erin L. Johnson, John M. Koenig, Dr. Paul Wagner (Faculty Mentor) [22] A Virtual Honeypot Framework Niels Provos_ Google, Inc. [email  protected]/* */ [23] Towards a Third Generation Data Capture Architecture for Honeynets Edward Balas and Camilo Viecco Advanced Network Management Lab Indiana University [24] Evaluation and Demonstration of the Usage of a Virtual Honeynet for Monitoring and Recording Online Attacks Rajiv J. C. Ponweera1, Ravindra Koggalage2, [25] Kn ow Your Enemy: GenII Honeynets Easier to deploy, harder to detect, safer to maintain. Honeynet Project https://www.honeynet.org Last Modified: 12 May,2005 [26] Know Your Enemy Sebek A kernel based data capture tool The Honeynet Project http//www.honeynet.org Last Modified 17 November 2003 [27] http//www.ffiec.gov/ffiecinfobase/booklets/information_security/information_security.pdf [28] Improving Network Security With Honeypots Christian Doring. July, 2005. Thesis. [German Honeyent Project] [29] Sebek 3: tracking the attackers, part one Raul Siles, GSE 2006-01-16 [30] Honeynet Learning Applying problem and case-based approach in IT security education through the use of honeynets. Publication in the ACM InRoads journal in June 2006. [Phillipine Honeynet Project] [31] Know Your Enemy: Honeywall CDROM Roo 3rd Generation Technology Honeynet Project Research Alliance https://www.honeynet.org Last Modified: 17 August,2005