The Stereotype of Criminally Disposed People in Poverty

For many years, the issue of criminal disposition has been greatly associated with those who reside in poor neighborhoods. Violence may occur within low income or predominant minority communities but much good has come from neighborhoods such as these. Further, this stereotype has generated much controversy: While some believe that all poor neighborhoods are the worst, indeed not all people who come from poor neighborhoods are not criminally disposed. Because of aspiring individuals who are prosperous today; the impact of crime on some poor communities influence the others to strive to improve their community; and not only does crime come from poor neighborhoods but wealthy communities as well. One argument supporting non criminally†¦show more content†¦In addition, another group is the Community Outreach Program; they mainly focus on keeping young adults and children on track and give them other activities to do to keep them off the streets. The program in D.C participates in many positive activities which helps the participants become more involved in school and less involved with negative energy. With programs such as this violence in poor communities are bound to decrease any time soon. In addition to positive leading groups within poor communities, with the accusation that all people that are poor are criminally disposed, many wealthy people as well have done much crime it just was never exposed as greatly as others. Many murders, and gang affiliation has been associated within wealthy communities and have not been reported. Opponents of these views present many arguments. They claim all gangs derive from minority communities. Also of this view, people associate many murders that are acclaimed to derive from poor communities. Moreover, they think that all people from poor communities are uneducated and therefore don’t know any better and result in a life of violence. However these views can be easily refuted. Many gangs start in other countries such as South America and Asia and then relocate to America. Much affiliation and connection with the gangs that reside in America are based off different countries and followers take with

Honeypot and Honeynet - Free Essay Example

Sample details Pages: 31 Words: 9337 Downloads: 4 Date added: 2017/06/26 Category Information Systems Essay Type Narrative essay Topics: Network Essay Did you like this example? Chapter 1 Introduction Honeynet is a kind of a network security tool, most of the network security tools we have are passive in nature for example Firewalls and IDS. They have the dynamic database of available rules and signatures and they operate on these rules. That is why anomaly detection is limited only to the set of available rules. Don’t waste time! Our writers will create an original "Honeypot and Honeynet" essay for you Create order Any activity that is not in alignment with the given rules and signatures goes under the radar undetected. Honeypots by design allows you to take the initiative, and trap those bad guys (hackers). This system has no production value, with no authorized activity. Any interaction with the honeypot is considered malicious in intent. The combination of honeypots is honeynet. Basically honeypots or honeynets do not solve the security problem but provide information and knowledge that help the system administrator to enhance the overall security of his network and systems. This knowledge can act as an Intrusion detection system and used as input for any early warning systems. Over the years researchers have successfully isolated and identified verity of worms exploits using honeypots and honeynets. Honeynets extend the concept of a single honeypot to a highly controlled network of honeypots. A honeynet is a specialized network architecture cond in a way to achieve Data Control, Data Ca pture Data Collection. This architecture builds a controlled network that one can control and monitor all kind of system and network activity. 1.1 Information Security Information Security is the protection of all sensitive information, electronic or otherwise, which is owned by an individual or an organization. It deals with the preservation of the confidentiality, integrity and availability of information. It protects information of organizations from all kinds of threats to ensure business continuity, minimize business damage and maximize the return on investment and business opportunities. Information stored is highly confidential and not for public viewing. Through information security we protect its availability, privacy and integrity. Information is one of most important assets of financial institutions. Fortification of information assets is essential to ascertain and maintain trust between the financial institution and its customers, maintain compliance with the law, and protect the reputation of the institution. Timely and reliable information is compulsory to process transactions and support financial institution and customer decisi ons. A financial institutions earnings and capital can be adversely affected, if information becomes known to unauthorized parties is distorted or is not available when it is needed [15]. 1.2 Network Security It is the protection of networks and its services from any unauthorized access. It includes the confidentiality and integrity of all data passing through the network. It also includes the security of all Network devices and all information assets connected to a network as well as protection against all kind of known and unknown attacks. The ITU-T Security Architecture for Open System Interconnection (OSI) document X.800 and RFC 2828 are the standard documentation defining security services. X.800 divides the security services into 5 categories and 14 specific services which can be summarized as Table 1.1 OSI X.800 Summary[8] â€Å"1. AUTHENTICATION The assurance that the communicating entity is the one that it claims to be. Peer Entity Authentication Used in association with a logical connection to provide confidence in the identity of the entities connected. Data Origin Authentication In a connectionless transfer, provides assurance that the source of received data is as claimed. 2. ACCESS CONTROL The prevention of unauthorized use of a resource (i.e., this service controls who can have access to a resource, under what conditions access can occur, and what those accessing the resource are allowed to do). 3. DATA CONFIDENTIALITY The protection of data from unauthorized disclosure. Connection Confidentiality The protection of all user data on a connection. Connectionless Confidentiality The protection of all user data in a single data block Selective-Field Confidentiality The confidentiality of selected fields within the user data on a connection or in a single data block. Traffic Flow Confidentiality The protection of the information that might be derived from observation of traffic flows. 4. DATA INTEGRITY The assurance that data received are exactly as sent by an authorized entity (i.e., contain no modification, insertion, deletion, or replay). Connection Integrity with Recovery Provides for the integrity of all user data on a connection and detects any modification, insertion, deletion, or replay of any data within an entire data sequence, with recovery attempted. Connection Integrity without Recovery As above, but provides only detection without recovery. Selective-Field Connection Integrity Provides for the integrity of selected fields within the user data of a data block transferred over a connection and takes the form of determination of whether the selected fields have been modified, inserted, deleted, or replayed. Connectionless Integrity Provides for the integrity of a single connectionless data block and may take the form of detection of data modification. Additionally, a limited form of replay detection may be provided. Selective-Field Connection less Integrity Provides for the integrity of selected fields within a single connectionless data block; takes the form of determination of whether the selected fields have been modified. 5. NONREPUDIATION Provides protection against denial by one of the entities involved in a communication of having participated in all or part of the communication. Nonrepudiation, Origin Proof that the message was sent by the specified party. Nonrepudiation, Destination Proof that the message was received by the specified party.† [1] [8], [9], 1.3 The Security Problem System security personnel fighting an unending battle to secure their digital assets against the ever increasing attacks, verity of attacks and their intensity is increasing day by day. Most of the attacks are detected after the exploitations so there should be awareness of the threats and vulnerabilities that exist in the Internet today. First we have to understand that we cannot say that there exists a perfect secure machine or network because the closest we can get to an absolute secure machine is that we unplugged the network cable and power supply and put that machine in to a safe. Unfortunately it is not useful in that state. We cannot achieve perfect security and perfect access at the same time. We can only increase the no of doors but we cannot put wall instead of doors. In field of security we need to find the vulnerably and exploits before they affect us. Honeypot and honeynet provides a valuable tool to collect information about the behavior of attackers in order to d esign and implement better defense. In the field of security it is important to note that we cannot simply state that what is the best type of firewall? Absolute security and absolute access are the two chief points. Absolute security and absolute access are inverse to each other. If we increase the security access will be decrease. There should be balance between absolute security and absolute defense, access is given without compromising the security. If we compare it to our daily lives we observe not much difference. We are continuously making decisions regarding what risks we are ready to take. When we step out of our homes we are taking a risk. As we get into a car and drive to our work place there is a risk associated with it too. There is a possibility that something might happen on the highway which will make us a part of an accident. When we fly and sit on an airplane we are willing to undergo the level of risk which is at par with the heavy amount we are paying for t his convenience. It is observed that many people think differently about what an acceptable risk would be and in majority cases they do go beyond this thinking. For instance if I am sitting upstairs in my room and have to go to work, I wont take a jump straight out of the window. It might be a faster way but the danger of doing so and the injury I would have to face is much greater than the convenience. It is vital for every organization to decide that between the two opposite poles of total security and total access where they need to place themselves. It is necessary for a policy to articulate this system and then further explain the way it will be enforced with which practices and ways. Everything that is done under the name of security must strictly agree to the policy. 1.4 Types of Hacker Hackers are generally divide into two major categories. 1.4.1 Black Hats Black hat hackers are the biggest threat both internal and external to the IT infrastructure of any organization, as they are consistently challenging the security of applications and services. They are also called crackers, These are the persons who specialize in unauthorized infiltration. There could be Varity of reasons for this type of penetration it could be for profit, for enjoyment, or for political motivations or as a part of a social cause. Such infiltration often involves modification / destruction of data. 1.4.2 White Hats White hat hackers are similar to black hat hackers but there is a important difference that is white hat hackers do it without any criminal intention. Different companies all around the world hire/contact these kinds of persons to test their systems and softwares. They check how secure these systems are and point out any fault they found. These hackers, also known as ethical hackers, These are the persons or security experts who are specialize in penetration testing. These types of people are also known as tiger teams. These experts may use different types of methods and techniques to carry out their tests, including social engineering tactics, use of hacking tools, and attempts to bypass security to gain entry into protected areas, but they do this only to find weaknesses in the system[8]. 1.5 Types of Attacks There are many types of attacks that can be categorized under 2 major categories Active Attacks Passive Attacks 1.5.1 Active Attacks Active attacks involve the attacker taking the offensive and directing malicious packets towards its victims in order to gain illegitimate access of the target machine such as by performing exhaustive user password combinations as in brute-force attacks. Or by exploiting remote local vulnerabilities in services and applications that are termed as holes. Other types of attacks include Masquerading attack when attacker pretends to be a different entity. Attacker user fake Identity of some legitimate user. Replay attack In Replay attack, attacker captures data and retransmits it to produce an unauthorized effect. It is a kind of man in middle attack. Modification attack In this type of attack integrity of the message is compromise. Message or file is modified by the attacker to achieve his malicious goals. Denial of service (DOS)attack In DOS attack an attacker attempts to prevent legitimate users from accessing information or services. By targeting your computer and its network connection, or the computers and network of the sites you are trying to use, an attacker may be able to prevent you from accessing email, websites, online accounts (banking, etc.), or other services that rely on the affected computer. TCP ICMP scanning is also a form of active attacks in which the attackers exploit the way protocols are designed to respond. e.g. ping of death, sync attacks etc. In all types of active attacks the attacker creates noise over the network and transmits packets making it possible to detect and trace the attacker. Depending on the skill level, it has been observed that the skill full attackers usually attack their victims from proxy destinations that they have victimized earlier. 1.5.2 Passive Attacks Passive attacks involve the attacker being able to intercept, collect monitor any transmission sent by their victims. Thus, eavesdropping on their victim and in the process being able to listen in to their victims or targets communications. Passive attacks are very specialized types of attacks which are aimed at obtaining information that is being transmitted over secure and insecure channels. Since the attacker does not create any noise or minimal noise on the network so it is very difficult to detect and identify them. Passive attacks can be divided into 2 main types, the release of message content and traffic analysis. Release of message content It involves protecting message content from getting in hands of unauthorized users during transmission. This can be as basic as a message delivered via a telephone conversation, instant messenger chat, email or a file. Traffic analysis It involves techniques used by attackers to retrieve the actual message from encrypted interc epted messages of their victims. Encryption provides a means to mask the contents of a message using mathematical formulas and thus make them unreadable. The original message can only be retrieved by a reverse process called decryption. This cryptographic system is often based on a key or a password as input from the user. With traffic analysis the attacker can passively observe patterns, trends, frequencies and lengths of messages to guess the key or retrieve the original message by various cryptanalysis systems. Chapter 2 Honeypot and Honeynet 2.1 Honeypot Is a system, or part of a system, deliberately made to invite an intruder or system cracker. Honeypots have additional functionality and intrusion detection systems built into them for the collection of valuable information on the intruders. The era of virtualization had its impact on security and honeypots, the community responded, marked by the fine efforts of Niels Provos (founder of honeyd) Thorsten Holz for their masterpiece book â€Å"Virtual Honeypots From Botnet Tracking to Intrusion Detection† in 2007. 2.2 Types of Honeypots Honeypots can be categorized into 2 main types based on Level of interaction Deployment. 2.2.1 Level of interaction Level of interaction determines the amount of functionality a honeypot provides. 2.2.1.1 Low-interaction Honeypot Low-interaction honey pots are limited in the extent of their interaction with the attacker. They are generally emulator of the services and operating systems. 2.2.1.2 High interaction Honeypot High-interaction honeypots are complex solution they involve with the deployment of real operating systems and applications. High interaction honeypots capture extensive amount of information by allowing attacker to interact with the real systems. 2.2.2 Deployment Based on deployment honeypot may be classified as Production Honeypots Research Honeypots 2.2.2.1 Production Honeypots Production honeypots are honeypots that are placed within the production networks for the purpose of detection. They extend the capabilities of the intrusion detection systems. These type of honeypots are developed and cond to integrate with the organizations infrastructure and scope. They are usually implemented as low-interaction honeypots but implementation may vary depending on the available funding and expertise required by the organization. Production honeypots can be placed within the application and authentication server subnets and can identify any attacks directed towards those subnets. Thus they can be used to identify both internal and external threats for an organization. These types of honeypots can also be used to detect malware propagation in the network caused by zero day exploits. Since IDSs detection is based on database signatures they fail to detect exploits that are not defined in their databases. This is where the honeypots out shine the Intrusion detectio n systems. They aid the system network administrators by providing network situational awareness. On basis of these results administrators can take decisions necessary to add or enhance security resources of the organization e.g. firewall, IDS and IPS etc. 2.2.2.1 Research Honeypots Research honeypots are deployed by network security researchers the whitehat hackers. Their primarily goal is to learn the tools, tactics techniques of the blackhat hackers by which they exploit computers network systems. These honeypots are deployed with the idea of allowing the attacker complete freedom and in the process learn his tactics from his movement within the system. Research honeypots help security researchers to isolate attacker tools they use to exploit systems. They are then carefully studied within a sand box environment to identify zero day exploits. Worms, Trojans and viruses propagating in the network can also be isolated and studied. The researchers then document their findings and share with system programmers, network and system administrators various system and anti-virus vendors. They provide the raw material for the rule engines of IDS, IPS and firewall system. Research Honeypots act as early warning systems. They are designed to detect and log maxim um information from attackers yet being stealthy enough not to let attackers identify them. The identity of the honeypot is crucial and we can conclude that the learning curve (from the attacker) is directly proportional to the stealthiest of thehoneypot .These types of honeypots are usually deployed at universities and by the RD departments of various organizations. These types of honeypots are usually deployed as High-Interaction honeypots. 2.3 Honeynet The concept of the honeypot is sometimes extended to a network of honeypots, known as a honeynet. In honeynet we grouped different types of honeypots with different operatrating systems which increases the probability of trapping an attacker. At the same time, a setting in which the attacker explores the honeynet through network connections between the various host systems provides additional prospects for monitoring the attack and revealing information about the intruder. The honeynet operator can also use the honeynet for training purposes, gaining valuable experience with attack strategies and digital forensics without endangering production systems. The Honeynet project is a non-profit research organization that provides tools for building and managing honeynets. The tools of the Honeynet project are designed for the latest generation of high interaction honeynets that require two separate networks. The honeypots reside on the first network, and the second network holds the tools for managing the honeynet. Between these tools (and facing the Internet) is a device known as the honeywall. The honeywall, which is actually a kind of gateway device, captures controls, and analyzes all inbound and outbound traffic to the honeypots[4]. It is a high-interaction honeypot designed to capture wide-range of information on threats. High-interaction means that a honeynet provides real systems, applications, and services for attackers to interact with, as opposed to low-interaction honeypots which provide emulated services and operating systems. It is through this extensive interaction we gain information on threats, both external and internal to an organization. What makes a honeynet different from most honeypots is that it is a network of real computers for attackers to interact with. These victim systems (honeypots within the honeynet) can be any type of system, service, or information you want to provide [14]. 2.4 Honeynet Data Management Data management consist of three process Data control, data capture and data collection. 2.4.1 Data Control Data control is the containment of activity within the honeynet. It determines the means through which the attackers activity can be restricted in a way to avoid damaging/abusing other systems/resources through the honeynet. This demands a great deal of planning as we require to give the attacker freedom in order to learn from his moves and at the same time not let our resources (honeypot+bandwidth) to be used to attack, damage and abuse other hosts on the same or different subnets. Careful measures are taken by the administrators of the honeynet to study and formulate a policy on attackers freedom versus containment and implement this in a way to achieve maximum data control and yet not be discovered or identified by the attacker as a honeypot. Security is a process and is implemented in layers, various mechanisms to achieve data control are available such as firewall, counting outbound connections, intrusion detection systems,intrusion prevention systems and bandwidth restriction etc. Depending on our requirements and risk thresholds defined we can implement data control mechanisms accordingly [4]. 2.4.2 Data Capture Data Capture involves the capturing, monitoring and logging of allthreats and attacker activities within the honeynet. Analysis of this captured data provides an insight on the tools, tactics, techniques and motives of the attackers. The concept is to achieve maximum logging capability at all nodes and hence log any kind of attackers interaction without the attacker knowing it. This type of stealthy logging is achieved by setting up tools and mechanisms on the honeypots to log all system activity and have network logging capability at the honeywall. Every bit of information is crucial in studying the attacker whether its a TCP port scan, remote and local exploit attempt, brute force attack, attack tool download by the haacker, various local commands run, any type of communication carried out over encrypted and unencrypted channels (mostly IRC) and any outbound connection attempt made by the attacker [25]. All of this should be logged successfully and sent over to a remote location to avoid any loss of data due to risk of system damage caused by attackers, such as data wipe out on disk etc. In order to avoid detection of this kind of activity from the attacker, data masking techniques such as encryption should be used. 2.4.3 Data Collection Once data is captured, it is securely sent to a centralized data collection point. Data is used for analysis and archiving which is collected from different honeynet sensors. Implementations may vary depending on the requirements of the organization, however latest implementations incorporate data collection at the honeywall gateway [19]. 2.5 Honeynet Architectures There are three honeynet architectures namely Generation I, Generation II and Generation III 2.5.1 Generation I Architecture Gen I Honeynet was developed in 1999 by the Honeynet Project. Its purpose was to capture attackers activity and give them the feeling of a real network. The architecture is simple with a firewall aided by IDS at front and honeypots placed behind it. This makes it detectable by attacker [7]. 2.5.2 Generation II III Architecture Gen II honeynets were first introduced in 2001 and Gen III honeynets was released in the end of 2004. Gen II honeynets were made in order to address the issues of Gen I honeynets. Gen II and Gen III honeynets have the same architecture. The only difference being improvements in deployment and management, in Gen III honeynets along with the addition of Sebek server built in the honeywall. Sebek is a stealthy capture tool installed on honeypots that capture and log all requests sent to the system read and write system call. This is very helpful in providing an insight on the attacker [7]. A radical change in architecture was brought about by the introduction of a single device that handles the data control and data capture mechanisms of the honeynet called the IDS Gateway or marketing-wise, the Honeywall. By making the architecture more â€Å"stealthy†, attackers are kept longer and thus more data is captured. There was also a major thrust in improving honeypot layer of dat a capture with the introduction of a new UNIX and Windows based data. 2.6 Virtual Honeynet Virtualization is a technology that allows running multiple virtual machines on a single physical machine. Each virtual machine can be an independent Operating system installation. This is achieved by sharing the physical machines resources such as CPU, Memory, Storage and peripherals through specialized software across multiple environments. Thus multiple virtual Operating systems can run concurrently on a single physical machine [4]. A virtual machine is specialized software that can run its own operating systems and applications as if it were a physical computer. It has its own CPU, RAM storage and peripherals managed by software that dynamically shares it with the physical hardware resources. Virtulization A virtual Honeynet is a solution that facilitates one to run a honeynet on a single computer. We use the term virtual because all the different operating systems placed in the honeynet have the appearance to be running on their own, independent computer. Network to a machine on the Honeynet may indicate a compromised enterprise system. CHAPTER 3 Design and Implementation Computer networks, connected to the Internet are vulnerable to a variety of exploits that can compromise their intended operations. Systems can be subject to Denial of Service Attacks, i-e preventing other computers to gain access for the desired service (e.g. web server) or prevent them from connecting to other computers on the Internet. They can also be subject to attacks that cause them to cease operations either temporarily or permanently. A hacker may be able to compromise a system and gain root access as if he is the system administrator. The number of exploits targeted against various platforms, operating systems, and applications increasing regularly. Most of vulnerabilities and attack methods are detected after the exploitations and cause big loses. Following are the main components of physical deployment of honeynet. First is the design of the Deployed Architecture. Then we installed SUN Virtual box as the Virtualization software. In this we virtually installed three O perating System two of them will work as honey pots and one Honeywall Roo 1.4 as Honeynet transparent Gateway. Snort and sebek are the part of honeywall roo operating system. Snort as IDS and Snort-Inline as IPS. Sebek as the Data Capture tool on the honeypot. The entire OS and honeywall functionality is installed on the system it formats all the previous data from the hard disk. The only purpose now of the CDROM is to install this functionality to the local hard drive. LiveCD could not be modified, so after installing it on the hard drive we can modify it according to our requirement. This approach help us to maintain the honeywall, allowing honeynet to use automated tools such asyumto keep packages current [31]. In the following table there is a summry of products with features installed in honeynet and hardware requirements. Current versions of the installed products are also mention in the table. Table 3.1 Project Summary Project Summary Feature Product Specifications Host Operating System Windows Server 2003 R2 HW Vendor HP Compaq DC 7700 ProcessorIntel(R) Pentium ® D CPU 3GHz RAM 2GB Storage 120GB NIC 1GB Ethernet controller (public IP ) Guest Operating System 1 Linux, Honeywall Roo 1.4 Single Processor Virtual Machine ( HONEYWALL ) RAM 512 MB Storage 10 GB NIC 1 100Mbps Bridged interface NIC 2 100Mbps host-only interface NIC 3 100Mbps Bridged interface (public IP ) Guest Operating System 2 Linux, Ubuntu 8.04 LTS (Hardy Heron) Single Processor Virtual Machine ( HONEYPOT ) RAM 256 MB Storage 10 GB NIC 100Mbps host-only vmnet (public IP ) Guest Operating System 3 Windows Server 2003 Single Processor Virtual Machine ( HONEYPOT ) RAM 256 MB Storage 10 GB NIC 100Mbps host-only vmnet (public IP ) Virtualization software SUN Virtual Box Version 3 Architecture Gen III Gen III implement ed as a virtual honeynet Honeywall Roo Roo 1.4 IDS Snort Snort 2.6.x IPS Snort_inline Snort_inline 2.6.1.5 Data Capture Tool (on honeypots) Sebek Sebek 3.2.0 Honeynet Project Online Tenure November 12, 2009 TO December 12, 2009 3.1 Deployed Architecture and Design 3.2 Windows Server 2003 as Host OS Usability and performance of virtualization softwares are very good on windows server 2003. Windows Server 2003is aserveroperating system produced byMicrosoft. it is considered by Microsoft to be the cornerstone of itsWindows Server Systemline of business server products. Windows Server 2003 is more scalable and delivers better performance than its predecessor,Windows 2000. 3.3 Ubuntu as Honeypot Determined to use free and open source software for this project, Linux was the natural choice to fill as the Host Operating System for our projects server. Ubuntu 8.04 was used as a linux based honeypot for our implementation. The concept was to setup an up-to-date Ubuntu server, cond with commonly used services such as SSH, FTP, Apache, MySQL and PHP and study attacks directed towards them on the internet. Ubuntu being the most widely used Linux desktop can prove to be a good platform to study zero day exploits. It also becomes a candidate for malware collection and a source to learn hacker tools being used on the internet. Ubuntu was successfully deployed as a virtual machine and setup in our honeynet with a host-only virtual Ethernet connection. The honeypot was made sweeter i.e. an interesting target for the attacker by setting up all services with default settings, for example SSH allowed password based connectivity from any IP on default port 22, users created were given pri vileges to install and run applications, Apache index.html page was made remotely accessible with default errors and banners, MySQL default port 1434 was accessible and outbound connections were allowed but limited [3]. Ubuntu is a computeroperating systembased on theDebianGNU/Linux distribution. It is named after theSouthern Africanethical ideology Ubuntu (humanity towards others)[5]and is distributed asfree and open source software. Ubuntu provides an up-to-date, stable operating system for the average user, with a strong focus onusabilityand ease of installation. Ubuntu focuses onusability andsecurity. The Ubiquity installer allows Ubuntu to be installed to the hard disk from within the Live CD environment, without the need for restarting the computer prior to installation. Ubuntu also emphasizesaccessibilityandinternationalization to reach as many people as possible [33]. Ubuntu comes installed with a wide range of software that includes OpenOffice, Firefox,Empathy (Pidgin in versions before 9.10), Transmission, GIMP, and several lightweight games (such as Sudoku and chess). Ubuntu allows networking ports to be closed using its firewall, with customized port selection available. End-users can install Gufw and keep it enabled. GNOME (the current default desktop) offers support for more than 46 languages. Ubuntu can also run many programs designed for Microsoft Windows (such as Microsoft Office), through Wine or using a Virtual Machine (such as VMware Workstation or VirtualBox). The use of Ubuntu as a honey pot here would be effective to trick the hacker into believing for the presence of enterprise level server. 3.4 Windows Server 2003 as Honeypot Windows Server 2003 is aserveroperating system produced byMicrosoft. it is considered by Microsoft to be the cornerstone of itsWindows Server Systemline of business server products. Windows Server 2003 is more scalable and delivers better performance than its predecessor,Windows 2000. We can run different type of sevices. FTP and SMTP services are running on this server. 3.5 Sun Virtual Box as Virtualization Software Virtualization software has greatly helped reduce expenses and total cost of ownership (TCO) for organizations on their IT infrastructure. This is achieved by setting up an entire farm of enterprise servers as virtual machines on a single physical machine. Organizations are now developing their own virtualization software and solutions, many of which are free and open source. A few notable names that we considered for deployment include VMware, User-Mode Linux, SUN Virtual Box, Xen, Qemu, Lugest and Linux-Vserver. We selected SUN Virtual Box because light use very less system resources as compare to others. 3.5.1 Installation Procedure SUN Virtual box supports various versions of windows as a host operating system. In addition, Windows Installer 1.1 or higher must be present on your system. This should be the case if you have all recent Windows updates installed. Performing the installation â€Å"The VirtualBox installation can be started either by double-clicking on its executable file (contains both 32- and 64-bit architectures) or by entering VirtualBox.exe -extract on the command line. This will extract both installers into a temporary directory in which youll then find the usual .MSI files. Then you can do a msiexec /i VirtualBox-version-MultiArch_x86|amd64.msi to perform the installation. In either case, this will display the installation welcome dialog and allow you to choose where to install VirtualBox to and which components to install. In addition to the VirtualBox application, the following components are available. Depending on your Windows configuration, you may see warnings about unsigned dri vers or similar. Please select Continue on these warnings as otherwise VirtualBox might not function correctly after installation. The installer will create a VirtualBox group in the programs startup folder which allows you to launch the application and access its documentation. With standard settings, VirtualBox will be installed for all users on the local system. In case this is not wanted, you have to invoke the installer by first extracting it by using VirtualBox.exe -extract and then do as follows VirtualBox.exe -msiparams ALLUSERS=2 or msiexec /i VirtualBox-version-MultiArch_x86|amd64.msi ALLUSERS=2 on the extracted .MSI files. This will install VirtualBox only for the current user.†[15] 3.6 Honeywall Roo Honeywall CDROMis a bootable CDROM it consist of all the tools and functionality required to create maintain and effetely analyze the third generation honeynet. The honeynet project has developed 2 version of the Honeywall CDROM. Honeywall Eyore and Honeywall Roo Released in May, 2005 based on Gen III architecture. (current version 1.4) Honeywall serves as a transparent gateway for the honeynet. It is this gateway that has to perform data capture, data control, data collection and data analysis functions in order to ensure successful operations of a honeynet. Being a transparent gateway, this node is completely undetectable by the attacker when they are interacting with the honeypots. The purpose of the Honeywall CDROM is to automate the installation and maintenance of a honeynet and provide data analysis support for all activity within the honeynet. Deploying Honeynets was a tough task as it involved advance configuration and integration of security tools. There was no stand ard honeynet development till 1999. Many small groups had their own implementation of Honeynets. The Honeynet Project has done remarkably well by developing a complete Honeywall distribution on a CDROM to deploy as an Operating system on disk and thus made Honeynets easy to deploy and manage. Honeywall was initially based on Fedora for quite some time as its base Operating System, but due to frequent updates going on in fedora it is now based on CentOS. This gives freedom to install operating system specific applications using standard package managers like RPM [31]. Honeywall has evolved over the years. Previous version, Eyore had limited features and control. Roo, the advanced version has vastly improved hardware support, administration capabilities, and data analysis functionality. Thus the system is now moving towards giving the administrator more flexibility and control over the operating system. Honeywall Roo comprises of many well known security tools incorporated into it [31]. Table: 3.1 Security Tools of Honeywall Security Tool Discription Snort Sniffer, IDS Hflow2 Data coalescing tool for honeynet data analysis. Snort_inline Sniffer, IPS P0f A Passive OS fingerprinting tool. P0f Tcpdump View Packet headers. Sebek Data capture tool. 3.6.1 Installation First we need to Start the Virtual box and boot it with Honeywall CDROM. Honeynet Project splash screen with Boot loader should appear. At this point the system will wait to let you interact with the installation process. If you press the Enter button, the system will begin the installation process after formatting the existing hard drive. After this installation is a fully automated process, and no need to interact with the installation from this point on. The installation process of Honeywall is very much like a standard Linux kick-start install. Involving following steps. Boot from Honeywall Roo CDROM For our implementation we booted our virtual machine off the Honeywall Roo 1.4 ISO. Choose install (press Enter) from boot menu to wipe out all free space on disk and install the OS on this space. The installation is a fully automated process and does not require any further user interaction. Once the installation process is complete it will eject the CDROM and boot into the new ly installed system [12]. After the system boots,your installation is completeand will be presented with a command line login prompt.Your hard drive now has a minimized and hardened linux operating system with Honeywall functionality. Now you can login and begin the configuration process.In honeywall there is two default system accounts,rooandroot. Both share the same default passwordhoney, which you will want to change right away. You cannot login asroot, so you will have to login asroothensu-. Honeywall Roo creates two default system user accounts roo (uid 501) and root (uid 0) Both these accounts are created with the default password â€Å"honey†. Root login is not allowed by default so one has to login as roo and then â€Å"su -† to root privileges [12]. Two methods can be used to con the Honeywall first is Dialog Menu interface and other is Honewall.conf configuration file 3.7 Maintaining the Honeywall After Honeywall is installed, key issue is to maintain it properly.The new Honeywall gives you three options for configuring and maintaining your installation. 3.7.1 Dialog Menu It is the classic interface to administering the Honeywall CDROM. The new version is very similar to the older one, except it has new features added. We have already cond our Honeywall using Dialog Menu in pervious steps. It can be loaded by typingmenuon shell. 3.7.2 HWCTL It is a powerful command line utility that allows you to con the system variables used by various programs, and the ability to start/start services. The advantage with this tool is you can simply modify the behavior of the system at the command line via local or SSH access. Following are some examples taken from man file [12]. Show all variables currently set with NAME = VALUE form (use -A if you dont want the spaces) # hwctl -a Just print on standard output the value of HwHOSTNAME # hwctl -n HwHOSTNAME Set all four connection rate limits and restart any services that depend on these variables # hwctl -r HwTCPRATE=20 HwUDPRATE=10 HwICMPRATE=30 HwOTHERRATE=10 Load a complete new set of variables from /etc/honeywall.conf and force a stop before changing values, and a start afterwards # hwctl -R -f /etc/honeywall.conf 3.7.3 Walleye It is the honeywall GUI web based interface. The honeywall runs a webserver that can be remotely connected to over a SSL connection on the management interface. This walleye interface allows the user to con and maintain the system using a simple point and click approach. It has an expanding menu making it easy to access and visualize all the information. It also comes with more in-depth explanations of the different options. It also has different roles, allowing organizations to control who can access what through the walleye interface depending on the role they have been assigned. The primary advantage ofWalleyeis its much easier to use then the other two options [7]. The disadvantage is it cannot be used locally, but requires a 3rd network interface on the honeywall used for remote connections. The web-based GUI currently supports almost all the browsers. Lets launch the browser and point it to management interface IP address,https//managementip/. Login withUser Name rooandPas sword honey. â€Å"This GUI allows the user to con and maintain the system using a simple point and click approach. It has an expanding menu making it easy to access and envisage all the information. The prime advantage ofWalleyeis that its much easier to use then the other two options. The disadvantage is it cannot be used locally, but requires a 3rd network interface on the honeywall used for remote connections. The web-based GUI currently supports either Internet Explorer or Firefox browsers† [31]. Following screen shots shows the Snort Alert on walleye Interface. 3.8 Honeywall Email Alerts Any activity on our honeypots INBOUND or OUTBOUND if detected, an email alert will automatically be generated by server to the administrator. Honeywall also sends an automated detailed report at the end of the day to the system administrator. Cond email ID for walleye email alert is [email  protected]/* */ Honeywall has the builtin SMTP server to send mails. SampleEmail outbound alert Oct 28 043217 wall kernel OUTBOUND UDP IN=br0 OUT=br0 PHYSIN=eth1 PHYSOUT=eth0 SRC=192.168.142.155 DST=224.0.0.251 LEN=204 TOS=0x00 PREC=0x00 TTL=255 ID=0 DF PROTO=UDP SPT=5353 DPT=5353 LEN=184 3.9 Snort as IDS and Snort-Inline as IPS Snort is integrated with honeywall and runs in inline mode to provide realtime Intrusion detection with the current updated database of signatures available on snorts website. Snortis afreeandopen sourcenetwork intrusion prevention system(NIPS) andnetwork intrusion detection system (NIDS)capable of performingpacketlogging and real-timetraffic analysisonIPnetworks. It is the most widely used IDS/IDP technology worldwide. Combining the benefits of signature, protocol and anomaly based inspection. Snort performs protocol analysis, content searching/matching, and is commonly used to actively block or passively detect a variety of attacks and probes, such asbuffer overflows, stealthport scans, web application attacks,SMBprobes, andOS fingerprintingattempts, amongst other features. The software is mostly used forintrusion preventionpurposes, by dropping attacks as they are taking place. Snort can be combined with other free software such assguil,OSSIM, and the Basic Analysis and Se curity Engine (BASE) to provide a visual representation of intrusion data [10]. Snort is integrated with honeywall and runs in inline mode to provide realtime Intrusion Detection with the current updated database of signatures available on snorts website.Snort may be used in a variety of ways, including as a packet sniffer, packet logger, or an intrusion detection system (IDS). With the ability to use rulesets to monitor IP packets, Snort is an excellent choice for administrators responsible for security on small- to medium-sized networks. 3.9.2 Experiences with Snort A random attacker on the internet scans the entire class C of 10.10.10.* and our servers are hosted on the same IP range. What will happen when our honeywall detects such attempts? It will send an email alert to the administrator and it will log all data and protocols and ports information including source and destination ip. Following is the screen shoots, a preview of how the logs will look like if viewed from the walleye web interface. SNORT alerts in CLI of Honeywall, we can manage snort alerts from the walleye GUI interface and also from the command line interface of honeywall. 3.10 Sebek as data capture tool Sebek is the most advanced and complex honeynet data capture tool. It is an open-source tool whose purpose is to capture from a honeypot as much information as possible of the attackers activities by intercepting specific system calls (syscalls) at the kernel level. Sebek is based on a client-server architecture. The client is installed on the honeypots and the server is typically deployed on the Honeywall, that is, the honeynet gateway all the traffic entering and leaving the honeynet passes through. The Sebek client component uses techniques similar to those used by kernel-based rootkits. Sebek is implemented in the form of a Linux Kernel Module (LKM) on Linux, as an OS kernel driver on Windows, and as a kernel patch on the various *BSD operating systems. The server module contains user-level tools that allow to gather and display the information captured and exported by the Sebek clients. [18] 3.10.1 Sebeks new capabilities Sniffing network traffic has long been the traditional way of inspecting the actions performed by an attacker remotely accessing a compromised resource. However, this is not possible if the attacker is protecting his communication channel through encryption and the key used is unknown. The first Sebek version intercepted all read kernel syscalls with a length of one byte, which is what allows one to get the keystrokes typed by the honeypot intruder before they are encrypted, including the commands executed or the passwords used. This initial Sebek data capture functionality was later improved in version 2 to capture all read data. This second version also allows to recover entire files copied with SCP or complete IRC and mail messages. Sebek version 3 extends this functionality by intercepting a new set of system calls. Additionally, it retrieves the parent process id (PPID) and the inode associated with any file-related event. These two fields will be added for each Sebek re cord. Apart from intercepting the standard read syscall, the new version hijacks additional read syscalls, the socket syscall, the open syscall, and the fork and clone syscalls. The following descriptions use the Linux version as a reference. The same ideas also apply to the Windows version [26]. 3.10.2 Sebek Architecture The client collects the data from the Honeypot and exports it to the network. The server collects from one of two sources live packet capture from the network or packet capture archive stored as a tcpdumpn formatted file. The client resides entirely in the Honeypot kernel space and records all user data accessed via a system read() call. 3.10.3 Client Module Hiding As Sebek works entirely in kernel space due to this functionality most of the rootkit techniques does not apply. Hiding the existence of the module is a direct benefit. A second module, the cleaner, is also installed it manipulates the linked list of installed module to remove Sebek. This is not completely robust, Users can no longer see that Sebek is installed and users are unable to rmmod the Sebek module [26]. 3.11 Making Honeynet Undetectable for hackers The possibility of an attacker being able to detect a honeynet or honeypot is directly related to its its configuration that, how the honeynet administrator cond it. Since honeynet transparency, the inability for an attacker to detect it, is one of the important goal of a honeynet. 3.11.1 Virtulization Honeynet is deployed as a high interaction honeynet its very difficult to detect its honeypot because it has complete Operating system for hacker to interact with and all the services are running and all the ports are open and closed according to our requirements similar to production system. Some hackers can detect that this Operating system is running on virtualization software , but this is no prove that it is honeypot or honeynet because now a days most of the organizations are using virtualization in their production environment. Virtualization has greatly helped reduce expenses and total cost for organizations on their IT infrastructure. This is achieved by setting up an entire farm of enterprise servers as virtual machines on a single physical machine. Organizations are now developing their own virtualization software and solutions, many of which are free and open source. 3.11.2 IP Address Scheming IP address scheme used is identical to production environment. That is it used the same IP pool on which most of the production system are running. So hacker cannot detect that which system is honeypot and which is not because It has used the public IP pool of production servers and most of the legitimate services are running on these IP pools. From hands on research with honeynets most of the honeynet detection are probabilistic in nature, hacker sometime can predict that It could be honeynet but they cannot prove it. All the online existing data and technical means to detect honeynet will not work on current configuration and its very difficult to detect. Amount of attacks coming on deployed honeynet shows that this honeynet architecture is undetectable for most of the hackers. Chapter 4 Results and Statistics 4.1 Attack Statistics Port Scanningis one the most widely used reconnaissance techniques used by attackers to find out the services running on the system. All types of machines connected to internet and LAN runs many services that listen to different types of ports. Attacker sends a message on different ports, one at a time and gets the response. From this response attacker find outs whether the port is open and then probe further for weakness. Post Scan is kind of ringing the door bell to check whether someones is at home or not. It is not consider a crime but we should not ignore it. We should investigate the person why he is ringing the bell without any reason. Attacks came from verity of IPs from different countries all around the world. Most to the attackers use brute force to gain the access. It is observed that defense mechanism is getting better, different sophisticated tools and techniques are applied by organizations to protect their assets but attackers are also getting smarter in beating the defense mechanism and diversifying their range of threat options. Attackers often attempt to clean their tracks by launching attacks from different locations and from more than one servers and those servers could be located anywhere in the world. This means that attacker is not located in the country from where attack seems to be launched. We have analyzed attacks targeting to honeynet over a period of 30 days (September 12th to October 12th) and documented them as Attacked/Probed ports and services. Attacker IPs. Attackers Country of Origin. 4.2 Attacked Ports and Services We have taken the sample of attacked ports and services. It has been observed that out of total of 19562 probed ports and services, 13504 were targeted at SSH. This indicates the attackers focus on brute force means of gaining access to the server. This is followed by high activity on IRC ports indicating botnet activity. Table 4.1 Probed Ports their frequency Port Discription Frequency Port Discription Frequency 8 Unassigned 50 3259 epncdp2 3 22 SSH 1793 3283 net-assistant 13 43 WHOIS 67 3411 biolink-auth 2 53 DNS 141 5353 mdns 1 69 TFTP 3 6667 IRC 77 80 HTTP 58 14354 RootKit comm 15 135 epmap 36 20268 RootKit comm 3 137 netbios-ns 18 31337 RootKit comm 1 138 netbios-dgm 3 34611 RootKit comm 2 443 https 17 38111 RootKit comm 6 445 microsoft-ds 70 43495 RootKit comm 1 1101 sebek 103 53100 RootKit comm 1 1412 innosys 6 56594 RootKit comm 8 1700 mps-raft 7 56981 RootKit comm 1 2457 rapido-ip 3 60372 RootKit comm 1 Chart 4.1 Pie chart of Probed Ports Public IP addresses are controlled by worldwide registrars, and are unique globally. Port numbers are not so controlled, but over the decades certain ports have become standard for certain services. The port numbers are unique only within a computer system. Port numbers are 16-bit unsigned numbers. The port numbers are divided into three ranges: Well Known Ports (0 1023) Registered Ports (1024 49151) Dynamic and/or Private Ports (49152 65535) Well-Known Ports Ports numbered 0 to 1023 are considered well known (also called standard ports) and are assigned to services by the IANA (Internet Assigned Numbers Authority)[17]. Here are a few samples: echo 7/tcp Echo ftp-data 20/udp File Transfer [Default Data] ftp 21/tcp File Transfer [Control] ssh 22/tcp SSH Remote Login Protocol telnet 23/tcp Telnet domain 53/udp Domain Name Server www-http 80/tcp World Wide Web HTTP Almost 70 percent of the attacks launched at port 22 SSH port and after that port 53 DNS port. In below mentioned chart port 22 SSH port is excluded. Chart 4.2 Pie chart of Probed Ports (Exluding port 22) 4.3 Attacker IPs During its 30 day tenure the honeypot received 22711 attacks from 421 unique IPs. A great amount of these attacks originated from Europe and China. Table 4.2 Attack IPs their origin IP Frequency Country IP Frequency Country 218.30.22.82 3011 CN 80.31.189.175 45 ES 122.225.100.154 1378 CN 69.191.193.47 342 US 60.190.49.243 986 CN 58.218.182.18 518 CN 219.149.53.239 566 CN 125.244.77.67 981 KR 116.71.215.104 1231 PK 82.99.173.51 432 CZ 119.153.3.25 451 PK 140.130.99 45 TW 212.252.124.15 381 CN 125.244.77.34 23 KR 218.75.95.244 768 CN 194.1.9.21 12 SK 218.23.37.51 23 CN 78.111.82.127 9 RU 122.225.100.154 221 CN 218.75.172.38 544 CN 219.149.53.239 12 CN 61.178.91.48 970 CN 195.234.184.111 76 BE 210.188.201.198 322 JP 122.160.23.228 781 IN 2 01.238.235.25 7 CL 59.103.3.169 389 PK 87.62.49.128 37 DK 203.99.163.156 12 PK 204.11.236.213 21 US 189.104.241.232 76 BR 122.160.207.28 91 IN 203.99.163.153 211 PK 207.182.34.45 561 US 151.21.107.21 34 IT 69.73.208.59 32 GD 78.13.99.15 3 IT 218.23.107.51 12 CN 84.221.56.205 691 IT 125.244.147.67 9 KR 208.69.36.11 2217 US 207.10.34.112 376 US In above mentioned PIE graph we selected 20 IPs from different countries with their attack frequencies. China has one of highest total for malicious activities, it could be due to the fact that the china has the most broadband users in the world. More you spent time online the longer your system exposed and more chances that your system will get attacked or compromised. In above mentioned PIE graph we selected 20 IP from different countries with their attack frequencies. 4.4 Attackers Country of Origin 545 unique attacker IP addresses were identified originating from 61 countries across the globe. Out of these 61 countries the highest number of attacks came from China and Europe followed by the US. This proportion also stands for the highest attack frequencies. Table 4.3 Top 20 Attack Frequency vs Country Country Frequency BE 76 BR 76 CL 7 CN 9390 CZ 432 DK 37 ES 45 GD 32 IN 872 IT 728 JP 322 KR 1013 PK 2294 RU 9 SK 12 TW 45 US 3517 Grand Total 18907 4.4.1 No of Attackers IP per Country Table 4.4 Number of attack IPs vs Country Country # of IP CN 68 PK 14 BE 1 BR 1 IT 2 US 43 ES 2 KR 35 CZ 1 TW 21 SK 1 RU 4 JP 13 CL 1 DK 9 IN 23 GD 1 ZA 1 VN 1 AU 2 RO 5 AW 1 NL 3 TR 1 PL 5 Chapter 5 Conclusion 5.1 Overview Success of a honeynet lies in the number of users (attackers) try to access it, honeynets dont have any production value so any interaction with honeypots is suspicious. Information gathered through honeynet will raise the awareness of different types of treats present on internet. Now a days many organization dont realize that they are targeted and who is attacking them and why. Honeynet help us to understand the attacks and basic measures we can take to prevent these threats. It also help us to improve our defense mechanism and secure ways to defend our resources. Through honeynet we can able to know the 0 days attacks, without effecting our production systems. Focus should be done on the attacks initiating from your own enterprise network. These types attacks can do more damage to your own network. Enterprise administrator should take immediate notice of these types of attacks as these attacks indicate machines that have already been compromised within the network. 5.2 Achievements The deployed honeynet has provided the extensive information on different types of attacks, it also helped us to detect the internal (LAN) compromised systems which tying to communicate with honeypot through different types of rootkits. It has been observed that within the period of 30 days out of total of 19562 probed ports and services, 13504 were targeted at SSH. This shows the attackers focus on brute force for gaining access to the server. It also help us to know most common ports used for attacks and through this information we can enforce different types of policies on external firewalls and also block the open unused ports on different servers. It is concluded that most of the attacks are coming from China but more successful attacks are coming from Europe. 5.3 Future Work Keeping in view the existing features of detection mechanism, its working may be enhanced and it can be made more effective in the future by enhancing its capability by increasing the no of honeypots with the functionality of different type of services like DNS, Webhosting and FTP servers etc. Detailed Forensic analysis of attacks can help us to understand working of botnets and identification of different new 0 day attacks. Centralized data sharing, could be a website www.mschoneynetproject.com.pk, where all the information gathered through honeynet is shared with MCS security related students. So they can get realtime information of different latest attacks and understand the attack methodology. References [1] Spitzner.L (2002). Honeypots Tracking Hackers. US Addison Wesley. 1-430. [2] Stoll, C. The Cuckoos Egg Tracking a Spy Through the Maze of Computer Espionage. Pocket Books,New York, 1990 [3] Automated deployments of Ubuntu By Nick Barcet September 2008  © Copyright Canonical 2008 [4] The Honeynet Project http//project.honeynet.org [5] CERT Advisory CA-2001-31 Buffer Overflow in CDE Subprocess Control Service http//www.cert.org/advisories/CA-2001-31.html [6] Provos, N and Holz, T (July 26, 2007). Virtual Honeypots From Botnet Tracking to Intrusion Detection. US Addison-Wesley Professional. [7] Talabis, R. (2005). The Gen II Gen III Honeynet Architecture. Available http//www.philippinehoneynet.org/index2.php? Last accessed June, 2008. [8] William Stallings, â€Å"Cryptography and Network Security Principles and Practices†, Third Edition, Prentice Hall, 2003. [9] Security architecture for open systems interconnection for CCITT applications, ITU-T, Study Group VII Data Communications Networks, 1991 [10] Snort user manual 2.8.3 , www.snort.org [11] Know Your Enemy Sebek, A kernel based data capture tool,The Honeynet Project, http//www.honeynet.org, Last Modified 17 November 2003 [12] Shuja, F. (October, 2006). Virtual Honeynet Deploying Honeywall using VMware Available http//www.honeynet.pk/honeywall/index.htm. Last accessed June, 2008. [13] Robert McGrew, Rayford B. Vaughn, JR. Experiences With Honeypot Systems Development,Deployment, and Analysis. Proceedings of the 39th Hawaii International Conference on System Sciences 2006. [14] Levine.J, LaBella.R, Owen.H, Contis.D, Culver.B. (2003). The Use of Honeynets to Detect Exploited Systems. Proceedings of the 2003 IEEE [15] http//www.securityfocus.com/print/infocus/1855 [16] http//wiki.virtualbox.org/page/User_Guide/Installation/Windows [17] https://www.auditmypc.com/freescan/readingroom/port_scanning.asp [18] Know Your Enemy Sebek A kernel based data capture tool. Honeynet Project (The). 21 April 2004 www.honeynet.org/papers/sebek.pdf [19] Know Your Enemy: Honeynets What a honeynet is, its value, overview of how it works, and risk/issues involved. honeynet Project https://www.honeynet.org Last Modified: 31 May, 2006 [20] Honeynet Learning Discovering IT Security- MARK RYAN DEL MORAL TALABIS Phillipine Honeynet Project Manila, Phillipines [email  protected]/* */ [21] Development and Implementation of the Honeynet on a University Owned Subnet Erin L. Johnson, John M. Koenig, Dr. Paul Wagner (Faculty Mentor) [22] A Virtual Honeypot Framework Niels Provos_ Google, Inc. [email  protected]/* */ [23] Towards a Third Generation Data Capture Architecture for Honeynets Edward Balas and Camilo Viecco Advanced Network Management Lab Indiana University [24] Evaluation and Demonstration of the Usage of a Virtual Honeynet for Monitoring and Recording Online Attacks Rajiv J. C. Ponweera1, Ravindra Koggalage2, [25] Kn ow Your Enemy: GenII Honeynets Easier to deploy, harder to detect, safer to maintain. Honeynet Project https://www.honeynet.org Last Modified: 12 May,2005 [26] Know Your Enemy Sebek A kernel based data capture tool The Honeynet Project http//www.honeynet.org Last Modified 17 November 2003 [27] http//www.ffiec.gov/ffiecinfobase/booklets/information_security/information_security.pdf [28] Improving Network Security With Honeypots Christian Doring. July, 2005. Thesis. [German Honeyent Project] [29] Sebek 3: tracking the attackers, part one Raul Siles, GSE 2006-01-16 [30] Honeynet Learning Applying problem and case-based approach in IT security education through the use of honeynets. Publication in the ACM InRoads journal in June 2006. [Phillipine Honeynet Project] [31] Know Your Enemy: Honeywall CDROM Roo 3rd Generation Technology Honeynet Project Research Alliance https://www.honeynet.org Last Modified: 17 August,2005

Harriet Tubman and the Underground Railroad - 1600 Words

Harriet Tubman and the Underground Railroad â€Å"I freed thousands of slaves, and could have freed thousands more, if they had known they were slaves.† (History.com) This Harriet Tubman quote is a great representation of the kind of person she was. Harriet Tubman was a great woman, not only did she escape slavery; she went back several times to save more people. She conducted the Underground Railroad and did great things that have changed our history in one of its darkest times in our history. Being a slave was not easy but that didn’t stop her. Becoming a slave was terrible; someone was either born a slave or kidnapped. When slavery first started, white Europeans went into Africa and kidnapped African Americans. As the years went on this†¦show more content†¦On a signal the buyers would burst into a yard, and grab the best slaves. Fights would occur between the buyers. Once the slaves were brought to their new home they were put right to work. Slaves did all sorts of tasks such as heavy labor, farm work, cleaning, cooking, construction, animal tending. Basically a slave did everything the owner didn’t want to do. If the slave refused to work or weren’t working hard enough they would be whipped. Farm work was probably one of the harder jobs for a slave. It wasn’t that the work was difficult, but they would have to stay out in the sun all day, picking the cotton, or sugar cane. As the plantations got bigger and bigger they needed more slaves to do the work. This meant more slaves went through the wretched slave trade. By 1860, there were 4 million slaves in the U.S, some 60% of whom worked in cotton (pbs.org). These field slaves would have cuts on their hands from the dried bristles; their back would ache being bent down all day. This was a very tedious task, but not a hard one. Sometimes the only thing that got these slaves through the day was song, rhythm, and dance. On the plantation the slaves were provided small housing. Each hut was cramped and sometimes held ten people. They had little furniture, and the beds were usually made of rags and straw. Weekly food ration were distributed every Saturday including: corn meal, lard, some meat, molasses, peas, greens, and flour. Each day theShow MoreRelatedHarriet Tubman And The Underground Railroad1510 Words   |  7 PagesThis memoir covers the life of Harriet Tubman who was a slave known for her extraordinary chip away at the Underground Railroad. Harriet Tubman was conceived in Dorchester County, Maryland on March, 1822. This novel discusses how Harriet Tubman had the capacity escape bondage in the south in the year of 1849 and looked for some kind of employment in the north. Particularly in Philadelphia, where she worked in inns to raise enough cash to bolster her needs. She would then migrate to Canada and inRead MoreHarriet Tubman And The Underground Railroad1695 Words   |  7 PagesHarriet T ubman’s success in freeing hundreds of slaves through the Underground Railroad is recognized throughout the world. As an escaped slave herself, she still traveled to the southern states many times to free other slaves. A normal fugitive slave would not put themselves in danger and risk imprisonment, but Harriet Tubman did. Although Harriet Tubman is very popular and every school teaches her life story, not many realize that she had a spy ring and had enormous influence on the Union duringRead MoreHarriet Tubman And The Underground Railroad1422 Words   |  6 PagesHarriet Tubman The Underground Railroad was a system set up to help escaping slaves safely survive their trip to the north. Harriet Tubman was a leader and one of the best conductors on the Underground Railroad. Harriet Tubman made a total of 19 trips into slave holding states freeing around a total of 300 slaves. Huckleberry Fin was written by Mark Twain, Jim one of the main characters was an escaped slave. Harriet Tubman played a significant role in liberating slaves as she worked as a conductorRead MoreHarriet Tubman And The Underground Railroad832 Words   |  4 PagesHarriet Tubman and the Underground Railroad Harriet Tubman was like a conductor on a train. Running the underground railroad to free innocent slaves from certain neglect. What do people think when they hear the name Harriet Tubman. some might think of her as a dirty black others might call her a hero, or moses. Harriet Tubman was a very brave, and courageous woman. In this paper we will explore the childhood, life of slavery, and how she came to be known as the women called moses. Araminta wasRead MoreHarriet Tubman And The Underground Railroad1097 Words   |  5 PagesEssay) Harriet Tubman was born Araminta Ross in 1822 in Dorchester, Maryland. She was born a slave and would be, until she ran away in 1849. After she ran away she did many great deeds, but how do you define greatness. Based off the length of time, risk, and number of people helped, there is a clear outline for greatness. Harriet Tubman had many great achievements throughout her life. She was a spy, a nurse, and a caregiver. However her greatest achievement was working in the Underground Railroad. OneRead MoreHarriet Tubman And The Underground Railroad1416 Words   |  6 Pagesabolitionists such as Harriet Tubman did much to ameliorate, and later, abolish slavery. Harriet was a strong and courageous woman and a well-known conductor of the Underground Railroads, around the 1850s. Harriet Tubman personal experiences throughout her life have shaped her to become the stout-hearted woman who helped many slaves escape to freedom, by using the Underground Railroad—a network of secret routes. As described in the novel â€Å"In their own words: Harriet Tubman,† Sullivan introducesRead MoreHarriet Tubman And The Underground Railroad1279 Words   |  6 PagesBefore Harriet Tubman became a vocal point in the Underground Railroad she grew up a slave. Harriet Tubman was born in Dorchester County, Maryland in 1820. Tubman’s original name was really Araminta Ross and was usually called by her nickname â€Å"Minty†. Tubman would experience the life of slavery very quickly as she was hired to take care of an infant. She was far too young to handle the duties of housework and would be abused multiple times. Her first real incident happened when the child she wasRead MoreHarriet Tubman And The Underground Railroad1965 Words   |  8 PagesMexico and Utah territories. What was benefited from the Underground Railroad? The underground railroad was to free African Americans and white protesters established a secret system of people who would risk themselves and hide fleeting slaves. The escape routes were called the Underground Railroad. Who was Harriet Tubman and what did he do? Harriet Tubman was one a famous conductor who was born into being a slave in Maryland. Tubman thought she was being sold when her owner passed away and decidedRead MoreHarriet Tubman And Underground Railroad Essay1874 Words   |  8 PagesThe Underground Railroad began in the 1780s while Harriet Tubman was born six decades later in antebellum America. The Underground Railroad was successful in its quest to free slaves; it even made the South pass two acts in a vain attempt to stop its tracks. Then, Harriet Tubman, an African-American with an incredulous conviction to lead her people to the light, joins the Underground Railroad’s cause becoming one of the leading conductors in the railroad. The Underground Railroad and Harriet TubmanRead MoreHarriet Tubman: The Underground Railroad Conductor1286 Words   |  5 PagesHarriet Tubman: The Underground Railroad Conductor The American dream and racialization are certainly some of the most intriguing concepts both in the historical and contemporary American attitude. They represent an embodiment of struggles, pain, hope, and optimism. American history has both in the ancient and present circulated around the subjects of hope and optimism, regardless the circumstances. Numerous accounts of magnificent and iconic historical features surface in this unfolding of events

Contemporary Theory Stratification Essay examples

A major concern of modern-day theory would be the impacts of stratification within society. Social stratification is defined as the â€Å"hierarchical or vertical division of society according to rank, caste, or class† (Dictionary.com 2014). Social stratification can be operationally defined â€Å"as the systematically unequal distribution of power, wealth, and status (Bowles 2013; Kerbo 2000). Stratification sets up that all known societies past and present â€Å"distribute its scarce and demanded goods and services unequally† (Grusky, Ku, and Szelenyi 2008; Tumin 1953). Kingsley Davis and Wilbert Moore (1945) establish a main function of stratification; which can be explained by the â€Å"requirement faced by any society of placing and motivating†¦show more content†¦In any society, there are a number of tasks must be accomplished in order for society to function properly. Thus, stratification within a society insures that â€Å"the most important position s are conscientiously filled by those considered qualified† (Davis and Moore 1945). Whether the society is, simple or complex, it must differentiate members of society in â€Å"terms of prestige and esteem,† ushering in certain forms of â€Å"institutionalized inequality† (Davis and Moore 1945; Tumin 1953). Davis and Moores central argument of social stratification is characterized through the analysis of Melvin M. Tumin (1953); First, particular positions within society have more important functions than others, because they require specialized skills in order to appropriate their position. Second, the mentioned specialized skills are limited, as individual in society have talents that are trainable into skills. Third, â€Å"the conversion of talents into skills† requires a period in which sacrifices, in one form or another, are made by those individuals in training. Fourth, The individual who undergoes specialized training through â€Å"sacrifices and acquired training, the future position must carry an inducement value in the form of privileges and disproportionate access to scarce and desired rewards†. Fifth, the â€Å"scarce and desired goods consist of the rightsShow MoreRelatedAn Insight Into Contemporary British And Indian Societies980 Words   |  4 PagesWith reference to contemporary Britain and one other society, explain ways in which the societies are held together through common cultures but are also unequal and divided. This essay will demonstrate some key concepts in sociology by providing an insight into how contemporary British and Indian societies have held together through common cultures but are unequal and divided. It will explain how shared culture, social organisation, values and norms between the two societies may help produce stabilityRead MoreSubcultures And Its Influence On Contemporary Society1562 Words   |  7 PagesHistorically, subcultures found its definition originating in the early 1800s, with examples such as bohemia and another example(ref). Whether subcultures still have an identifiable existence in today’s contemporary society is contentious pertaining to its difficulty in actual measurement. It is important to look from a historical perspective at the features that define a subculture, and gives it the unique identity that constitutes some discernible traits that differ from conventional society. ThisRead MoreSocial Stratification: Through the eyes of Tà ¶nnies and Park1638 Words   |  7 Pagesinternational war. Despite these similarities, each theorist offered unique perspectives on the sociological changes they saw around them. In this paper, I will attempt to explore these theories’ similarities and differences as well as apply each to the issue of social stratification and inequality in contemporary society. Ferdinand Tà ¶nnies is best known for his publication Gemeinschaft und Gesellschaft, originally published in 1887 and was considered his greatest work (Samples, 1987). In this bookRead MoreThe Theory Of The Leisure Class Essay1367 Words   |  6 PagesThe Theory of the Leisure Class, by American economist and sociologist Thorstein Veblen, stands as a testament to both insightful social commentary and an unquestioning dogmatism of its contents in everyday academic discourse verging on the commonsensical. It was written in 1899; a place in history where late capitalism or postmodernity is seldom to be imagined by even the most gifted of social critics. The book, itself, is a treatise on economics and a detailed social critique of conspicuous consumptionRead MoreRelevance of Social Stratification1272 Words   |  6 PagesSocial stratification is defined as the division of a society into a number of hierarchically arranged strata. Strata are the levels or classes in society which are layered in a structured hierarchy with the least privileged at the bottom and most privileged at the top. (Giddens, 1977) A society, or human society, is a group of people related to each other through persistent relations, or a large social grouping sharing the same geographical or virtual territory, subject to the same political authorityRead MoreStratification And Inequality Essay1497 Words   |  6 Pagessociologist broadly interested in three areas: 1) stratification and inequality; 2) immigration and globalization, 3) work and labor markets. Specifically, I focus on examining how class structure and migration patterns contribute to social inequalities and labor market outcomes. Also, I work on the themes of immigration, work and occupations in the United States. I am particularly interested in examining these processes in the urban context. Stratification and Inequality Growing up in ChinaRead MoreCompare the Functionalist and Marxist Views on Social Stratification1740 Words   |  7 PagesSOCIAL STRATIFICATION. Social stratification refers to the presence of distinct social groups which are ranked one above the other in terms of factors such as prestige and wealth (Haralambos Holborn, 2004). Those who belong to a particular group or stratum will have some awareness of common interests and a common identity. They also share a similar lifestyle which, to some extent, will distinguish them from members of other social strata (Lenski, 1984). Social stratification involvesRead MoreCompare the Functionalist and Marxist Views on Social Stratification1734 Words   |  7 PagesCRITICALLY COMPARE MARXISM AND FUNCTIONALISM IN THE WAY EACH PERSPECTIVE CONCEPTUALIZES THE PHENOMENON OF SOCIAL STRATIFICATION. Social stratification refers to the presence of distinct social groups which are ranked one above the other in terms of factors such as prestige and wealth (Haralambos Holborn, 2004). Those who belong to a particular group or stratum will have some awareness of common interests and a common identity. They also share a similarRead More What is wrong about Donald Blacks theory of law? Essay1262 Words   |  6 PagesBlacks theory of law?   Ã‚  Ã‚  Ã‚  Ã‚  In his book on ?The Behavior of Law? Donald Black attempts to describe and explain the conduct of law as a social phenomenon. His theory of law does not consider the purpose, value, impact of law, neither proposes any kind of solutions, guidance or judgment; it plainly ponders on the behavior of law. The author grounds his theory purely on sociology and excludes the psychology of the individual from his assumptions on the behavior of law (Black 7). The theory of lawRead MoreMarxist Theory And Social Class1238 Words   |  5 PagesIn contemporary Western societies, there is a social division due to stratification and classes. Strydom (2005) defines social class as group of individuals that share similarities like power and prestige. Saunders (2001) states that stratification is the presence of distinct social groups which are ranked. Therefore, the major difference is that stratification shows diversity while social classes defines an inequality. In Marxist theori es, society is divided between two classes, and social stratification

Media Marketing In Tourism And Hospitality -Myassignmenthelp.Com

Question: Discuss About The Media Marketing In Tourism And Hospitality? Answer: Introducation This report aims to include all the components and strategies of promotional plan, which are used by Ocean City Plaza Motel to approach its target audiences. By using these techniques, the company will be generating service value in the future. Product or Service Overview Ocean City Plaza is a well-established motel, which is located as a beachfront motel at Bondi beach, Sydney, Australia. The Motel is making every effort to make guests comfortable and satisfied. It is facing and adjacent to the beach and located near to the bus stop. Ocean City Plaza is the motel, which is attracting its target audiences by offering best hospitality and accommodation amenities. In its menu, it is offering food from 25 different areas, including vegetarian, non-vegetarian, healthy and dietary food and other demanding options from customers. Top features of Ocean City Plaza include effectively managed check-in and check-out operations, Helipad, swimming pools, parking space, restaurant, and rooftop live caf etc. To attract its target customers, company is providing many offers like; discount on air ticket, pick and drop services from stations and airport, car rental services, Gym facility, bar, laundry services etc. The organization offers the rooms and space for the p eople, who want to spend time with their friends and families, business professionals searching for a space to hold business meeting and honeymooners (Beachfrontmotel.com.au. 2017). Target Audiences For its accommodation and hospitality services, Ocean City Plaza Motel is targeting the customers, who wish to spend good time with their friends and families. Moreover, it is focusing on the business professionals and organizations by providing space for business meetings and reunion parties. In addition to above, other target audiences are couples, honeymooners, and fishermen. Ocean City Plaza Motel is offering different categories of rooms according to customer budget and requirements. For its target market, the major strategy of the organization is to develop this motel into a popular destination choice for local and outside people, who are reaching Sydney for leisure and business purposes (Assaf, Agbola, 2014). Competitive Analysis Ocean City Plaza Motel in Sydney is facing intense competition from several leading hospitality organizations in the area, i.e. QT Bondi, Adina Bondi Beach and Hotel Bondi. As compared to its competitors, this motel is offering all the above mentioned services at affordable rates. At Ocean City Plaza, there is an availability of different room categories, like; single rooms, double rooms and family size also. Other competitors are not providing all services and amenities as Ocean City Plaza is offering in this beach area (Bergin-Seers, Jago, 2007). Justification for better value The organization will look for improving its brand value, so that it can increase its customer base. The marketers of Ocean City Plaza Motel can provide more offers and discounts for attracting local and overseas people towards its hospitality services. By extending its target market, the motel can cover bachelors, who are reaching Australia for education and holiday purpose. Research Methods Methodology is a step by step process, which is developed for attaining a research objective. For this research, both primary and secondary research methods will be used. Research study will be conducted through questionnaire for understanding the preferences and needs of customers towards beach adjacent motel. This questionnaire form will be arranged in a manner to know about the expectations of people. It will assist the organization in formulating an appropriate marketing and business strategy. Primary data will be collected by circulating this questionnaire among 500 guests of beach front motel and distributing this all over the city to above 18 years old age people. This questionnaire will be divided in three sections, from which first section will include the demographic variables and second part will be related to different factors of promotion mix. It will have five point ratings indicating satisfaction level of customers. The comparative weights will be given from one to fiv e, where five will be the highest rank, i.e. highly satisfied at beach front motel (Bruni, Cassia, Magno, 2017). Moreover, secondary data will be gathered from internet, competitors websites, journals of hospitality management, journals of marketing, business review and business magazines. Furthermore, this beachfront motel will use STP (Segmentation, Targeting and Positioning) to understand and approach its customers. It can use different variables of segmentation approach such as; demographic, geographic, psychographic and behavioral. By focusing on these characteristics, the organization will prefer to target its audiences and develop marketing strategies. In the case of secondary data collection, the motel will check the validity and reliability of sources. In addition to this, it will consider the ethical and legal aspects, while delivering the brand message to its target audiences (Chen, Liu, Chang, 2013). Current Value Analysis Value analysis is a systematic process, which is developed by an organization to assess each and every product feature. It is used by an organization to ensure that the product or service cost is appropriate according to its functions (Miles, 2015). For the services, it can be stated that what service offerings should be minimized and maximized according to requirement of customers. Value perceived by customers and competitors value Customer perceived value is the value, which shows the different between customer analysis of the advantages and costs of a product or service, when it is compared with its competitors. This value is directly related to the sales of companys products and services. Ocean City Plaza Motel is serving the customers with its best accommodation and hospitality services, which are available on affordable prices (Expedia, 2017). Primary target customers of this firm are business travelers, leisure travelers, honeymooners, fishermen etc. For improving its value, the motel has offered the hospitality services according to the needs and demands of customers. There are different categories of rooms like; single rooms, double rooms and family size rooms. All of these rooms are managed as per the affordability of guests. As discussed above, Ocean City Plaza Motel is confronting competition from various players, i.e. QT Bondi, Adina Bondi Beach and Hotel Bondi. These competitors are also offering similar services in Sydney, Australia. Adina Bondi Beach Motel is one of the biggest competitors of Ocean City Plaza Motel. It is also a beachfront motel and situated in nearby area. It also provides different categories of rooms like; single room to more than 5 people. These competitors of Ocean City Motel are implementing different strategies to advertise and promote its services all over the world. It is using social media and other methods of promotion for attracting the customers towards its hospitality services (Johnson, Culp III, Bridge, 2016). Current Value Proposition There are some important factors, which can be used to analyze the current value of Ocean City Plaza Motel. These factors are such as; management, marketing, infrastructure and customer satisfaction. Ocean City Plaza Motel needs to consider these components as they can create positive customer perception towards its hospitality services. After comparing the services of this motel with existing competitors, it is founded that Ocean Plaza is offering unique and more services than its competitors (Yang, Zhang, Mattila, 2016). It has positioned itself as luxury hospitality service provider at affordable rates according to the spending of customers. For creating its value, Ocean City Plaza Motel will focus on some important factors, which are stated below; Marketing Marketing is one of the important factors for approaching the customers effectively. Ocean City Plaza Motel is focusing on its marketing and promotional processes by implementing effective strategies. The organization has analyzed that its competitors, like; QT Bondi, Adina Bondi Beach and Hotel Bondi are proliferating their hospitality services on social media networking sites and internet. In todays business world, internet and social media are renovating the demands and supply of tourism. Ocean City Motel is implementing effective marketing and strategies for promoting its services and enhancing brand image among people. It will use different modes for promoting its hospitality services (Kim, Kim, Kim, Magnini, 2016). Effective marketing will create a positive brand image among Australian and overseas population. Infrastructure Nowadays, people are becoming very conscious about environment and related issues. In this era, the Ocean City Plaza Motel is committing about its infrastructure. The hotel building is built by considering the green and eco-friendly infrastructure aspect. Under this component, the organization will focus on providing different amenities like; LCD TV, free Wi-Fi, heater, air conditioner etc. It will operate the whole premise by solar energy with the objective of environment protection. Management Effective management of all the processes and operations is very important for developing value of an organization. If an organization wants to attain growth and success, then it needs to manage the business environment and activities. This beach front motel will manage all its operations and processes effectively. Primarily, it will manage the environmental attributes of the tourist destinations and hotel premises. It is very important for attracting the customers and encouraging their interests towards its hospitality services (Kitchen, Burgmann, 2010). Customer Satisfaction and Loyalty Customer satisfaction and loyalty are two significant factors for generating value of hospitality services. If the customers will be satisfied with the motels services, they will recommend this motel to their friends and relatives. Ocean City Motel is offering its services at affordable prices and allocating the rooms according to guests requirement and spending. The management at beachfront motel believes that it is very important to satisfy the customers and develop brand loyalty towards its hospitality services. At this motel, the staff is customer friendly and they trained properly for fulfilling the needs and demands of guests. It will be beneficial for the growth of organization and it will be able to increase customers repeat intention to visit the motel again (Litvin, Dowling, 2016). Thus, the motel has created the value for its hospitality services by considering the above mentioned components. Currently, it is able to generate value and attract customers towards its accommodation services. Marketing Promotional Plan Marketing promotional plan of an organization is an important section in its overall marketing plan, when it introduces its new products and services in market. This plan is developed by incorporating different promotional and advertising strategies. It is an important component of marketing mix along with product, price, place, people, processes and physical environment. The foremost objective of promotional mix plan is to communicate the companys message to target population in an effective manner. Ocean City Plaza is adopting different offline and online promotional methods like; sales promotion, personal selling, advertising and events and sponsorships (McPhail, Patiar, Herington, Creed, Davidson, 2015). This motel is adopting these communication mix elements with different aims. These elements are stated below; Communication mix elements objectives Ocean City Plaza Motel will implement these promotional mix elements with specific objectives, which are given below; Advertising Advertising is the most significant approach under marketing and communication program, through which company can reach to large customer base. When a company introduces its new products and services, it focuses on advertising methods and its modes. Under Advertising method, Ocean City Plaza Motel will implement different media to share its brand message to customers. Different media, adopted by Ocean City Plaza Motel are stated below; Print Media Under advertising technique, print media is a significant way to approach the target audiences. Ocean City Plaza Motel will adopt this media for enhancing organizational presence. This hospitality organization can give ads about its services in print media elements such as; posters, newspaper and magazines (Sandstrom, 2016). The organization will post the ads in the most circulated newspapers in Australia. This will be the most approachable way because most of the population read the newspaper. In addition to this, it can publish the ads in magazines also, because women prefer to read magazines. It will display the offers and discounts in a smart manner. Traditional and broadcasting Media In addition to print media, the organization will adopt traditional media to deliver its product message to target population. Under this, it will use various platforms such as; TV and radio. The people, who do not use internet applications and social media networking sites, they can be contacted by the use of traditional media. The organization will partner with different TV channels and give the ads in most attractive way. In this advertisement, the motel can communicate its amenities and services by displaying the pictures and videos (Singh, Kumar, 2015). Online Media Ocean City Plaza Motel can implement online means for promoting and advertising its hospitality services. The organization will use different social networking sites, like; Facebook, Twitter, Instagram etc. for promoting its services. It is the most profitable way to advertise its services, because most of the people are actively using internet and its applications. By the use of these sites, Ocean City Plaza Motel can share their discounts and offers to the target audience. It can create a page on Facebook and place the motels pictures and videos. Using these modes of promotion and advertising, Ocean City Plaza Motel can know about the feedbacks of guests towards its accommodation and hospitality services (Sigala, 2015). Sales promotion For approaching its customers, Ocean City Plaza Motel will adopt sales promotion technique. By the use of this technique, the organization will be able to encourage the customers to use its hospitality and accommodation services. The main objective of this method is to increase the service demands among people. Sales promotion is the most effective method for enticing target people by offering them major discounts and other offers on actual amount of booking. In the lean season, this method can be used, when the arrival of guests is very low. By the use of this technique, the company will able to provide the rooms on cheaper rates than its competitors in Australian industry. This will support the firm in attaining more comparative advantage over other players in Australian industry (The Beachfront Motel, 2017). By giving offers and discounts, Ocean City Plaza Motel can enlarge its customer base and enhance its presence worldwide. Personal Selling Personal selling is one of the most important methods, through which an organization can use its employees to promote the services through personal contact with target audiences. Ocean City Plaza can adopt personal selling, when the guests are staying in hotel rooms. The organization will hire the knowledgeable, trained and experienced staff, so that they can deliver the services effectively and fulfill the demands of guests. At Ocean City Plaza, this technique can be effective and useful for enhancing its brand image among target population (Deeter-Schmelz, 2017). Events and sponsorships In addition to above promotional and communication techniques, the Ocean beachfront motel will conduct different events. Through these events, the organization will be able to approach the customers. It will organize the events and its customer executive will contact with the potential customers (Liana, Alexander, 2012). By doing this, they can understand current needs and preferences of people towards hospitality services. These events can be conducted in shopping malls and other social gatherings. Promotional Budget To execute all the above given marketing and promotional strategies, the organization will create an Integrated marketing communication (IMC) budget (Peng, Zhao, Mattila, 2015). This budget includes all the forecasted expenses on these promotional activities. IMC budget for Ocean City Plaza Motel is created below; IMC Budget (Ocean City Plaza Motel, Sydney ) Promotion Tools Amount (in $) Social/Digital Media Marketing 1. Facebook $6,300 2. Twitter $2,500 3. Instagram $4,700 Total Social Media $13,500 Online Display ads $5,800 E-mails $14,000 Online promotional Campaigns $21,000 Total Budget for Online Media $54,300 Print Media 1. Newspaper Magazines $34,000 Total Print Media $34,000 Traditional and Broadcasting Media 1. TV Channels $55,000 2. Hoardings $22,000 Total $77,000 Personal Selling $6,500 Sales Promotion $2,400 Events and Sponsorships $4,500 Total Required Budget for Promotion $178,700 Action Plan For implementing this promotional mix plan, the motel needs to create an action plan. This action plan will include all the actions, duration and concerned department (Sigala, 2015). The action plan for Ocean City Plaza is stated below; Activity Starting date End Date Responsible Person Related Department Establishing communication objectives 1/2/2018 - Senior managers and top executives Senior level management Communicating objectives with the team 1/3/2018 - Board of Directors Top management Choosing best communication mix elements 1/5/2018 - Marketing managers Marketing and communication division Implementation of promotional mix plan 1/6/2018 - Advertising and communication managers Marketing department Conclusion From the above report, it can be concluded that customer satisfaction and marketing are two important components for creating and developing brand in service industry. It is very important to formulate the marketing communication and promotional plan, when it introduces its products and services in market. This report includes the discussion about the marketing and communication plan for Ocean City Plaza Motel. This plan includes different communication mix elements and promotional strategies, which can be used by the organization for approaching the target market. By executing this plan, the organization will be able to reach to its target audiences and entice towards its hospitality and accommodation services. Last section of report includes IMC budget for implementing these strategies and tactics in the market. References Assaf, A. G., Agbola, F. W. (2014). Efficiency analysis of the australian accommodation industry: a bayesian output distance function.Journal of Hospitality Tourism Research,38(1), 116-132. Beachfrontmotel.com.au. (2017).Beachfront Motel. Retrieved 24 January 2018, from https://www.beachfrontmotel.com.au/accommodation/. Bergin-Seers, S., Jago, L. (2007). Performance Measurement in Small Motels in Australia:(Funded by the Sustainable Tourism Co-operative Research Centre).Tourism and hospitality Research,7(2), 144-155. Bruni, A., Cassia, F., Magno, F. (2017). Marketing performance measurement in hotels, travel agencies and tour operators: a study of current practices.Current Issues in Tourism,20(4), 339-345. Chen, K. H., Liu, H. H., Chang, F. H. (2013). Essential customer service factors and the segmentation of older visitors within wellness tourism based on hot springs hotels.International Journal of Hospitality Management,35, 122-132. Deeter-Schmelz, D. R. (2017). Personal Selling and Sales Management Abstracts.Journal of Personal Selling Sales Management,37(2), 170-184. Expedia. (2017). 2 Star hotels in Ocean City. Retrieved from https://www.expedia.co.in/2Star-Ocean-City-Hotels.s20-0-d9151.Travel-Guide-Filter-Hotels?rfrr=Redirect.From.www.expedia.com%2F2Star-Ocean-City-Hotels.s20-0-d9151.Travel-Guide-Filter-Hotels. Johnson, J. H., Culp III, K., Bridge, J. (2016). Delivering Your Marketing Message: Planning Productive Promotions. Kim, J., Kim, P. B., Kim, J. E., Magnini, V. P. (2016). Application of construal-level theory to promotional strategies in the hotel industry.Journal of Travel Research,55(3), 340-352. Kitchen, P. J., Burgmann, I. (2010).Integrated marketing communication. John Wiley Sons, Ltd. Litvin, S. W., Dowling, K. M. (2016). TripAdvisor and hotel consumer brand loyalty.Current Issues in Tourism, 1-5. McPhail, R., Patiar, A., Herington, C., Creed, P., Davidson, M. (2015). Development and initial validation of a hospitality employees job satisfaction index: Evidence from Australia.International Journal of Contemporary Hospitality Management,27(8), 1814-1838. Miles, L. D. (2015).Techniques of value analysis and engineering. Miles Value Foundation. Peng, J., Zhao, X., Mattila, A. S. (2015). Improving service management in budget hotels.International journal of hospitality management,49, 139-148. Sandstrom, K. (2016). Resorting to motels: Outsourcing to fill the gap.Parity,29(3), 32. Sigala, M. (2015). Social media marketing in tourism and hospitality.Information psychology Tourism,15(2), 181-183. Singh, P., Kumar, H. (2015). A study of hospitality marketing mix with reference to Indian hotel industry.Intercontinental Journal of Marketing Research Review,3, 14-23. The Beachfront Motel. (2017). Hotel Amenities. Retrieved from https://www.expedia.co.in/Great-Ocean-Road-Hotels-The-Beachfront-Motel.h1522089.Hotel-Information. (Accessed on 24 January 2018). Liana, V. Alexander R. (2012). Scripting employees: An exploratory analysis of customer perceptions.Cornell Hospitality Quarterly,53(3), 196-206. Yang, W., Zhang, L., Mattila, A. S. (2016). Luxe for less: how do consumers react to luxury hotel price promotions? The moderating role of consumers need for status.Cornell Hospitality Quarterly,57(1), 82-92