What is sustainability Essay - 1470 Words

Is economic social and environmental sustainability achievable in today’s world? Introduction The aim of this paper is to try and give an understanding of â€Å"sustainability† to the reader and look into the various ideas surrounding the 3 pillars of a sustainable world. I am going to take you through the 3 topics in question separately before looking into whether or not sustainability is now even possible given the destruction we have already caused to the planet. I will also look into the millennium development goals as set out by the United Nations where in goal 7 they aimed to â€Å"ensure environmental sustainability†. Towards the end of this essay I will give critical analysis to whether or not I believe personally sustainability is†¦show more content†¦Realistically for something to be sustainable it must be able to continue forever. One breakthrough definition of sustainability came about in 1987 and reads: Development that meets the needs of the present without compromising the ability of future generations to meet their own needs. (,. (2009). What is sustainable development?. Available: http://www.worldbank.org/depweb/english/sd.html. Last accessed 2/5/2014.) For all round complete sustainability you need the three pillars of economic, environmental and social sustainability all to be in sync and working as a whole sustainable connection. When one fails we cannot have complete sustainability. Economic sustainability Economic sustainability is a term used to identify different approaches that use resources at an economy’s disposal by the best means possible. The concept is to encourage the use of resources in an efficient and responsible way; it is also the aim that long term benefits will come about through these implementations. In most cases economic sustainability is measured in financial terms. The worth of assets and resources are often portrayed by the use of currency to display the total profit that has been produced by the resourceful use of those assets. Most people today spend above there means which they are not living sustainable lives as they cannot continue to spendShow MoreRelatedWhat Are The Five Main Mechanisms Of Sustainability?1251 Words   |  6 Pagesand practice the principle of sustainability. Today, untenable production methods, over consumption and an ever increasing population test our use of finite materials like never before. That’s all sustainability is really, reaching a reasonable balance between what makes us prosper as a society and our depletion of earths limited assets. One can fall on either side of the spectrum, but that’s a whole different discussion. There are five main mechanisms of sustainability; economy, environment, socialRead MoreThe Article What s Blocking Sustainability? Human Nature, Cognition, And Denial By William Rees1748 Words   |  7 PagesThe article titled What s blocking sustainability? Human nature, cognition, and denial by William Rees brings up an important argument that human society nowadays is no longer sustainable. Human activity, therefore, seems to be maladaptive: it selects defective genes and malicious memes as well as act in such a way so that to exploit the natural resources to the point of threatening human survival in the long run. The modern techno-industrial society in this relationship to the ecosphere supportRead MoreWhat Is Your Evaluation of the Effectiveness of the U.S. Health Care System in the Context of Delivery, Finance, Management, and/or Sustainability? What Are the Issues That Prompted a Need for Health Care Reform?896 Words   |  4 PagesWhat is your evaluation of the effectiveness of the U.S. health care system in the context of delivery, finance, management, and/or sustainability? What are the issues that prompted a need for health care reform? Support your answer with a credible data reference. Do not use a reference already used by another student. Health care reforms is one of the biggest issue for voters. With our aging population, complexity of illness and growing cost of health care, the government need a new approachRead MoreWhat Is Your Evaluation of the Effectiveness of the U.S. Health Care System in the Context of Delivery, Finance, Management, and/or Sustainability? What Are the Issues That Prompted a Need for Health Care Reform1122 Words   |  5 Pages Health Promotions: Primary, Secondary and Tertiary Beth Fleming Grand Canyon University April 03, 2014 For many years, health promotions and prevention has been the focus for healthcare providers, especially nurses. Health promotion seeks to improve a person or population’s health by teaching about and helps people become more aware of risky behaviors associated with different diseases. It encourages individuals to take preventativeRead MoreSustainability And Its Impact On The Environment1365 Words   |  6 Pages Sustainability can be defined in numerous ways. According to the United States Environmental Protection Agency, sustainability is based on the belief that everything we need to survive directly and indirectly depends on our natural environment (2015). Sustainability creates and maintains the conditions in which humans and nature exist (United States Environmental Protection Agency, 2015). For the purpose of this proposal, sustainability will be addressed from an environmental aspect, as well asRead MoreEthics And Corporate Social Responsibility1637 Words   |  7 P agesPractices of Leadership contributed to Managing Sustainability: Ethics and Corporate Social Responsibility in the post-bureaucratic era. â€Å"Leadership is the process of directing, controlling, motivating and inspiring staff toward the realization of stated organizational goals† (Clegg, S.R. Kornberger, M. Pitsis. 2011, p.126.) Leadership in the post-bureaucratic era is essential for the success of a company, and also plays part into the Sustainability of Ethics and Corporate Social ResponsibilityRead MoreThe Issue Of Sustainability Is Much Than Much More Than Just That The Earth s Population1259 Words   |  6 Pagesbrings me to the idea of sustainability. A simple description of the word means that what we have today we will also have tomorrow, next week, next year, or even the next lifetime. Although that is the modest version sustainability is much, much more than just that. Sustainability is derived from three main parts of the human life: environmental, social, and economic. Each being just as important as the other. Environmental is the most well-known aspect of sustainability in human life, but both socialRead MoreThis Paper Aimed To Explore The Concept Of Sustainability738 Words   |  3 PagesThis paper aimed to explore the concept of sustainability of nursing innovations guided by the concept analysis framework developed by Wilson (1969). Although attention in the literature of implementation science has arisen in a few decades, there is a need to identify a concrete definition to capture the essential elements in the concept of nursing innovations sustainability. This paper will present the connotative definitions and attributes, operational definition, antecedents, consequences, exemplarRead MoreGlobal Business And Its Sustainability Essay1745 Words   |  7 Pagesbusiness and its sustainability can contribute significantly to present and upcoming accomplishment of organizations. A major success factor for change towards sustainability in corporate world is incorporation of environmental, economic and societal goals. This incorporation is an important achievement, howev er it require a systematic approach which itself is a major challenge for organizations. Therefore, there is a significant need to acknowledge subject’s related to sustainability, which shouldRead MoreCsr And Its Impact On Sustainability1017 Words   |  5 Pagesenvironmentally responsible. Countless corporations understand the need for CSR and claim to have sustainable strategies in place, but are the strategies real or is it a facade? What are the real intentions behind companies turning to sustainability? Is there a hidden agenda or do they have a genuine concern with the sustainability issues, stakeholder and consumer demands or are they seeking a competitive advantage through brand recognition and market share? Furthermore, in past recent years, several companies

Analysis of Jason and The Golden Fleece Essay - 690 Words

Athamas, a Greek King, grows tired of his current wife, Nephele and decides to put her in jail and quickly marries Io to take Nephele’s place. Nephele began to fear that Io would kill her children to ensure that Io’s children would inherit the kingdom instead. Io began to secretly gather seed-corn and parched the seed causing a famine across the entire kingdom. Athamas approaches an oracle to learn how to end the current famine; however, Io bribes a messenger to change the message saying that the only way to end the famine is to sacrifice his son, Phrixus. Phrixus was brought to the sacrificial altar however just before his sacrifice; a ram with a golden fleece takes Phrixus and his sister and runs away. The ram, which was sent by Hermes,†¦show more content†¦Once again, Medea assits Jason and leads him to the golden fleece and charms the guard allowing Jason to take the fleece and return home. Ultimately, Medea kills her brother thinking she was protecting Jas on and later arranges for King Pelias to be killed by his own daughters. Jason later marries another woman and due to Medea’s jealously she chooses to kill both Jason’s new wife and her own two sons that were fathered by Jason. Within Jason and the Golden Fleece both a man versus man and a man versus himself conflict exist. There is a clear external conflict established between Medea and Jason as she turns her jealousy and anger into revenge against Jason, doing anything to cause him pain. Through the murdering the princess, the king and their children, Medea displays her hatred and intent to cause Jason pain, proving her continuing conflict. Furthermore, Medea experiences a man versus himself conflict, her internal conflict is apparent as she contemplates the murder of her children, for she wants to see the pain and hurt of Jason, yet she has great pain over killing them herself. Medea realizes that her children are her own flesh and blood and they are ultimately a p art of her but somehow her pain and yearning for revenge against Jason proves to be stronger than the love she has for her children. Similar to most Greek mythology, the importance and the power of the gods is most certainly displayed in Jason and theShow MoreRelatedEssay on Medea by Euripdes503 Words   |  3 Pagesmotif for her actions. Critical analysis of the circumstances surounding Medea can help explain the vile deeds she comitted. In order to fully understand the actions taken by Medea we must grasp the socialogical postion of woman and men of the time. The culpret of the betrayal is Jason, Medeas former husband. In many ways the entire play has to do with the growing empowerment of women. Jason and Medea disagree about what Jasons new marriage means. Jason seems to be using that argument thatRead MoreMedea Plot Analysis1392 Words   |  6 PagesMedea is an ancient Greek tragedy play written by Euripides. The play bases itself on the ancient myth of Jason and Medea. The plays plot centers itself on the actions of Medea who was the Barbarians former prince who seeks revenge against Jason who betrayed her with another woman. Considered as one the best work produced by Euripides, the play has earned the writer several awards including the Dionysian festival awards in 431BCE (Williamson 1) Therefore, the purpose of this paper is to discussRead More Contrasting Gender Differences in in Medea versus Wide Sargasso Sea1722 Words   |  7 PagesAntoinette, a figurative enslavement. Both men are unfaithful to their partners, though not in a `moment of weakness, but premeditated, instilling jealousy in their spouses. Neither of them meets the strengths of character expected in their day. Jason displays no physical strength, valour or bravery. Indeed, Medea accuses him of spinelessness.(Medea, p62, line 468.) Wide Sargasso Seas (unnamed,) Rochester is himself disempowered. Born a second son, he is unable to inherit his fathers estateRead MoreSouthwest Airlines1033 Words   |  5 Pagesthan their future is as golden as Jason s fleece. References Heskett, J.L. (2003). Southwest airlines 2002: An industry under siege. Retrieved September 30, 2007 from http://harvardbusinessonline.hbsp.harvard.edu/relay.jhtml?n ame=cpc=c10563 Intangible Asset. Retrieved September 30, 2007 from http://www.investopedia.com/terms/i/intangibleasset.asp Serafimov, K. (2004). Proceedings from AIB-SE Annual Meeting: Sustainable competitive advantage: Comparative analysis and lessons from the practiceRead More Comparing Symbols and Symbolism in Blue Hotel, Black Cat, Night, Alfred Prufrock, Red Wheelbarrow1620 Words   |  7 PagesWheelbarrow by William Carlos Williams encompass examples of color symbolism from both the prose and the poetry of literature. When drawing from various modes of psychology, interpretations of various colors, with emphasis to dream psychology, an analysis of the colors themselves and then their applications to literature can be readily addressed.    Colour is one of the areas in daily life in which symbolism is most readily apparent. (Fontana 66) The use of color as a source of symbolismRead MoreWilliam Shakespeare s The Merchant Of Venice1616 Words   |  7 Pagesfairer than that word, Of wondrous virtues. †¦ Nor is the wide world ignorant of her worth, For the four winds blow in from every coast Renowned suitors, and her sunny locks Hang on her temples like a golden fleece, Which makes her seat of Belmont Colchis’ strond, And many Jasons come in quest of her. (I.i, 161-172) Her description seems to be that of a mythical lady, a legend, rather than any living creature, and indeed it is only in Belmont that we can see the play’s truth of PortiaRead MoreThe Archaic and Classical Greek Periods Essay1279 Words   |  6 PagesGreek society is different from our won. The concepts that assist us to describe contemporary religious situations are quite unsuitable to use toward the analysis of what the Greeks regarded as divine. With this in mind, we can then be able to look at the outline of the practice of hero cult in both the Archaic and Classical Greek periods. Each of these periods has their own distinctive cultural identity. This essay will look at political life as the most prominent significance for these communitiesRead MoreConflict Between Male And Female Characters2154 Words   |  9 Pagesof Jason and Medea that the play revolves around. Deserted by her husband so that he can make an advantageous marriage to the princess of Corinth, Medea assumes control over her own affairs; her plot of revenge along with the ruthless determination with which she executes it suggests that, as Blundell puts forward in her argument, Medea is taking on an ethos conventionally associated with the archetypal male heroes of Greek tragedy. In adopting the protagonistic role of the masculine, Jason, asRead More Euripedes Medea versus Aristotlean Poetics Essay1570 Words   |  7 Pagesspiritualist and passionate critic of the arts, spent many years studying human nature and its relevance to the stage. His rules of tragedy in fact made a deep imprint on the writing of tragic works, while he influenced the structure of theatre, with his analysis of human nature. Euripides Medea, a Greek tragedy written with partial adherence to the Aristotelian rules, explores the continuation of the ancient Greek tales surrounding the mythology of Medea, Princess of Colchis, and granddaughter of HeliosRead MoreAnalysis of Percy Jackson and the Olympians2772 Words   |  12 PagesThe Olympians, titular character Percy Jackson must embrace his Greek God parentage and save Olympus with the help of his fellow demigods. The aim of this paper is to discuss his Hero’s Journey throughout the series, provide an in depth character analysis, and draw parallels between Percy and the three classic Greek heroes of mythology: Perseus, Theseus, and Hercules. The first novel of the series, Percy Jackson and the Lightning Thief , is where Percy’s Hero’s Journey begins, encompassing the

The policy and implications of the British Government’s Free Essays

The Olympic spirit is undoubtedly the most universal celebration of global unity ever achieved and the continuation of the same will always be an integral part of international cooperation and globalization. In this regard it is an honor for any city in this world to host the Olympic Games since doing so bestows several opportunities for such a city and its dwellers. The Olympic movement has had to involve in many ways depending on its leadership in a bid to make it more integral, independent and reach a wider audience than before (Constantine, 2000). We will write a custom essay sample on The policy and implications of the British Government’s or any similar topic only for you Order Now This changes has necessitate the need to adopt modern and innovative practices to the organization and running of Olympic affairs in order to cater for the monetary and logistical obligations of the management committees and to be able to organize superior games n broadcast them to a world audience. The IOC presidency of Samarech saw the international committee acquire rights to sell broadcasting rights to media companies in a bid to make the IOC financially independent. Furthermore, they developed an Olympic brand that could be sold to companies who would use it as an exclusive tool to market their products. This brand becomes one of the biggest revenue earners for the Olympic committee since acquiring the rights to use the brand is an extremely expensive affair. The IOC is responsible for choosing the host city for the Olympic Games and therefore enjoys immense power since an interested city has to convince the committee that it is capable of hosting the games and upholding the standards that are vital for the success of the mammoth games. These have led to unethical conduct of some bidding committees who have tried to influence the award of this honor by offering bribes to committee members. The idea of having the Olympic Games held in the U K is not new. Several bids have been put forward in past years by the city of Birmingham and Manchester without much success since the Olympic committee saw it as a lack of commitment on the U K authorities and interpreted their bids as not being serious enough. However, there has been a change of attitude amidst various stake holders who have been seeking an avenue of effecting a growth in elite sportsmanship by ensuring that elite English athletes are given forums to compete and excel and consequently earn U K respect in the sports arena. Some concern has existed in the inability of the U K to be among the very top medal earners in the Olympic Games and efforts have picked up momentum to correct this deficit. It was therefore clear that drastic measures will have to be taken in order to draw the necessary attention which hopefully would translate to more attention on sports funding and a significant progress in the success of U K athletes (Gibson Booth, 2009) The momentum to host the Olympic 2012 games was not easy to build due to a lack of commitment on the part of the central government. There were questions as to the viability of London to host the games due to several factors that many saw as a stumbling block to the success of the games. However, there was general consensus among the various ranks of private groups in all sectors that the competitiveness of London as one of the major and important cities in world arena was under threat by emerging powers. Others felt that the U K governments have continuously failed to give priorities to games in a nation plagued by obesity and idle youths. Therefore, several groups of people and the media played a significant role in forcing the government to concede to be the guarantor against the total cost of hosting the games. On July 6 2005 the president of the Olympic committee announced that the 2012 games would be hosted by London acting as the climax of a process that had taken over 7 years to become reality (B O A, 2009). The bid committee popularly known as the BOA initiated in the early days a massive PR campaign that sought to gain the approval of the government and fuel public support for the bid in the hope that doing so would give them the necessary edge to beat the other competitors. The team used a strategy of persuading all involved of the diverse benefits that were to be reaped following the success of the beads among them public exposure, improved transportation, employment and housing improvements. The success of the commonwealth games in Manchester acted as a booster for the team since it showed the commitment and ability of the country to host large games events. And thus the effort of this committee, the government and several other contributors led to the successful biding and the process of building the necessary facilities to host the games is underway. Hosting the Olympic Games poses serious challenges to any country due to the great infrastructural and logistical needs of the project. The games are expected to cost nearly 9 billion pounds for the building of the Olympic village and the upgrading of other vital sectors including upgrading of existing venues and the road and rail system. There is a worry that the games might cost the tax payers more money since it is expected that the current budget might not be sufficient to cater for all the requirements. Another challenge is the transport system which is below standard and there will be a need to improve it and expand it if the games are to go on smoothly (Briginshaw, 2006). Another challenge is the need to provide the venues and management committees with modern technology in order co ordinate the games effectively. Lastly is the problem of the Olympic legacy and how the various equipments and facilities will be put to use after the games. There are those who feel that most of the venues and assisting facilities in the Olympic village will be converted into schools and technical institutes for games development for the benefit of London youths. Furthermore, this is estimated to create over three thousand permanent jobs for the local people. Most importantly it is hoped that the Olympic Games will increase the level of sports participation in the U K including for those who are disabled (Rose, 2009). Bibliography B O A 2009, London 2012 Olympic Bid – An Eight Year Journey, Viewed 8 May 2009, http://www. olympics. org. uk/contentpage. aspx? no=268. Briginshaw, D 2006, An Olympic Challenge, International Railway Journal, Viewed 8 May 2009, http://74. 125. 113. 132/search? q=cache:zVQ6EWubIj8J:library. kmi. re. kr/BibAttfile/0000050180200607. pdf+challenge+of+london+as+an+olympic+venuecd=19hl=enct=clnkgl=keclient=firefox. Constantine, S 2000, History of the Olympic Games, Seaburn Publishing, New York. Gibson, O Booth, R 2009, Halfway to the opening ceremony, London 2012’s progress report, Guardian, Viewed 8 May 2009, http://www. guardian. co. uk/uk/2009/jan/15/london-2012-olympic-games-seb-coe-boris-johnson. Rose, E 2009, Disability Sports, London 2012, Viewed 8 May 8 2009, http://www. london2012. com/. How to cite The policy and implications of the British Government’s, Papers

Chamber Of Commerce Entertainment Facility Development Project

Question: Describe about the Project Management Concepts, a Case Study of Chamber of Commerce Entertainment Facility Development Project? Answer: Introduction This study describes the various project management concepts that needs to be followed in context to the regeneration of student facility project to develop an entertainment facility for the students in the campus so that they can feel relaxed after their studies and daily activities. The presentations are provided in context to the development of the entertainment facility for the successful running of the project and completion within the estimated timeframe of 100 days as allocated by the local town council as the stakeholder in the project. Creation of Effective project Team Structure and Communication Map Organizational Hierarchical Structure Communications Map In this context to the regeneration of the student facility for the development of an entertainment facility project, interactive communication method will apply for this particular project. This communication method will help in involving entire stakeholders of the project in on way of communication. However, project manager will apply the several modes of interactive communication such as video conferencing, phone calls, live chat through social media sites, face to face meetings, etc. Meredith and Mantel Jr (2011) suggested that interactive communication method is the most effective method rather than other communication method such as Push Communication, Pull Communication, etc. According to Shipton, Hughes and Tutt (2014), face-to-face communication is the most effective efficient way of communication in interactive method. It allows the project manager in conducting the all stakeholders in a room and brainstorming them. Figure 1: Interactive Communication Process in Project Management (Source: Swallow et al. 2014, pp- 26) Discussion of Team dynamics and Priority Areas to Develop the Relationships Team Dynamics Team dynamics is a very much important phase in project management. However, in this particular project it has been analyzed that viable option does not included properly. However, it has been also analyzed that insufficient investment, sloppiness, etc are the important phase in this project (Carroll, 2014). Moreover, team dynamics is potential part for innovation, team member motivation, efficiency, etc. There is dependably a chance that the change will be problematic for the task and the venture group, so changing anything on an undertaking only for the purpose of progress is never a smart thought (Meredith and Mantel Jr, 2011). Pioneers ought to consider the issue from each point and request info from every single concerned party before they can even choose if a change is justified (Heagney, 2012). In the event that change is without a doubt vital for the undertaking, then the accompanying agenda will guarantee that all bases are secured as the task director actualizes the changes . Figure 2: Team Dynamics (Source: Brown, Brown and Yocum, 2012, Pp- 896) This must be one that rouses and motivates colleagues 'a future they feel merits making progress toward. On the off chance that a group is set an unattainable objective, it can have a de-persuading impact. Shared points make a feeling of regular reason and proprietorship, and advance group character (Apm.org.uk, 2015). Priority Areas to develop Relationships Following table demonstrates the areas with high priority for this particular project that need to develop the relationships in terms of improving Project Initiation Phase Project Integration management Planning Scope Management Time and Cost Management Quality Management Executing and Controlling Human Resource Management Risk Management Procure Management Closing Stakeholder Management Allocation of Roles and Responsibilities in this Project Team In context to the developmental project for the entertainment facility, the designation of the team members are changed but will execute the same liabilities as in any other construction project (Lock, 2013). Hence, the reflections of the roles and responsibilities of the members involved in the project are given as: Trainee Project Planner The role of the project planner will be as same as that of the project manager in any other project. The Project planner will be responsible for conducting the whole project by planning the project schedule until the final delivery of the project. In the like manner as the project manager, the project planner will be responsible for the successful initiation, planning, design, execution, monitoring, controlling and closure of aproject. Senior Project Manager This member will solely monitor the project planner as the supervisor and look into the progress of the project at a regular interval. The requirement analysis and gathering of the specifications will be done by the senior project manager as the close representative to the stakeholders of the project (Maylor, 2010). Project Analyst The role of the Project Analyst will be more like that of a business analyst who will look into the business perspectives of the project. The regular communications with the stakeholders will be done to look after any issues arising in the project. Project Financial Staff The major role of this person is issues related to financial status of the project budget and oversee if there is any over-allocation of budget on a particular activity. The financial records of the budget being spent on the various activities will be monitored to ensure the effectiveness of the project (Apics.org, 2015). Departmental Staff There will be various staffs involved in the project as it construction based so there will be requirement for Architect, Design engineer and several other staffs who are well accustomed with construction projects (Shipton, Hughes and Tutt, 2014). Therefore, there will be various roles and responsibilities of the different departmental staffs to design and develop building plans and specifications. Project Planning WBS Project Schedule Task Name Duration Start Finish Resource Names Cost Entertainment Facility Construction Project 100 days Tue 05-01-16 Mon 23-05-16 150,000.00 Facility needs 9 days Tue 05-01-16 Fri 15-01-16 36,500.00 Stakeholder input 5 days Tue 05-01-16 Mon 11-01-16 Project Finance Controller, Trainee Project Planner 21,500.00 Vision of the facility 4 days Tue 12-01-16 Fri 15-01-16 Project Analyst, Senior Project Manager 15,000.00 Building proposal 22 days Mon 18-01-16 Tue 16-02-16 29,000.00 Size and scope 5 days Mon 18-01-16 Fri 22-01-16 Project Analyst, Trainee Project Planner 12,500.00 Requirements Analysis 10 days Mon 25-01-16 Fri 05-02-16 Senior Project Manager, Trainee Project Planner 10,500.00 Cost rationale 7 days Mon 08-02-16 Tue 16-02-16 Project Analyst, Project Finance Controller 6,000.00 Approval for building 12 days Wed 17-02-16 Thu 03-03-16 10,000.00 Approval from local business council 7 days Wed 17-02-16 Thu 25-02-16 Departmental staff ,Trainee Project Planner 4,000.00 Need of the organization 5 days Fri 26-02-16 Thu 03-03-16 Project Finance Controller, Senior Project Manager 6,000.00 Building documents 29 days Fri 04-03-16 Wed 13-04-16 26,500.00 Schematic designs 10 days Fri 04-03-16 Thu 17-03-16 Departmental staff ,Trainee Project Planner 9,000.00 Development plans 12 days Fri 18-03-16 Mon 04-04-16 Project Analyst, Trainee Project Planner 8,500.00 Contract documents 7 days Tue 05-04-16 Wed 13-04-16 Project Analyst, Project Finance Controller 9,000.00 Building construction 7 days Thu 14-04-16 Fri 22-04-16 11,500.00 Conduct Feasibility Study 7 days Thu 14-04-16 Fri 22-04-16 Project Analyst, Trainee Project Planner 11,500.00 Equipment needed 9 days Mon 25-04-16 Thu 05-05-16 18,000.00 Computers 5 days Mon 25-04-16 Fri 29-04-16 Departmental staff ,Trainee Project Planner 10,500.00 Raw materials 4 days Mon 02-05-16 Thu 05-05-16 Departmental staff ,Trainee Project Planner 7,500.00 Recruitment and training 12 days Fri 06-05-16 Mon 23-05-16 18,500.00 Arrange interview for staff 7 days Fri 06-05-16 Mon 16-05-16 Project Finance Controller, Senior Project Manager 10,000.00 Hiring and training 5 days Tue 17-05-16 Mon 23-05-16 Project Finance Controller, Senior Project Manager 8,500.00 Budget Allocation Resource Name Max. Units Std. Rate Base Calendar Trainee Project Planner 100% $20.00/hr Standard Senior Project Manager 20% $80.00/hr Standard Project Analyst 100% $30.00/hr Standard Project Finance Controller 100% $50.00/hr Standard Departmental staff 100% $25.00/hr Standard Network Logic Diagram Gantt chart Explanation of the Project Plan The resources have been properly allocated with the various activities and keeping in mind that there are no issues related to resource over-allocation as it may definitely affect on the execution of the project thus delaying it than the expected project timeline. The various activities as reflected in the schedule depicts that all the requirements for the successful execution of the project has been taken into consideration (Shipton, Hughes and Tutt, 2014). The budget has also been kept into mind but it is well evaluated such that it does not affect the tight timeline given for the project. Therefore, there is no doubt that the project will be completed within the given timeline by fulfilling every requirement of the client and stakeholder associated to the project. Explanation of processes that employed to formally make change request Phase 1: Change Preparation Defining of Change management Strategy: In this phase, project manager will ask the sponsors or more concentrate in request for change (Hwang and Low, 2012). Based on the activities, project manager will take appropriate strategy for change management. Preparation of change management Team: In this phase project, manager will prepare or reconstruct the project team based on request from sponsors end (Zhang et al. 2013). Development of Sponsorship Model: In this phase, project manager will develop appropriate model for change management and control. Phase 2: Change Management Development of Change Management Plan: Project manager will take responsibility for developing strategy for change management. Take Appropriate Action: Based on change request, project manager will take proper action. Phase 3: Reinforcing Changes Analyze and Collect Feedback: Project manager will collect feedback and analyze the data based on change request. Understanding Gaps and Manage Resistance: Project manager will diagnosis the gaps of requested changes and take appropriate strategy to manage the gaps. Discussion of Best Approach in terms of Concluding the Project Following approaches will take by the project managers in terms of concluding the project in proper manner - Proper communications The initial step is to impart the up and coming change to the undertaking. This correspondence needs to go all over the chain. The group chipping away at the venture ought to be completely mindful of the change and the explanation for it with the goal that they are not something so as to work oblivious or walloped amidst the undertaking (Newton, 2013). As chiefs, they should know about any progressions so they can carry out their employments viably. It might be important to get authorization for each change that is made to the venture, yet it is critical for partners to be educated. Documentation Subsequent to imparting what is happening in the venture, the time has come to archive it. There may be an upgrade to the work force arrangement if there was a change made in the group structure, or an overhaul to the danger relief arranges in the event that you are changing parts of the task to diminish the probability of specific dangers happening (Newton, 2013). The documentation of the undertaking ought to stay current so that everybody on and outside the task is as yet working from current documentation. Updating Schedules The last stride in upgrading venture documentation ought to be redesigning the timetable. While a few changes might not have any effect on the calendar by any stretch of the imagination, it is likely that something that changed on a task will influence the timetable (Nokes and Kelly, 2014). Whether new assets have been included that change the asset heap of the venture arrangement, or extension has been restricted which evacuates assignments. Most ventures experience changes amid their life cycle; it is the way those progressions are taken care of that has the effect between a positive or negative experience for everybody included on the undertaking. Conclusion The task arrangement highlighted the significance and criticality of viable Communications Management for the achievement of a data innovation ventures. As the Trainee Project organizer for this venture it is not only adequate to do the arranging and execution of a task. There is significantly more to it. A fruitful venture director ought to be a viable communicator also. They ought to have "delicate" aptitudes connected with effective authority. These above highlighted focuses will not ensure achievement, however they will get a strong handle on the venture and guarantee that everything is done to make it succeed in an insane world. The various management plans are depicted to offer a clear and better understanding of the concepts that needs to be taken into consideration for the success of the project. The project is planned with a professional look with the help of the project management tool that makes it easier to evaluate the various activities that will be involved in the proj ect. References Apics.org, (2015).APICS. [online] Available at: https://www.apics.org/default.htm [Accessed 30 Dec. 2015]. Barker S. and Cole R. (2012), Brilliant Project Management: What the Best Project Managers Know. Do and Say (Brilliant Business), 3rd edition, Pearson Brown, D.A., Brown, D.L. and Yocum, C.K., (2012). Planning a pharmacy-led medical mission trip, part 2: servant leadership and team dynamics.Annals of Pharmacotherapy,46(6), pp.895-900. Carroll J. (2014), Project Program and Portfolio Management in easy steps. In Easy Steps Publishing Heagney, J., (2012).Fundamentals of project management. AMACOM Div American Mgmt Assn. Hwang, B.G. and Low, L.K., (2012). Construction project change management in Singapore: status, importance and impact.International Journal of Project Management,30(7), pp.817-826. Lock D. (2013), Project Management, 10th edition, Gower Publishing Maylor H. (2010), Project Management, 4th edition, Pearson Meredith, J.R. and Mantel Jr, S.J., (2011).Project management: a managerial approach. John Wiley Sons. Newton R. (2013), The Project Managers Book of Checklists, 1st edition, Pearson International Nokes S. and Kelly S. (2014), The Definitive Guide to Project Management: The Fast Track to Getting the Job Done on Time and on Budget, FT Publishing Pmi.org, (2015).Project Management Journal. [online] Available at: https://www.pmi.org/Knowledge-Center/Publications-Project-Management-Journal.aspx [Accessed 30 Dec. 2015]. Pmi.org, (2015).What is Project Management? | Project Management Institute. [online] Available at: https://www.pmi.org/About-Us/About-Us-What-is-Project-Management.aspx [Accessed 30 Dec. 2015]. Prince2.com, (2015).PRINCE2 Information PRINCE2 Courses for Project Managers. [online] Available at: https://www.prince2.com/ [Accessed 30 Dec. 2015]. Projectmanagement.com, (2015).ProjectManagement.com - Home. [online] Available at: https://www.projectmanagement.com/ [Accessed 30 Dec. 2015]. Shipton, C., Hughes, W. and Tutt, D., (2014). Change management in practice: an ethnographic study of changes to contract requirements on a hospital project.Construction Management and Economics,32(7-8), pp.787-803. Swallow, V., Carolan, I., Smith, T., Webb, N.J., Knafl, K., Santacroce, S., Campbell, M., Harper-Jones, M., Hanif, N. and Hall, A., (2014). A novel Interactive Health Communication Application (IHCA) for parents of children with long-term conditions: Development, implementation and feasibility assessment.Informatics for Health and Social Care, (0), pp.1-27. Zhang, X., Zolghadri, M., Leclaire, P. and Girard, P., (2013), September. A Co-evolution Oriented Change Analysis Framework in Product Development Project. InManagement and Control of Production and Logistics(Vol. 6, No. 1, pp. 198-205).

Legalize Marijuana Essays - Drug Control Law, Drug Culture

Legalize Marijuana The legalization of marijuana will reduce crime, narcotic drug use, and create a utopian society. Marijuana's effect on society is greatly over exaggerated in that marijuana acts as a scapegoat for many of society's problems. Marijuana is blamed today for being a gateway drug; this means that consumption of marijuana will lead to use of narcotic drugs, this claim has never been proven, the only grounds for it is that marijuana is a more widespread and more sampled drug. Furthermore, the legalization of marijuana would create potential tax revenue that would flow from a regulated market in marijuana. Marijuana grows throughout temperate regions, with more potent varieties produced in dry, hot, upland climates. Marijuana is defined as a cannabis plant; and or a preparation made from the dried flower clusters and leaves of the cannabis plant, smoked or eaten to induce euphoria (marijuana, 827, Webster's). Euphoria is a feeling of great happiness or well being (euphoria, 468). Chronic marijuana users may develop a motivational syndrome characterized by passivity, decreased motivation, and preoccupation with taking drugs. The relationship of this syndrome to marijuana use, however, has not been established. Like alcohol intoxication, marijuana intoxication impairs judgment, comprehension, memory, speech, problem-solving ability, and reaction time. The effect of long-term use on the intellect is unknown. There is no evidence that marijuana induces or causes brain damage (marijuana 2, Microsoft). The Drug Enforcement Agency estimates that we presently have 20 million regular users of marijuana in the United States (Heerema 130). The inclusion of drug users within society is in turn based on the premise that the desire to alter consciousness is a normal human trait, a drive as deep as the need for food, shelter and love (Siegel 1989). Humans perceive the use of marijuana to alter their state of consciousness as being a basic instinct that seems harmless and natural. Prohibition creates crime; it does not solve crime. It creates a tension within society that society cannot long bear. However, because some members of society are more tolerant of drug use than others, the attempt at prohibition inevitably tears society apart. It seems to work, for a while, but sooner or later the prohibition approach becomes untenable if society is to grow rather than stagnate. In the long run, society gradually adapts to the changes made necessary by the failure of the War on Drugs; and the new drugs appear, and then the cycle starts over (Aldrich 548). Therefore, if society wants to continue to grow, we must allow its inhabitants to alter their state of consciousness by using marijuana. A legal, regulated drug supply (as alcohol, tobacco, coffee, tea, and prescription drugs) encourages people both socially and personally to use the smallest dosage and the lowest potency that will be effective. It encourages normalization and control of drug use, and discourages abuse. It accepts a certain social cost in that the use of these drugs will cause problems for some members of society; but it does not deny that drug use is human, and instead works through the problems presented by drug use in such a way as to minimize their harm. In exactly opposite fashion, the criminal approach to drug use encourages drug abuse, by attempting to cut off supply. This policy restriction makes the desired commodity scarce and difficult to obtain. In turn, the user wants as much as possible, in the highest possible potency, for hoarding as well as immediate use. This policy ignores the basic human urge to get high, discourages the controlled use of drugs, and offers no normal socialization, no internal or external controls, and no possibility of harm reduction. It puts even the casual or experimental user into the illicit drug subculture where abuse is more likely; and any attempt to encourage self-control, that is, showing people how to use drugs intelligently and in the least harmful way, is seen as condoning abuse (Weil and Rosen 1983). Therefore, the illicit drug scene, created by drug prohibition laws, encourages high-dose, high-potency drug seeking, and discourages moderation and self-regulation. The process of dilution is possible when drugs are legally regulated; but not when they are criminally distributed. In fact, dilution of strength is the basis for mass marketing of legal drugs;

Evolution of the Nation essays

Evolution of the Nation essays The United States of America, a young country on the world, has become the most successful, powerful and effectively country. Today, it is easy to see many symbols of the USA while traveling around the world. Coca-Cola, Pepsi, McDonald... can be easily found even in the third world countries. The flag of the United States is not strange to people from other countries. The word Hollywood seems to be same meaning the United States of America. Let look back closely to see what makes the United States of America, one of the youngest countries, becomes the most popular and powerful country in the world. The Civil War is a scar in the U.S. history; however, that brought the ideals of equality, justice, human dignity and liberty. After the war, the United States struggled with the conflict and the difference between Northern and Southern. On April 15, 1865 President Lincoln was assassinated and was succeeded by his vice president, Andrew Johnson. President Johnson, a Southerner, followed the footstep of his predecessor to weld the Union together. By the end of 1865, the secession was invalidated and the slavery was abolished by the 13th Amendment. The following years, the 14th Amendment and the 15th Amendment were ratified, which affirmed the human dignity, equality and liberty. Following years, the political system of the United States had been consolidated year-by-year with many policies and actions to deal with uprising problems: the Pendleton Act-1883, the Interstate Commerce Act-1887, the Sherman Antitrust Act-1890, Railroad Legislation, Food and Drug Laws, Election of Senators , Child Labor, Federal Reserve Act-1913 ... The most important action was The Progressive Movement which was an effort to repair many mistakes what had been taken during the growth of the nation. The Progressive Movement included the effort to include more people more directly in the political process, the desire to remove co...

How has Human Civilization Advanced Because of our Knowledge of Fluid Essay

How has Human Civilization Advanced Because of our Knowledge of Fluid Mechanics - Essay Example s a diverse field in physics that have several branches such as fluid dynamics that studies effects of forces on fluid motion, fluid statics that studies fluids at rest, and fluid kinematics that studies fluids in motion. Fluid mechanics works hand in hand with hydraulics and has existed for a long time. Engineers also use fluid mechanics in aerodynamics when designing planes, ships, trains, and cars, designing mechanical systems such as engines and machines and town planning (Braben 45). Fluid mechanics has solved many problems since the ancient civilization to the modern world. In fluid mechanics, Civil engineers try to solve problems in floods by constructing better bridges and roads; they solve drainage problems by designing proper sewage systems, and design underground aquifers that supply water. The existence of fluid mechanics has contributed largely in the advancement of human civilization by affecting many areas. In the ancient civilization, many countries such as Egypt, India, China, and the Mayan people in South America used fluid mechanics in the construction of many structures. In the present day, application of fluid mechanics is seen in the construction of water reservoirs such as dams, wells, and boreholes. These serve humans in storage of water required for irrigation and drinking. Wells have existed since the ancient civilization, and they are actually used in the analysis of fluid mechanics. Other constructions include dams and boreholes (Braben 52). In the ancient civilization, human beings used pumps that dug shallow wells and boreholes. There was no technology to help dig deeper ones, and the pumps were manual and driven by hand. This caused contamination of water most of the times and people died of water borne diseases. In the present day, engineers use electrical and automated machines to drill deep wells and boreholes of up to 100 to 400 feet and this has helped a lot in solving such a problem. Unlike in the past where people went to

Female labor force in Turkey Research Paper Example | Topics and Well Written Essays - 4000 words

Female labor force in Turkey - Research Paper Example 257). However, as time moved on, the number of women in the labor force started increasing rapidly from 1960 s through 1980s before starting to slow down in 1990s. By 1999, women made 60% of the world labor force which was considered as their peak participation in the labor market. However, since 1999, women participation in the labor force has greatly declined. This can be attributed to a number of reasons, which includes; lack of education, poverty, gender biasness in the employment sector and predominance of men in white-collar jobs such as medicine, engineering and law (Vaizey, P. 57). Nonetheless, across the world women participation in the labor force remains at a relative high level especially among women with children, and a good number of women does a full-time job all year round. The high number of women in the job market can also be attributed to the fact that women have increasingly ventured in the field of education, and a good number of them have acquired higher levels of education. Among women aged between 25-64 years of age in the labor force, the number of those who had attained a college degree tripled from the year 1970 to 2012 (Mills, P. 41). In terms of earnings, women’s earnings in relation to the men’s earning have also been growing since the Second World War 2. During 1970s, women’s earnings were 62% of the men’s earning among women who had a full-time job during that time. In 2012, women’s earning was calculated as 81% of the men’s earning for women who had a full-time job at that time. This trend indicates that women’s population continues to increase in the labor force as time goes by. In 2012, 57.7% of women were in the labor force while men labor force percentage which has always been more than that of women was quoted at 70.5% (Vatter, P. 8). Across the world, the women unemployment rate was 7.9 percent while that of men was 8.2 percent. The

A Strategic report on The CrossChannel Transport Business and Essay

A Strategic report on The CrossChannel Transport Business and Eurotunnel (GET.SA) - Essay Example Choice affects outcomes and this is the nature of strategy. Whereas organizations can often function just fine in periods of stability, this is not appropriate for long-term success. Environmental turbulence and competition are sure to increase at some point, at which the company that was relying so heavily on the stability will be adversely affected. This is the very basis of the formation of strategic management. Whatever strategy a company decides to employ will be based on their unique organizational structure, their access to resources, their relationship with the environment, and their desired objective(s) (Wikipedia, 2008). Capacity on Cross-Channel traffic has grown with the opening of the tunnel in 1994, and with bigger modernized ferries, and fast hydrofoil services. Unlike low-cost airlines where lower prices have led to a growth in travel, demand for vehicle transit across the channel has not also grown rapidly, therefore and intensely competitive situation persists, especially away from holiday 'peaks'. It is easily notable here that while Eurotunnel is experience steadiness, they are not experiencing the growth they desire. People have other choices for travel, such as flying. When the price of airline travel goes down, Eurotunnel experiences less business. Road freight traffic grows steadily with economic growth in the EU; car traffic (especially from the UK) is largely dependent on shopping and vacation choices. Eurotunnel also has 'rail-user' customers 'Eurostar' and 'Rail-freight'; the former is growing rapidly, the latter has problems. According to the company information that is provided to the public on their corporate website, "Eurotunnel is the holder, until 2086, of the Concession to operate the cross-Channel Fixed Link made up of twin rail tunnels and a service tunnel below the bed of the Straits of Dover, of two terminals in Folkestone (Kent) and Coquelles (Pas-de-Calais) which provide access, as well as a fleet of 25 Shuttles which transport passenger vehicles or trucks. This impressive undersea structure, the longest in the world, also gives passage to passenger and freight carrying trains belonging to rail operators" (Eurotunnel, 2008). There are current and future key issues and trends that are likely to affect this market and GET.SA's strategy-making. One major issue is the abolishment of the Strategic Rail Authority in 2006, as it is yet to be determined how this will strategically affect the industry. The United Kingdom's growth rate largely determines the condition of the passenger and freight transport markets in the country. According to Bharat Book Review: "The present economic climate remains favourable for companies operating in the market, with economic growth steady, and both inflation and unemployment levels relatively low by historical standards. Rail passenger markets benefit from the fact that work-related trips, both the journey to work and trips undertaken as part of business activity, are likely to be relatively inelastic to short-term changes in the economic climate. Rail freight, which serves markets for the carriage of industrial materials, is likely to be relatively unaffected by any short-ter m fluctuations in consumer demand (2006). There are other customer concerns that are affecting this market. First of all, they are concerned about issues such as safety and security.

Analysis of Honeynets and Honeypots for Security

Analysis of Honeynets and Honeypots for Security Chapter 1 Introduction Honeynet is a kind of a network security tool, most of the network security tools we have are passive in nature for example Firewalls and IDS. They have the dynamic database of available rules and signatures and they operate on these rules. That is why anomaly detection is limited only to the set of available rules. Any activity that is not in alignment with the given rules and signatures goes under the radar undetected. Honeypots by design allows you to take the initiative, and trap those bad guys (hackers). This system has no production value, with no authorized activity. Any interaction with the honeypot is considered malicious in intent. The combination of honeypots is honeynet. Basically honeypots or honeynets do not solve the security problem but provide information and knowledge that help the system administrator to enhance the overall security of his network and systems. This knowledge can act as an Intrusion detection system and used as input for any early warning systems. O ver the years researchers have successfully isolated and identified verity of worms exploits using honeypots and honeynets. Honeynets extend the concept of a single honeypot to a highly controlled network of honeypots. A honeynet is a specialized network architecture cond in a way to achieve Data Control, Data Capture Data Collection. This architecture builds a controlled network that one can control and monitor all kind of system and network activity. 1.1 Information Security Information Security is the protection of all sensitive information, electronic or otherwise, which is owned by an individual or an organization. It deals with the preservation of the confidentiality, integrity and availability of information. It protects information of organizations from all kinds of threats to ensure business continuity, minimize business damage and maximize the return on investment and business opportunities. Information stored is highly confidential and not for public viewing. Through information security we protect its availability, privacy and integrity. Information is one of most important assets of financial institutions. Fortification of information assets is essential to ascertain and maintain trust between the financial institution and its customers, maintain compliance with the law, and protect the reputation of the institution. Timely and reliable information is compulsory to process transactions and support financial institution and customer decisions. A financial institutions earnings and capital can be adversely affected, if information becomes known to unauthorized parties is distorted or is not available when it is needed [15]. 1.2 Network Security It is the protection of networks and its services from any unauthorized access. It includes the confidentiality and integrity of all data passing through the network. It also includes the security of all Network devices and all information assets connected to a network as well as protection against all kind of known and unknown attacks. The ITU-T Security Architecture for Open System Interconnection (OSI) document X.800 and RFC 2828 are the standard documentation defining security services. X.800 divides the security services into 5 categories and 14 specific services which can be summarized as Table 1.1 OSI X.800 Summary[8] â€Å"1. AUTHENTICATION The assurance that the communicating entity is the one that it claims to be. Peer Entity Authentication Used in association with a logical connection to provide confidence in the identity of the entities connected. Data Origin Authentication In a connectionless transfer, provides assurance that the source of received data is as claimed. 2. ACCESS CONTROL The prevention of unauthorized use of a resource (i.e., this service controls who can have access to a resource, under what conditions access can occur, and what those accessing the resource are allowed to do). 3. DATA CONFIDENTIALITY The protection of data from unauthorized disclosure. Connection Confidentiality The protection of all user data on a connection. Connectionless Confidentiality The protection of all user data in a single data block Selective-Field Confidentiality The confidentiality of selected fields within the user data on a connection or in a single data block. Traffic Flow Confidentiality The protection of the information that might be derived from observation of traffic flows. 4. DATA INTEGRITY The assurance that data received are exactly as sent by an authorized entity (i.e., contain no modification, insertion, deletion, or replay). Connection Integrity with Recovery Provides for the integrity of all user data on a connection and detects any modification, insertion, deletion, or replay of any data within an entire data sequence, with recovery attempted. Connection Integrity without Recovery As above, but provides only detection without recovery. Selective-Field Connection Integrity Provides for the integrity of selected fields within the user data of a data block transferred over a connection and takes the form of determination of whether the selected fields have been modified, inserted, deleted, or replayed. Connectionless Integrity Provides for the integrity of a single connectionless data block and may take the form of detection of data modification. Additionally, a limited form of replay detection may be provided. Selective-Field Connectionless Integrity Provides for the integrity of selected fields within a single connectionless data block; takes the form of determination of whether the selected fields have been modified. 5. NONREPUDIATION Provides protection against denial by one of the entities involved in a communication of having participated in all or part of the communication. Nonrepudiation, Origin Proof that the message was sent by the specified party. Nonrepudiation, Destination Proof that the message was received by the specified party.† [1] [8], [9], 1.3 The Security Problem System security personnel fighting an unending battle to secure their digital assets against the ever increasing attacks, verity of attacks and their intensity is increasing day by day. Most of the attacks are detected after the exploitations so there should be awareness of the threats and vulnerabilities that exist in the Internet today. First we have to understand that we cannot say that there exists a perfect secure machine or network because the closest we can get to an absolute secure machine is that we unplugged the network cable and power supply and put that machine in to a safe. Unfortunately it is not useful in that state. We cannot achieve perfect security and perfect access at the same time. We can only increase the no of doors but we cannot put wall instead of doors. In field of security we need to find the vulnerably and exploits before they affect us. Honeypot and honeynet provides a valuable tool to collect information about the behavior of attackers in order to design and implement better defense. In the field of security it is important to note that we cannot simply state that what is the best type of firewall? Absolute security and absolute access are the two chief points. Absolute security and absolute access are inverse to each other. If we increase the security access will be decrease. There should be balance between absolute security and absolute defense, access is given without compromising the security. If we compare it to our daily lives we observe not much difference. We are continuously making decisions regarding what risks we are ready to take. When we step out of our homes we are taking a risk. As we get into a car and drive to our work place there is a risk associated with it too. There is a possibility that something might happen on the highway which will make us a part of an accident. When we fly and sit on an airplane we are willing to undergo the level of risk which is at par with the heavy amount we are paying for this convenience. It is observed that many people think differently about what an acceptable risk would be and in majority cases they do go beyond this thinking. For instance if I am sitting upstairs in my room and have to go to work, I wont take a jump straight out of the window. It might be a faster way but the danger of doing so and the injury I would have to face is much greater than the convenience. It is vital for every organization to decide that between the two opposite poles of total security and total access where they need to place themselves. It is necessary for a policy to articulate this system and then further explain the way it will be enforced with which practices and ways. Everything that is done under the name of security must strictly agree to the policy. 1.4 Types of Hacker Hackers are generally divide into two major categories. 1.4.1 Black Hats Black hat hackers are the biggest threat both internal and external to the IT infrastructure of any organization, as they are consistently challenging the security of applications and services. They are also called crackers, These are the persons who specialize in unauthorized infiltration. There could be Varity of reasons for this type of penetration it could be for profit, for enjoyment, or for political motivations or as a part of a social cause. Such infiltration often involves modification / destruction of data. 1.4.2 White Hats White hat hackers are similar to black hat hackers but there is a important difference that is white hat hackers do it without any criminal intention. Different companies all around the world hire/contact these kinds of persons to test their systems and softwares. They check how secure these systems are and point out any fault they found. These hackers, also known as ethical hackers, These are the persons or security experts who are specialize in penetration testing. These types of people are also known as tiger teams. These experts may use different types of methods and techniques to carry out their tests, including social engineering tactics, use of hacking tools, and attempts to bypass security to gain entry into protected areas, but they do this only to find weaknesses in the system[8]. 1.5 Types of Attacks There are many types of attacks that can be categorized under 2 major categories Active Attacks Passive Attacks 1.5.1 Active Attacks Active attacks involve the attacker taking the offensive and directing malicious packets towards its victims in order to gain illegitimate access of the target machine such as by performing exhaustive user password combinations as in brute-force attacks. Or by exploiting remote local vulnerabilities in services and applications that are termed as holes. Other types of attacks include Masquerading attack when attacker pretends to be a different entity. Attacker user fake Identity of some legitimate user. Replay attack In Replay attack, attacker captures data and retransmits it to produce an unauthorized effect. It is a kind of man in middle attack. Modification attack In this type of attack integrity of the message is compromise. Message or file is modified by the attacker to achieve his malicious goals. Denial of service (DOS)attack In DOS attack an attacker attempts to prevent legitimate users from accessing information or services. By targeting your computer and its network connection, or the computers and network of the sites you are trying to use, an attacker may be able to prevent you from accessing email, websites, online accounts (banking, etc.), or other services that rely on the affected computer. TCP ICMP scanning is also a form of active attacks in which the attackers exploit the way protocols are designed to respond. e.g. ping of death, sync attacks etc. In all types of active attacks the attacker creates noise over the network and transmits packets making it possible to detect and trace the attacker. Depending on the skill level, it has been observed that the skill full attackers usually attack their victims from proxy destinations that they have victimized earlier. 1.5.2 Passive Attacks Passive attacks involve the attacker being able to intercept, collect monitor any transmission sent by their victims. Thus, eavesdropping on their victim and in the process being able to listen in to their victims or targets communications. Passive attacks are very specialized types of attacks which are aimed at obtaining information that is being transmitted over secure and insecure channels. Since the attacker does not create any noise or minimal noise on the network so it is very difficult to detect and identify them. Passive attacks can be divided into 2 main types, the release of message content and traffic analysis. Release of message content It involves protecting message content from getting in hands of unauthorized users during transmission. This can be as basic as a message delivered via a telephone conversation, instant messenger chat, email or a file. Traffic analysis It involves techniques used by attackers to retrieve the actual message from encrypted intercepted messages of their victims. Encryption provides a means to mask the contents of a message using mathematical formulas and thus make them unreadable. The original message can only be retrieved by a reverse process called decryption. This cryptographic system is often based on a key or a password as input from the user. With traffic analysis the attacker can passively observe patterns, trends, frequencies and lengths of messages to guess the key or retrieve the original message by various cryptanalysis systems. Chapter 2 Honeypot and Honeynet 2.1 Honeypot Is a system, or part of a system, deliberately made to invite an intruder or system cracker. Honeypots have additional functionality and intrusion detection systems built into them for the collection of valuable information on the intruders. The era of virtualization had its impact on security and honeypots, the community responded, marked by the fine efforts of Niels Provos (founder of honeyd) Thorsten Holz for their masterpiece book â€Å"Virtual Honeypots From Botnet Tracking to Intrusion Detection† in 2007. 2.2 Types of Honeypots Honeypots can be categorized into 2 main types based on Level of interaction Deployment. 2.2.1 Level of interaction Level of interaction determines the amount of functionality a honeypot provides. 2.2.1.1 Low-interaction Honeypot Low-interaction honey pots are limited in the extent of their interaction with the attacker. They are generally emulator of the services and operating systems. 2.2.1.2 High interaction Honeypot High-interaction honeypots are complex solution they involve with the deployment of real operating systems and applications. High interaction honeypots capture extensive amount of information by allowing attacker to interact with the real systems. 2.2.2 Deployment Based on deployment honeypot may be classified as Production Honeypots Research Honeypots 2.2.2.1 Production Honeypots Production honeypots are honeypots that are placed within the production networks for the purpose of detection. They extend the capabilities of the intrusion detection systems. These type of honeypots are developed and cond to integrate with the organizations infrastructure and scope. They are usually implemented as low-interaction honeypots but implementation may vary depending on the available funding and expertise required by the organization. Production honeypots can be placed within the application and authentication server subnets and can identify any attacks directed towards those subnets. Thus they can be used to identify both internal and external threats for an organization. These types of honeypots can also be used to detect malware propagation in the network caused by zero day exploits. Since IDSs detection is based on database signatures they fail to detect exploits that are not defined in their databases. This is where the honeypots out shine the Intrusion detection systems. They aid the system network administrators by providing network situational awareness. On basis of these results administrators can take decisions necessary to add or enhance security resources of the organization e.g. firewall, IDS and IPS etc. 2.2.2.1 Research Honeypots Research honeypots are deployed by network security researchers the whitehat hackers. Their primarily goal is to learn the tools, tactics techniques of the blackhat hackers by which they exploit computers network systems. These honeypots are deployed with the idea of allowing the attacker complete freedom and in the process learn his tactics from his movement within the system. Research honeypots help security researchers to isolate attacker tools they use to exploit systems. They are then carefully studied within a sand box environment to identify zero day exploits. Worms, Trojans and viruses propagating in the network can also be isolated and studied. The researchers then document their findings and share with system programmers, network and system administrators various system and anti-virus vendors. They provide the raw material for the rule engines of IDS, IPS and firewall system. Research Honeypots act as early warning systems. They are designed to detect and log maximum information from attackers yet being stealthy enough not to let attackers identify them. The identity of the honeypot is crucial and we can conclude that the learning curve (from the attacker) is directly proportional to the stealthiest of thehoneypot .These types of honeypots are usually deployed at universities and by the RD departments of various organizations. These types of honeypots are usually deployed as High-Interaction honeypots. 2.3 Honeynet The concept of the honeypot is sometimes extended to a network of honeypots, known as a honeynet. In honeynet we grouped different types of honeypots with different operatrating systems which increases the probability of trapping an attacker. At the same time, a setting in which the attacker explores the honeynet through network connections between the various host systems provides additional prospects for monitoring the attack and revealing information about the intruder. The honeynet operator can also use the honeynet for training purposes, gaining valuable experience with attack strategies and digital forensics without endangering production systems. The Honeynet project is a non-profit research organization that provides tools for building and managing honeynets. The tools of the Honeynet project are designed for the latest generation of high interaction honeynets that require two separate networks. The honeypots reside on the first network, and the second network holds the tools for managing the honeynet. Between these tools (and facing the Internet) is a device known as the honeywall. The honeywall, which is actually a kind of gateway device, captures controls, and analyzes all inbound and outbound traffic to the honeypots[4]. It is a high-interaction honeypot designed to capture wide-range of information on threats. High-interaction means that a honeynet provides real systems, applications, and services for attackers to interact with, as opposed to low-interaction honeypots which provide emulated services and operating systems. It is through this extensive interaction we gain information on threats, both external and internal to an organization. What makes a honeynet different from most honeypots is that it is a network of real computers for attackers to interact with. These victim systems (honeypots within the honeynet) can be any type of system, service, or information you want to provide [14]. 2.4 Honeynet Data Management Data management consist of three process Data control, data capture and data collection. 2.4.1 Data Control Data control is the containment of activity within the honeynet. It determines the means through which the attackers activity can be restricted in a way to avoid damaging/abusing other systems/resources through the honeynet. This demands a great deal of planning as we require to give the attacker freedom in order to learn from his moves and at the same time not let our resources (honeypot+bandwidth) to be used to attack, damage and abuse other hosts on the same or different subnets. Careful measures are taken by the administrators of the honeynet to study and formulate a policy on attackers freedom versus containment and implement this in a way to achieve maximum data control and yet not be discovered or identified by the attacker as a honeypot. Security is a process and is implemented in layers, various mechanisms to achieve data control are available such as firewall, counting outbound connections, intrusion detection systems,intrusion prevention systems and bandwidth restriction e tc. Depending on our requirements and risk thresholds defined we can implement data control mechanisms accordingly [4]. 2.4.2 Data Capture Data Capture involves the capturing, monitoring and logging of allthreats and attacker activities within the honeynet. Analysis of this captured data provides an insight on the tools, tactics, techniques and motives of the attackers. The concept is to achieve maximum logging capability at all nodes and hence log any kind of attackers interaction without the attacker knowing it. This type of stealthy logging is achieved by setting up tools and mechanisms on the honeypots to log all system activity and have network logging capability at the honeywall. Every bit of information is crucial in studying the attacker whether its a TCP port scan, remote and local exploit attempt, brute force attack, attack tool download by the haacker, various local commands run, any type of communication carried out over encrypted and unencrypted channels (mostly IRC) and any outbound connection attempt made by the attacker [25]. All of this should be logged successfully and sent over to a remote location to avoid any loss of data due to risk of system damage caused by attackers, such as data wipe out on disk etc. In order to avoid detection of this kind of activity from the attacker, data masking techniques such as encryption should be used. 2.4.3 Data Collection Once data is captured, it is securely sent to a centralized data collection point. Data is used for analysis and archiving which is collected from different honeynet sensors. Implementations may vary depending on the requirements of the organization, however latest implementations incorporate data collection at the honeywall gateway [19]. 2.5 Honeynet Architectures There are three honeynet architectures namely Generation I, Generation II and Generation III 2.5.1 Generation I Architecture Gen I Honeynet was developed in 1999 by the Honeynet Project. Its purpose was to capture attackers activity and give them the feeling of a real network. The architecture is simple with a firewall aided by IDS at front and honeypots placed behind it. This makes it detectable by attacker [7]. 2.5.2 Generation II III Architecture Gen II honeynets were first introduced in 2001 and Gen III honeynets was released in the end of 2004. Gen II honeynets were made in order to address the issues of Gen I honeynets. Gen II and Gen III honeynets have the same architecture. The only difference being improvements in deployment and management, in Gen III honeynets along with the addition of Sebek server built in the honeywall. Sebek is a stealthy capture tool installed on honeypots that capture and log all requests sent to the system read and write system call. This is very helpful in providing an insight on the attacker [7]. A radical change in architecture was brought about by the introduction of a single device that handles the data control and data capture mechanisms of the honeynet called the IDS Gateway or marketing-wise, the Honeywall. By making the architecture more â€Å"stealthy†, attackers are kept longer and thus more data is captured. There was also a major thrust in improving honeypot layer of data capture with the introduction of a new UNIX and Windows based data. 2.6 Virtual Honeynet Virtualization is a technology that allows running multiple virtual machines on a single physical machine. Each virtual machine can be an independent Operating system installation. This is achieved by sharing the physical machines resources such as CPU, Memory, Storage and peripherals through specialized software across multiple environments. Thus multiple virtual Operating systems can run concurrently on a single physical machine [4]. A virtual machine is specialized software that can run its own operating systems and applications as if it were a physical computer. It has its own CPU, RAM storage and peripherals managed by software that dynamically shares it with the physical hardware resources. Virtulization A virtual Honeynet is a solution that facilitates one to run a honeynet on a single computer. We use the term virtual because all the different operating systems placed in the honeynet have the appearance to be running on their own, independent computer. Network to a machine on the Honeynet may indicate a compromised enterprise system. CHAPTER 3 Design and Implementation Computer networks, connected to the Internet are vulnerable to a variety of exploits that can compromise their intended operations. Systems can be subject to Denial of Service Attacks, i-e preventing other computers to gain access for the desired service (e.g. web server) or prevent them from connecting to other computers on the Internet. They can also be subject to attacks that cause them to cease operations either temporarily or permanently. A hacker may be able to compromise a system and gain root access as if he is the system administrator. The number of exploits targeted against various platforms, operating systems, and applications increasing regularly. Most of vulnerabilities and attack methods are detected after the exploitations and cause big loses. Following are the main components of physical deployment of honeynet. First is the design of the Deployed Architecture. Then we installed SUN Virtual box as the Virtualization software. In this we virtually installed three Operating System two of them will work as honey pots and one Honeywall Roo 1.4 as Honeynet transparent Gateway. Snort and sebek are the part of honeywall roo operating system. Snort as IDS and Snort-Inline as IPS. Sebek as the Data Capture tool on the honeypot. The entire OS and honeywall functionality is installed on the system it formats all the previous data from the hard disk. The only purpose now of the CDROM is to install this functionality to the local hard drive. LiveCD could not be modified, so after installing it on the hard drive we can modify it according to our requirement. This approach help us to maintain the honeywall, allowing honeynet to use automated tools such asyumto keep packages current [31]. In the following table there is a summry of products with features installed in honeynet and hardware requirements. Current versions of the installed products are also mention in the table. Table 3.1 Project Summary Project Summary Feature Product Specifications Host Operating System Windows Server 2003 R2 HW Vendor HP Compaq DC 7700 ProcessorIntel(R) Pentium ® D CPU 3GHz RAM 2GB Storage 120GB NIC 1GB Ethernet controller (public IP ) Guest Operating System 1 Linux, Honeywall Roo 1.4 Single Processor Virtual Machine ( HONEYWALL ) RAM 512 MB Storage 10 GB NIC 1 100Mbps Bridged interface NIC 2 100Mbps host-only interface NIC 3 100Mbps Bridged interface (public IP ) Guest Operating System 2 Linux, Ubuntu 8.04 LTS (Hardy Heron) Single Processor Virtual Machine ( HONEYPOT ) RAM 256 MB Storage 10 GB NIC 100Mbps host-only vmnet (public IP ) Guest Operating System 3 Windows Server 2003 Single Processor Virtual Machine ( HONEYPOT ) RAM 256 MB Storage 10 GB NIC 100Mbps host-only vmnet (public IP ) Virtualization software SUN Virtual Box Version 3 Architecture Gen III Gen III implemented as a virtual honeynet Honeywall Roo Roo 1.4 IDS Snort Snort 2.6.x IPS Snort_inline Snort_inline 2.6.1.5 Data Capture Tool (on honeypots) Sebek Sebek 3.2.0 Honeynet Project Online Tenure November 12, 2009 TO December 12, 2009 3.1 Deployed Architecture and Design 3.2 Windows Server 2003 as Host OS Usability and performance of virtualization softwares are very good on windows server 2003. Windows Server 2003is aserveroperating system produced byMicrosoft. it is considered by Microsoft to be the cornerstone of itsWindows Server Systemline of business server products. Windows Server 2003 is more scalable and delivers better performance than its predecessor,Windows 2000. 3.3 Ubuntu as Honeypot Determined to use free and open source software for this project, Linux was the natural choice to fill as the Host Operating System for our projects server. Ubuntu 8.04 was used as a linux based honeypot for our implementation. The concept was to setup an up-to-date Ubuntu server, cond with commonly used services such as SSH, FTP, Apache, MySQL and PHP and study attacks directed towards them on the internet. Ubuntu being the most widely used Linux desktop can prove to be a good platform to study zero day exploits. It also becomes a candidate for malware collection and a source to learn hacker tools being used on the internet. Ubuntu was successfully deployed as a virtual machine and setup in our honeynet with a host-only virtual Ethernet connection. The honeypot was made sweeter i.e. an interesting target for the attacker by setting up all services with default settings, for example SSH allowed password based connectivity from any IP on default port 22, users created were given privi leges to install and run applications, Apache index.html page was made remotely accessible with default errors and banners, MySQL default port 1434 was accessible and outbound connections were allowed but limited [3]. Ubuntu is a computeroperating systembased on theDebianGNU/Linux distribution. It is named after theSouthern Africanethical ideology Ubuntu (humanity towards others)[5]and is distributed asfree and open source software. Ubuntu provides an up-to-date, stable operating system for the average user, with a strong focus onusabilityand ease of installation. Ubuntu focuses onusability andsecurity. The Ubiquity installer allows Ubuntu to be installed to the hard disk from within the Live CD environment, without the need for restarting the computer prior to installation. Ubuntu also emphasizesaccessibilityandinternationalization to reach as many people as possible [33]. Ubuntu comes installed with a wide range of software that includes OpenOffice, Firefox,Empathy (Pidgin in versions before 9.10), Transmission, GIMP, and several lightweight games (such as Sudoku and chess). Ubuntu allows networking ports to be closed using its firewall, with customized port selectio Analysis of Honeynets and Honeypots for Security Analysis of Honeynets and Honeypots for Security Chapter 1 Introduction Honeynet is a kind of a network security tool, most of the network security tools we have are passive in nature for example Firewalls and IDS. They have the dynamic database of available rules and signatures and they operate on these rules. That is why anomaly detection is limited only to the set of available rules. Any activity that is not in alignment with the given rules and signatures goes under the radar undetected. Honeypots by design allows you to take the initiative, and trap those bad guys (hackers). This system has no production value, with no authorized activity. Any interaction with the honeypot is considered malicious in intent. The combination of honeypots is honeynet. Basically honeypots or honeynets do not solve the security problem but provide information and knowledge that help the system administrator to enhance the overall security of his network and systems. This knowledge can act as an Intrusion detection system and used as input for any early warning systems. O ver the years researchers have successfully isolated and identified verity of worms exploits using honeypots and honeynets. Honeynets extend the concept of a single honeypot to a highly controlled network of honeypots. A honeynet is a specialized network architecture cond in a way to achieve Data Control, Data Capture Data Collection. This architecture builds a controlled network that one can control and monitor all kind of system and network activity. 1.1 Information Security Information Security is the protection of all sensitive information, electronic or otherwise, which is owned by an individual or an organization. It deals with the preservation of the confidentiality, integrity and availability of information. It protects information of organizations from all kinds of threats to ensure business continuity, minimize business damage and maximize the return on investment and business opportunities. Information stored is highly confidential and not for public viewing. Through information security we protect its availability, privacy and integrity. Information is one of most important assets of financial institutions. Fortification of information assets is essential to ascertain and maintain trust between the financial institution and its customers, maintain compliance with the law, and protect the reputation of the institution. Timely and reliable information is compulsory to process transactions and support financial institution and customer decisions. A financial institutions earnings and capital can be adversely affected, if information becomes known to unauthorized parties is distorted or is not available when it is needed [15]. 1.2 Network Security It is the protection of networks and its services from any unauthorized access. It includes the confidentiality and integrity of all data passing through the network. It also includes the security of all Network devices and all information assets connected to a network as well as protection against all kind of known and unknown attacks. The ITU-T Security Architecture for Open System Interconnection (OSI) document X.800 and RFC 2828 are the standard documentation defining security services. X.800 divides the security services into 5 categories and 14 specific services which can be summarized as Table 1.1 OSI X.800 Summary[8] â€Å"1. AUTHENTICATION The assurance that the communicating entity is the one that it claims to be. Peer Entity Authentication Used in association with a logical connection to provide confidence in the identity of the entities connected. Data Origin Authentication In a connectionless transfer, provides assurance that the source of received data is as claimed. 2. ACCESS CONTROL The prevention of unauthorized use of a resource (i.e., this service controls who can have access to a resource, under what conditions access can occur, and what those accessing the resource are allowed to do). 3. DATA CONFIDENTIALITY The protection of data from unauthorized disclosure. Connection Confidentiality The protection of all user data on a connection. Connectionless Confidentiality The protection of all user data in a single data block Selective-Field Confidentiality The confidentiality of selected fields within the user data on a connection or in a single data block. Traffic Flow Confidentiality The protection of the information that might be derived from observation of traffic flows. 4. DATA INTEGRITY The assurance that data received are exactly as sent by an authorized entity (i.e., contain no modification, insertion, deletion, or replay). Connection Integrity with Recovery Provides for the integrity of all user data on a connection and detects any modification, insertion, deletion, or replay of any data within an entire data sequence, with recovery attempted. Connection Integrity without Recovery As above, but provides only detection without recovery. Selective-Field Connection Integrity Provides for the integrity of selected fields within the user data of a data block transferred over a connection and takes the form of determination of whether the selected fields have been modified, inserted, deleted, or replayed. Connectionless Integrity Provides for the integrity of a single connectionless data block and may take the form of detection of data modification. Additionally, a limited form of replay detection may be provided. Selective-Field Connectionless Integrity Provides for the integrity of selected fields within a single connectionless data block; takes the form of determination of whether the selected fields have been modified. 5. NONREPUDIATION Provides protection against denial by one of the entities involved in a communication of having participated in all or part of the communication. Nonrepudiation, Origin Proof that the message was sent by the specified party. Nonrepudiation, Destination Proof that the message was received by the specified party.† [1] [8], [9], 1.3 The Security Problem System security personnel fighting an unending battle to secure their digital assets against the ever increasing attacks, verity of attacks and their intensity is increasing day by day. Most of the attacks are detected after the exploitations so there should be awareness of the threats and vulnerabilities that exist in the Internet today. First we have to understand that we cannot say that there exists a perfect secure machine or network because the closest we can get to an absolute secure machine is that we unplugged the network cable and power supply and put that machine in to a safe. Unfortunately it is not useful in that state. We cannot achieve perfect security and perfect access at the same time. We can only increase the no of doors but we cannot put wall instead of doors. In field of security we need to find the vulnerably and exploits before they affect us. Honeypot and honeynet provides a valuable tool to collect information about the behavior of attackers in order to design and implement better defense. In the field of security it is important to note that we cannot simply state that what is the best type of firewall? Absolute security and absolute access are the two chief points. Absolute security and absolute access are inverse to each other. If we increase the security access will be decrease. There should be balance between absolute security and absolute defense, access is given without compromising the security. If we compare it to our daily lives we observe not much difference. We are continuously making decisions regarding what risks we are ready to take. When we step out of our homes we are taking a risk. As we get into a car and drive to our work place there is a risk associated with it too. There is a possibility that something might happen on the highway which will make us a part of an accident. When we fly and sit on an airplane we are willing to undergo the level of risk which is at par with the heavy amount we are paying for this convenience. It is observed that many people think differently about what an acceptable risk would be and in majority cases they do go beyond this thinking. For instance if I am sitting upstairs in my room and have to go to work, I wont take a jump straight out of the window. It might be a faster way but the danger of doing so and the injury I would have to face is much greater than the convenience. It is vital for every organization to decide that between the two opposite poles of total security and total access where they need to place themselves. It is necessary for a policy to articulate this system and then further explain the way it will be enforced with which practices and ways. Everything that is done under the name of security must strictly agree to the policy. 1.4 Types of Hacker Hackers are generally divide into two major categories. 1.4.1 Black Hats Black hat hackers are the biggest threat both internal and external to the IT infrastructure of any organization, as they are consistently challenging the security of applications and services. They are also called crackers, These are the persons who specialize in unauthorized infiltration. There could be Varity of reasons for this type of penetration it could be for profit, for enjoyment, or for political motivations or as a part of a social cause. Such infiltration often involves modification / destruction of data. 1.4.2 White Hats White hat hackers are similar to black hat hackers but there is a important difference that is white hat hackers do it without any criminal intention. Different companies all around the world hire/contact these kinds of persons to test their systems and softwares. They check how secure these systems are and point out any fault they found. These hackers, also known as ethical hackers, These are the persons or security experts who are specialize in penetration testing. These types of people are also known as tiger teams. These experts may use different types of methods and techniques to carry out their tests, including social engineering tactics, use of hacking tools, and attempts to bypass security to gain entry into protected areas, but they do this only to find weaknesses in the system[8]. 1.5 Types of Attacks There are many types of attacks that can be categorized under 2 major categories Active Attacks Passive Attacks 1.5.1 Active Attacks Active attacks involve the attacker taking the offensive and directing malicious packets towards its victims in order to gain illegitimate access of the target machine such as by performing exhaustive user password combinations as in brute-force attacks. Or by exploiting remote local vulnerabilities in services and applications that are termed as holes. Other types of attacks include Masquerading attack when attacker pretends to be a different entity. Attacker user fake Identity of some legitimate user. Replay attack In Replay attack, attacker captures data and retransmits it to produce an unauthorized effect. It is a kind of man in middle attack. Modification attack In this type of attack integrity of the message is compromise. Message or file is modified by the attacker to achieve his malicious goals. Denial of service (DOS)attack In DOS attack an attacker attempts to prevent legitimate users from accessing information or services. By targeting your computer and its network connection, or the computers and network of the sites you are trying to use, an attacker may be able to prevent you from accessing email, websites, online accounts (banking, etc.), or other services that rely on the affected computer. TCP ICMP scanning is also a form of active attacks in which the attackers exploit the way protocols are designed to respond. e.g. ping of death, sync attacks etc. In all types of active attacks the attacker creates noise over the network and transmits packets making it possible to detect and trace the attacker. Depending on the skill level, it has been observed that the skill full attackers usually attack their victims from proxy destinations that they have victimized earlier. 1.5.2 Passive Attacks Passive attacks involve the attacker being able to intercept, collect monitor any transmission sent by their victims. Thus, eavesdropping on their victim and in the process being able to listen in to their victims or targets communications. Passive attacks are very specialized types of attacks which are aimed at obtaining information that is being transmitted over secure and insecure channels. Since the attacker does not create any noise or minimal noise on the network so it is very difficult to detect and identify them. Passive attacks can be divided into 2 main types, the release of message content and traffic analysis. Release of message content It involves protecting message content from getting in hands of unauthorized users during transmission. This can be as basic as a message delivered via a telephone conversation, instant messenger chat, email or a file. Traffic analysis It involves techniques used by attackers to retrieve the actual message from encrypted intercepted messages of their victims. Encryption provides a means to mask the contents of a message using mathematical formulas and thus make them unreadable. The original message can only be retrieved by a reverse process called decryption. This cryptographic system is often based on a key or a password as input from the user. With traffic analysis the attacker can passively observe patterns, trends, frequencies and lengths of messages to guess the key or retrieve the original message by various cryptanalysis systems. Chapter 2 Honeypot and Honeynet 2.1 Honeypot Is a system, or part of a system, deliberately made to invite an intruder or system cracker. Honeypots have additional functionality and intrusion detection systems built into them for the collection of valuable information on the intruders. The era of virtualization had its impact on security and honeypots, the community responded, marked by the fine efforts of Niels Provos (founder of honeyd) Thorsten Holz for their masterpiece book â€Å"Virtual Honeypots From Botnet Tracking to Intrusion Detection† in 2007. 2.2 Types of Honeypots Honeypots can be categorized into 2 main types based on Level of interaction Deployment. 2.2.1 Level of interaction Level of interaction determines the amount of functionality a honeypot provides. 2.2.1.1 Low-interaction Honeypot Low-interaction honey pots are limited in the extent of their interaction with the attacker. They are generally emulator of the services and operating systems. 2.2.1.2 High interaction Honeypot High-interaction honeypots are complex solution they involve with the deployment of real operating systems and applications. High interaction honeypots capture extensive amount of information by allowing attacker to interact with the real systems. 2.2.2 Deployment Based on deployment honeypot may be classified as Production Honeypots Research Honeypots 2.2.2.1 Production Honeypots Production honeypots are honeypots that are placed within the production networks for the purpose of detection. They extend the capabilities of the intrusion detection systems. These type of honeypots are developed and cond to integrate with the organizations infrastructure and scope. They are usually implemented as low-interaction honeypots but implementation may vary depending on the available funding and expertise required by the organization. Production honeypots can be placed within the application and authentication server subnets and can identify any attacks directed towards those subnets. Thus they can be used to identify both internal and external threats for an organization. These types of honeypots can also be used to detect malware propagation in the network caused by zero day exploits. Since IDSs detection is based on database signatures they fail to detect exploits that are not defined in their databases. This is where the honeypots out shine the Intrusion detection systems. They aid the system network administrators by providing network situational awareness. On basis of these results administrators can take decisions necessary to add or enhance security resources of the organization e.g. firewall, IDS and IPS etc. 2.2.2.1 Research Honeypots Research honeypots are deployed by network security researchers the whitehat hackers. Their primarily goal is to learn the tools, tactics techniques of the blackhat hackers by which they exploit computers network systems. These honeypots are deployed with the idea of allowing the attacker complete freedom and in the process learn his tactics from his movement within the system. Research honeypots help security researchers to isolate attacker tools they use to exploit systems. They are then carefully studied within a sand box environment to identify zero day exploits. Worms, Trojans and viruses propagating in the network can also be isolated and studied. The researchers then document their findings and share with system programmers, network and system administrators various system and anti-virus vendors. They provide the raw material for the rule engines of IDS, IPS and firewall system. Research Honeypots act as early warning systems. They are designed to detect and log maximum information from attackers yet being stealthy enough not to let attackers identify them. The identity of the honeypot is crucial and we can conclude that the learning curve (from the attacker) is directly proportional to the stealthiest of thehoneypot .These types of honeypots are usually deployed at universities and by the RD departments of various organizations. These types of honeypots are usually deployed as High-Interaction honeypots. 2.3 Honeynet The concept of the honeypot is sometimes extended to a network of honeypots, known as a honeynet. In honeynet we grouped different types of honeypots with different operatrating systems which increases the probability of trapping an attacker. At the same time, a setting in which the attacker explores the honeynet through network connections between the various host systems provides additional prospects for monitoring the attack and revealing information about the intruder. The honeynet operator can also use the honeynet for training purposes, gaining valuable experience with attack strategies and digital forensics without endangering production systems. The Honeynet project is a non-profit research organization that provides tools for building and managing honeynets. The tools of the Honeynet project are designed for the latest generation of high interaction honeynets that require two separate networks. The honeypots reside on the first network, and the second network holds the tools for managing the honeynet. Between these tools (and facing the Internet) is a device known as the honeywall. The honeywall, which is actually a kind of gateway device, captures controls, and analyzes all inbound and outbound traffic to the honeypots[4]. It is a high-interaction honeypot designed to capture wide-range of information on threats. High-interaction means that a honeynet provides real systems, applications, and services for attackers to interact with, as opposed to low-interaction honeypots which provide emulated services and operating systems. It is through this extensive interaction we gain information on threats, both external and internal to an organization. What makes a honeynet different from most honeypots is that it is a network of real computers for attackers to interact with. These victim systems (honeypots within the honeynet) can be any type of system, service, or information you want to provide [14]. 2.4 Honeynet Data Management Data management consist of three process Data control, data capture and data collection. 2.4.1 Data Control Data control is the containment of activity within the honeynet. It determines the means through which the attackers activity can be restricted in a way to avoid damaging/abusing other systems/resources through the honeynet. This demands a great deal of planning as we require to give the attacker freedom in order to learn from his moves and at the same time not let our resources (honeypot+bandwidth) to be used to attack, damage and abuse other hosts on the same or different subnets. Careful measures are taken by the administrators of the honeynet to study and formulate a policy on attackers freedom versus containment and implement this in a way to achieve maximum data control and yet not be discovered or identified by the attacker as a honeypot. Security is a process and is implemented in layers, various mechanisms to achieve data control are available such as firewall, counting outbound connections, intrusion detection systems,intrusion prevention systems and bandwidth restriction e tc. Depending on our requirements and risk thresholds defined we can implement data control mechanisms accordingly [4]. 2.4.2 Data Capture Data Capture involves the capturing, monitoring and logging of allthreats and attacker activities within the honeynet. Analysis of this captured data provides an insight on the tools, tactics, techniques and motives of the attackers. The concept is to achieve maximum logging capability at all nodes and hence log any kind of attackers interaction without the attacker knowing it. This type of stealthy logging is achieved by setting up tools and mechanisms on the honeypots to log all system activity and have network logging capability at the honeywall. Every bit of information is crucial in studying the attacker whether its a TCP port scan, remote and local exploit attempt, brute force attack, attack tool download by the haacker, various local commands run, any type of communication carried out over encrypted and unencrypted channels (mostly IRC) and any outbound connection attempt made by the attacker [25]. All of this should be logged successfully and sent over to a remote location to avoid any loss of data due to risk of system damage caused by attackers, such as data wipe out on disk etc. In order to avoid detection of this kind of activity from the attacker, data masking techniques such as encryption should be used. 2.4.3 Data Collection Once data is captured, it is securely sent to a centralized data collection point. Data is used for analysis and archiving which is collected from different honeynet sensors. Implementations may vary depending on the requirements of the organization, however latest implementations incorporate data collection at the honeywall gateway [19]. 2.5 Honeynet Architectures There are three honeynet architectures namely Generation I, Generation II and Generation III 2.5.1 Generation I Architecture Gen I Honeynet was developed in 1999 by the Honeynet Project. Its purpose was to capture attackers activity and give them the feeling of a real network. The architecture is simple with a firewall aided by IDS at front and honeypots placed behind it. This makes it detectable by attacker [7]. 2.5.2 Generation II III Architecture Gen II honeynets were first introduced in 2001 and Gen III honeynets was released in the end of 2004. Gen II honeynets were made in order to address the issues of Gen I honeynets. Gen II and Gen III honeynets have the same architecture. The only difference being improvements in deployment and management, in Gen III honeynets along with the addition of Sebek server built in the honeywall. Sebek is a stealthy capture tool installed on honeypots that capture and log all requests sent to the system read and write system call. This is very helpful in providing an insight on the attacker [7]. A radical change in architecture was brought about by the introduction of a single device that handles the data control and data capture mechanisms of the honeynet called the IDS Gateway or marketing-wise, the Honeywall. By making the architecture more â€Å"stealthy†, attackers are kept longer and thus more data is captured. There was also a major thrust in improving honeypot layer of data capture with the introduction of a new UNIX and Windows based data. 2.6 Virtual Honeynet Virtualization is a technology that allows running multiple virtual machines on a single physical machine. Each virtual machine can be an independent Operating system installation. This is achieved by sharing the physical machines resources such as CPU, Memory, Storage and peripherals through specialized software across multiple environments. Thus multiple virtual Operating systems can run concurrently on a single physical machine [4]. A virtual machine is specialized software that can run its own operating systems and applications as if it were a physical computer. It has its own CPU, RAM storage and peripherals managed by software that dynamically shares it with the physical hardware resources. Virtulization A virtual Honeynet is a solution that facilitates one to run a honeynet on a single computer. We use the term virtual because all the different operating systems placed in the honeynet have the appearance to be running on their own, independent computer. Network to a machine on the Honeynet may indicate a compromised enterprise system. CHAPTER 3 Design and Implementation Computer networks, connected to the Internet are vulnerable to a variety of exploits that can compromise their intended operations. Systems can be subject to Denial of Service Attacks, i-e preventing other computers to gain access for the desired service (e.g. web server) or prevent them from connecting to other computers on the Internet. They can also be subject to attacks that cause them to cease operations either temporarily or permanently. A hacker may be able to compromise a system and gain root access as if he is the system administrator. The number of exploits targeted against various platforms, operating systems, and applications increasing regularly. Most of vulnerabilities and attack methods are detected after the exploitations and cause big loses. Following are the main components of physical deployment of honeynet. First is the design of the Deployed Architecture. Then we installed SUN Virtual box as the Virtualization software. In this we virtually installed three Operating System two of them will work as honey pots and one Honeywall Roo 1.4 as Honeynet transparent Gateway. Snort and sebek are the part of honeywall roo operating system. Snort as IDS and Snort-Inline as IPS. Sebek as the Data Capture tool on the honeypot. The entire OS and honeywall functionality is installed on the system it formats all the previous data from the hard disk. The only purpose now of the CDROM is to install this functionality to the local hard drive. LiveCD could not be modified, so after installing it on the hard drive we can modify it according to our requirement. This approach help us to maintain the honeywall, allowing honeynet to use automated tools such asyumto keep packages current [31]. In the following table there is a summry of products with features installed in honeynet and hardware requirements. Current versions of the installed products are also mention in the table. Table 3.1 Project Summary Project Summary Feature Product Specifications Host Operating System Windows Server 2003 R2 HW Vendor HP Compaq DC 7700 ProcessorIntel(R) Pentium ® D CPU 3GHz RAM 2GB Storage 120GB NIC 1GB Ethernet controller (public IP ) Guest Operating System 1 Linux, Honeywall Roo 1.4 Single Processor Virtual Machine ( HONEYWALL ) RAM 512 MB Storage 10 GB NIC 1 100Mbps Bridged interface NIC 2 100Mbps host-only interface NIC 3 100Mbps Bridged interface (public IP ) Guest Operating System 2 Linux, Ubuntu 8.04 LTS (Hardy Heron) Single Processor Virtual Machine ( HONEYPOT ) RAM 256 MB Storage 10 GB NIC 100Mbps host-only vmnet (public IP ) Guest Operating System 3 Windows Server 2003 Single Processor Virtual Machine ( HONEYPOT ) RAM 256 MB Storage 10 GB NIC 100Mbps host-only vmnet (public IP ) Virtualization software SUN Virtual Box Version 3 Architecture Gen III Gen III implemented as a virtual honeynet Honeywall Roo Roo 1.4 IDS Snort Snort 2.6.x IPS Snort_inline Snort_inline 2.6.1.5 Data Capture Tool (on honeypots) Sebek Sebek 3.2.0 Honeynet Project Online Tenure November 12, 2009 TO December 12, 2009 3.1 Deployed Architecture and Design 3.2 Windows Server 2003 as Host OS Usability and performance of virtualization softwares are very good on windows server 2003. Windows Server 2003is aserveroperating system produced byMicrosoft. it is considered by Microsoft to be the cornerstone of itsWindows Server Systemline of business server products. Windows Server 2003 is more scalable and delivers better performance than its predecessor,Windows 2000. 3.3 Ubuntu as Honeypot Determined to use free and open source software for this project, Linux was the natural choice to fill as the Host Operating System for our projects server. Ubuntu 8.04 was used as a linux based honeypot for our implementation. The concept was to setup an up-to-date Ubuntu server, cond with commonly used services such as SSH, FTP, Apache, MySQL and PHP and study attacks directed towards them on the internet. Ubuntu being the most widely used Linux desktop can prove to be a good platform to study zero day exploits. It also becomes a candidate for malware collection and a source to learn hacker tools being used on the internet. Ubuntu was successfully deployed as a virtual machine and setup in our honeynet with a host-only virtual Ethernet connection. The honeypot was made sweeter i.e. an interesting target for the attacker by setting up all services with default settings, for example SSH allowed password based connectivity from any IP on default port 22, users created were given privi leges to install and run applications, Apache index.html page was made remotely accessible with default errors and banners, MySQL default port 1434 was accessible and outbound connections were allowed but limited [3]. Ubuntu is a computeroperating systembased on theDebianGNU/Linux distribution. It is named after theSouthern Africanethical ideology Ubuntu (humanity towards others)[5]and is distributed asfree and open source software. Ubuntu provides an up-to-date, stable operating system for the average user, with a strong focus onusabilityand ease of installation. Ubuntu focuses onusability andsecurity. The Ubiquity installer allows Ubuntu to be installed to the hard disk from within the Live CD environment, without the need for restarting the computer prior to installation. Ubuntu also emphasizesaccessibilityandinternationalization to reach as many people as possible [33]. Ubuntu comes installed with a wide range of software that includes OpenOffice, Firefox,Empathy (Pidgin in versions before 9.10), Transmission, GIMP, and several lightweight games (such as Sudoku and chess). Ubuntu allows networking ports to be closed using its firewall, with customized port selectio