Improving Decision making in the Public Essay Example | Topics and Well Written Essays - 1000 words

Improving Decision making in the Public - Essay Example This examination features thatâ the natural part, established on the enthusiastic senses, is operational without cognizant incorporation. Conversely, objective reasoning includes all circumstances requiring deliberative examination. Tragically, the intuitive part is relatively more grounded than its balanced partner. Subsequently, individuals are enticed to utilize the intuitive bit even in circumstances requiring conscious investigation. This is the purpose for the absence of limit with respect to people to make right decisions.This paper talks about that general society ought to be told by information on choices making, and utilize these information while framing choices. Studies show that information on measurements improves the judgment of assurance and vulnerability, and it is significant this is actualized inside instruction educational program so that students’ dynamic aptitudes are honed. Furthermore, analysts found that praiseworthy numeracy aptitudes altogether impr ove one’s capacity to decipher certifiable circumstances. Dynamic can be definitely improved by underscoring these two instructive methodologies in instructive projects, while specialists applying information on dynamic through improved factual and numeracy skills. Scientific realities decide that we are unequipped for modifying our selves through the incorporation of new information and abilities to settle on just right choices. Never-the-less, the utilization of libertarian paternalism, and use of the two instructive methodologies can improve dynamic.

Research and Decision Making Assignment Essay Example | Topics and Well Written Essays - 500 words

Research and Decision Making Assignment - Essay Example Perceiving the developing salary in India through the blasting of business process re-appropriating industry which expects specialist to work around evening time, the organization can pick to take into account call focus operators who need espresso in during their days of work (India 2008). As espresso is promoted as an energizer in light of its caffeine content, Coffee Time can advertise itself as the essential decision for individuals who need to remain alert and fiery in the midst of the pressure of being up throughout the night. For this, the organization should lead its own statistical surveying dissecting the segment, way of life, and culture of this specific gathering. Socioeconomics ought to fundamentally take a gander at salary and age. In conclusion, the organization can prevail by deliberately changing its item contributions for its objective market. It ought to be noticed that India ought to be treated as a market separated from its activities abroad. In this way, the item ought to be restricted by the looked into inclination of the client.

The 5 Ds That Help With Smoking Cessation

The 5 Ds That Help With Smoking Cessation Addiction Nicotine Use How to Quit Smoking Print The 5 Ds for Smoking Cessation These Tips Will Help You Manage Most Cravings to Smoke By Terry Martin facebook twitter Terry Martin quit smoking after 26 years and is now an advocate for those seeking freedom from nicotine addiction. Learn about our editorial policy Terry Martin Medically reviewed by Medically reviewed by Sanja Jelic, MD on January 20, 2020 Sanja Jelic, MD, is board-certified in sleep medicine, critical care medicine, pulmonary disease, and internal medicine.   Learn about our Medical Review Board Sanja Jelic, MD on January 20, 2020 Guido Mieth / Taxi / Getty Images More in Addiction Nicotine Use How to Quit Smoking After You Quit Nicotine Withdrawal Smoking-Related Diseases The Inside of Cigarettes Alcohol Use Addictive Behaviors Drug Use Coping and Recovery Nicotine withdrawal is an intense phase of smoking cessation. It can include everything from physical symptoms that mimic illness to feelings of sadness and seemingly nonstop thoughts of smoking. Understanding what to expect when you quit smoking and having a plan to manage the discomforts that come with early smoking cessation keep you in control and headed for long-term success. The Five Ds of Smoking Cessation The five Ds is a set of tools that will help you quickly respond to the majority of smoking urges youll encounter in a healthy way. Memorize them and get in the habit of checking to see whether your cravings that come along fit into any of them. The five Ds are: DelayDistractDrink waterDeep breathingDiscuss 1. Delay Delay until the craving to smoke passes. Cravings are difficult, but they usually pass fairly quickly. Most urges to smoke come and go within three to five minutes. It may feel like your day is one long craving when you first quit, but the truth is that smoking urges really are relatively short in duration. They come often during the first several days after you stop smoking, but with practice at choosing other ways to deal with them rather than smoking, theyll begin to fade. 2. Distract Distract yourself. Shift your attention away from thoughts of smokingâ€"go for a walk around the block or work on a crossword puzzle. Distraction effectively stops the unhealthy mindset that enables thoughts of smoking. Left unchecked, those thoughts can cause you to spiral downward, so try to stay busy. 101 Things to Do Instead of Smoking 3. Drink Water Drink water to beat cravings to smoke. It works surprisingly well. Nicotine withdrawal is hard on your body, and good hydration will help to ease the negative  effects. Youll feel better both physically and mentally. 4. Deep Breathing Deep breathing is a quick and effective way to reduce the stress that comes with early smoking cessation. Close your eyes and breathe in slowly for a count of three, then exhale for a count of three. Repeat and youll begin to feel your body release the tension its holding. Stress is a bit of a double-edged sword for new ex-smokers. We used cigarettes to deal with the stress in our lives, so when we quit, stress causes strong urges to smoke for most of us. At the same time, the early days of quitting  create their own stress as well. Learning how to manage stress on the spot is critical, and deep breathing does just that. 5. Discuss Discuss your feelings with someone close to you or with other ex-smokers in an online smoking cessation support forum. Theres nothing better for your resolve than connecting with those who are walking the path alongside you or hearing from those who have navigated smoking cessation successfully. Knowing What to Expect Helps Success When you know what to expect from nicotine withdrawal and recovery from nicotine addiction in general, you can develop a plan of attack to tide you over when the going gets tough. The five Ds should be a part of that plan. Take your quit program  one day at a time and trust that youll find your way through recovery from nicotine addiction, just as others have before you.

Morality in O’Brien’s Going After Cacciato Essay - 1708 Words

Morality in O’Brien’s Going After Cacciato Going After Cacciato, by Tim OBrien, is a book that presents many problems in understanding. Simply trying to figure out what is real and what is fantasy and where they combine can be quite a strain on the reader. Yet even more clouded and ambiguous are the larger moral questions raised in this book. There are many so-called war crimes or atrocities in this book, ranging from killing a water buffalo to fragging the commanding officer. Yet they are dealt with in an almost offhanded way. They seem to become simply the moral landscape upon which a greater drama is played-- i.e. the drama of running away from war, seeking peace in Paris. This journey after Cacciato turns into a†¦show more content†¦This certainly comes out in the fragging incident, when the squad kills Lieutenant Sidney Martin. But theres something more. Another time, OBrien was quoted as saying, My concerns have to do with the abstractions: ... How does one do right in an evil situation? (Bates 263). That is th e big question, of course, that this novel deals with. See, the point that OBrien is making is not that war is an evil situation. Hes trying to take that for granted and move beyond. Now that youve got this evil situation, what do you do? Where is the good? In the observation post, Paul Berlin remembered what his father had said on their last night along the Des Moines River. Youll see some terrible stuff, I guess. Thats how it goes. But try to look for the good things, too. Theyll be there if you look. So watch for them (OBrien 58). So he does look for the good things. Thats beauty being born out of despair, if you will. He enjoys watching the sunrise. And Bates refers to Paul Berlin helping treat a young Vietnamese girl and having sensitive feelings towards her (270). This is almost as if to say that war brings out the best as well as the worst in us. Some may argue that its almost worth it. (Almost being the key word-- for clearly the good in a war does not outweigh or even equal the bad.) Heres where purpose gets involved. Most believe that there is a greater good. Some reason for fighting the war. Politics. Ideology. The things Paul Berlin thinksShow MoreRelated Revelation through Experience in Heart of Darkness, Going After Cacciato, and The Things They Carri3247 Words   |  13 PagesRevelation through Experience in Heart of Darkness, Going After Cacciato, and The Things They Carried Foreign lands seemingly possessed by evil spirits as well as evil men, ammunition stockpiles, expendable extremities and splintered, non-expendable limbs carpeting the smoking husks of burnt-out villages, the intoxicating colors of burning napalm, and courage mixed with cowardice in the face of extreme peril. These are just a few examples of the spell-binding images presented inRead MoreThe Things They Carried By Tim O Brien Essay2097 Words   |  9 Pageswar. After he came back from the war, he decided to finish college. He attended as a graduate student at Harvard University and got an internship as a reporter for the Washington Post. O’Brien started writing at age 24 in 1973 upon his completion of his first novel If I Die in a Combat Zone, Box Me Up and Ship Me Home, an autobiographical story about his duties and the typical day as a soldier in the Vietnam War. In 1979, he won the National Book Award for his novels Northern Lights and Going After

The Natural Themes - Free Essay Example

Sample details Pages: 1 Words: 416 Downloads: 5 Date added: 2017/09/13 Category Advertising Essay Did you like this example? Choices and Consequences The novels focus on morality incorporates the theme of choices and consequences and the related issue of responsibility. Malamud presents Roy with moral choices in the novel that require attention to his responsibilities as a father, a team member, and a human being. He must choose whether or not to form a lasting relationship with Iris and their child, and ignore his concerns about her being a grandmother. He must choose whether or not he will try to win the pennant for himself or for his team members and Pop Fisher. He also must choose whether or not he will accept a bribe and disgrace the game he loves in order satisfy his materialism and insure his financial security. Failure Roys failure to make moral decisions in the novel cause his downfall. His failure reveals his devotion to the American dream of success that blinds him to the needs of others. Don’t waste time! Our writers will create an original "The Natural Themes" essay for you Create order A monomaniacal focus on being the best there ever was in the game prevents him from becoming a team player and putting the success of the Knights before his own. This self-involvement leads to loneliness and alienation. Another important part of the dream is money. Roys growing materialism links him with the corrupt and greedy Memo and prompts him to accept a bribe from the Judge, which ultimately leads to his disgrace. Growth and Development During the course of the novel Roy does show some moral growth. His desire to win the pennant for Pop emerges alongside his own more selfish need to be the best. By the end of the novel, Roy accomplishes a self-transcendence when he decides to forget about trying to fix the game and determines to take care of Iris and their child. However, this development comes too late to save him. Good and Evil Throughout the novel, Roy is caught between the forces of good and evil; these forces wage a battle for his soul. Pop Fisher and Iris Lemon represent the forces of good. Pop struggles to turn Roy into a team player and to focus on community rather than individual success. Iris teaches him that through suffering we learn the important things in life, like love and self-respect. Unfortunately, the symbolically evil characters outnumber the good. Memo, the Judge, Gus Sands, and Max Mercy all try to drag Roy down into the world of corruption. Swayed by the power and success they offer, Roy realizes too late the dangerous consequences of his association with them.

The Academic Standards of Schools Today Free Essays

College or technical schools are supposed to be the gateway to higher paying careers, but most are not all that they are cracked up to be. The standards and goals that society wants met are continually not being met by the students today. Also, many higher learning facilities lack the funds to provide positive learning environments for students. We will write a custom essay sample on The Academic Standards of Schools Today or any similar topic only for you Order Now For these reasons and many more are keeping the students of today from benefiting fully from schools. Society today has to make some new choices for the students of tomorrow, choices that will carry them into the next millennium. Society can either â€Å"lower standards so that everybody â€Å"passes† in a way that looses all meaning in the real world† or † raise standards and then meet them† (Barber 479). I personally believe in raising our expectations and doing whatever is needed to meet them. Our countries standards are among the lowest in the world and † at the same moment as we are transferring our responsibilities to the shoulders of the next generation, we are blaming them for our own generation†s most conspicuous failures† (Barber 472). Every election year the candidates use something about education as one of their platforms, but few ever carry through with them once they are elected. Most education bills die in congress in some shape or another and the ones that actually make it through congress, are usually ineffective because they have been changed and modified to the point of ineffectiveness. Also, many of the learning facilities today lack the funding to provide adequate, positive learning environments for students. Underpaid teachers and professors who † make less than accountants architects, doctors, lawyers, engineers, judges, health professionals, auidiors, and surveyors† and thus many student disregard teachers as role models. If people see someone who can score touchdowns or dunk a basketball making millions while their teachers are scraping bottom to survive, then how can an educator possibly motivate them to learn (Barber 470). Many people chase after their â€Å"dreams† of money instead of seeing the reality of learning. Although society today rates an education as one of their top priorities, they still allow learning facilities to become broken and run down. Like animals, children and adults file into buildings with bad floors, horrible plumbing, leaky roofs and ceilings, and pack into desk, usually 35+ per educator. Today the government spends $35,000 a year to keep someone behind bars and only a fraction of that to keep them in school (Barber 475). Tuition, room, and board at most colleges now come to at least $7,000, not counting books and fees. This might seem to suggest that the colleges are getting rich. But they are equally battered by inflation. Tuition covers only 60 percent of what it cost to educate a student, and ordinarily the remainder comes from what colleges receive in endowments, grants, and gifts† (Bird 498). Its about time we started to provide more money. Funding more for education wont solve every problem but no problem can even begin to be solved without it. The so-called higher learning facilities of today are selling students short when it comes to their education. Properly funding the education system and setting new standards for the future is an important part of education reform. Education reform for the US is a vital part of insuring the future for students and bringing them up to the standards set by other countries. How to cite The Academic Standards of Schools Today, Papers The Academic Standards of Schools Today Free Essays College or technical schools are supposed to be the gateway to higher paying careers, but most are not all that they are cracked up to be. The standards and goals that society wants met are continually not being met by the students today. Also, many higher learning facilities lack the funds to provide positive learning environments for students. We will write a custom essay sample on The Academic Standards of Schools Today or any similar topic only for you Order Now For these reasons and many more are keeping the students of today from benefiting fully from schools. Society today has to make some new choices for the students of tomorrow, choices that will carry them into the next millennium. Society can either â€Å"lower standards so that everybody â€Å"passes† in a way that looses all meaning in the real world† or † raise standards and then meet them† (Barber 479). I personally believe in raising our expectations and doing whatever is needed to meet them. Our countries standards are among the lowest in the world and † at the same moment as we are transferring our responsibilities to the shoulders of the next generation, we are blaming them for our own generation†s most conspicuous failures† (Barber 472). Every election year the candidates use something about education as one of their platforms, but few ever carry through with them once they are elected. Most education bills die in congress in some shape or another and the ones that actually make it through congress, are usually ineffective because they have been changed and modified to the point of ineffectiveness. Also, many of the learning facilities today lack the funding to provide adequate, positive learning environments for students. Underpaid teachers and professors who † make less than accountants architects, doctors, lawyers, engineers, judges, health professionals, auidiors, and surveyors† and thus many student disregard teachers as role models. If people see someone who can score touchdowns or dunk a basketball making millions while their teachers are scraping bottom to survive, then how can an educator possibly motivate them to learn (Barber 470). Many people chase after their â€Å"dreams† of money instead of seeing the reality of learning. Although society today rates an education as one of their top priorities, they still allow learning facilities to become broken and run down. Like animals, children and adults file into buildings with bad floors, horrible plumbing, leaky roofs and ceilings, and pack into desk, usually 35+ per educator. Today the government spends $35,000 a year to keep someone behind bars and only a fraction of that to keep them in school (Barber 475). Tuition, room, and board at most colleges now come to at least $7,000, not counting books and fees. This might seem to suggest that the colleges are getting rich. But they are equally battered by inflation. Tuition covers only 60 percent of what it cost to educate a student, and ordinarily the remainder comes from what colleges receive in endowments, grants, and gifts† (Bird 498). Its about time we started to provide more money. Funding more for education wont solve every problem but no problem can even begin to be solved without it. The so-called higher learning facilities of today are selling students short when it comes to their education. Properly funding the education system and setting new standards for the future is an important part of education reform. Education reform for the US is a vital part of insuring the future for students and bringing them up to the standards set by other countries. How to cite The Academic Standards of Schools Today, Papers

Etruscan Forgeries Essay Example For Students

Etruscan Forgeries Essay On September 9th, 2011 I attended a memorial lecture, devoted to George M. A. Hanfmann. The event was hosted by Dr. Richard De Puma of Archaeological Institute of America (AIA). The lecture focused on Etruscan Forgeries and some unknown facts and events, associated with a period in art history that brought our attention to the Etruscan civilization. Known as an early pre-Roman civilization, Etruscans started as a culture around 1000 BC. Etruscans had their own culture and art with its culmination around 700-500 BC. That is what gave them the title of the most speculated civilization from early 1400s till now, when it was rediscovered by archaeologists. Turns out that Etruscans were the ones, who actually invented Roman numerals, but they were never credited for it. Due to the fact that they used linen to write on, there is very little preserved to be able to read them. One of those people, who initiated discoveries in Italy, was Annioda Viterbo from Rome. He was a talented artist. His passion for Etruscan antiquities and his linguistic knowledge made the artist use his skills for creating the famous forgery, known as a fragmentary of Etruscan Inscription, which was a sensation for that time. Annioda Viterbo became famous in Italy for digging out those tablets and translating them, which influenced new excavations in that part of the world. Comparing different pieces of art of Etruscan origin made scientists question the authenticity of some masterpieces that were exhibited in the most reputable museums of the world, such as Etruscan Terracotta Sarcophagus, sold to Louvre in 1861, or another Terracotta Sarcophagus, purchased by the British Museum in 1873. A desire of owning such a masterpiece paid a high price for it, creating competition among antiquity collectors. Therefore, it lead to forgery that was a great way to make money for some people, using their artistic talents and skills. The topic of the lecture and its content was really new to me. I was amazed how many things are still unknown for us about ancient cultures that developed a very sophisticated art, such as Etruscans. They expanded their painting technique al fresco all over northern and southern-central parts of Italy, which was similar to Greek red-figure vase painting. Unlike Greeks, Etruscans advanced in including space in their art. I really enjoyed learning that passion for Etruscan art inspired many artists to create forgeries, proving how powerful art can be.

The Low Budget Airline Jetstar Asia Airways Tourism Essay Essay Example

The Low Budget Airline Jetstar Asia Airways Tourism Essay Paper Jetstar Asia Airways is a low-priced budget air hose operating in the Southeast Asiatic part. It is founded by its female parent company Australia s Qantas Airways in 2003. Unlike Jetstar in Australia, Jetstar Asia is bulk Singapore in which a Singapore investing company, Temasek Holdings Limited holds 19 per cent of portions, two Singaporean business communities possess 32 per centum, and the staying 49 per cent of portions belongs to Qantas Group. The company is known as an air hose to offer low menus, all twenty-four hours and every twenty-four hours to South East Asia clients. It has received several valuable awards, such as Best Brand Experience for Low Cost Carrier ( 2006 ) , Best Low Cost Airline, Southeast Asia and Asia ( 2006, 2008 ) , Top 10 Airlines by Passenger Carriage ( 2006, 2007 ) , Best Asiatic Low-Cost Carrier ( 2006, 2007 ) . The first Jetstar Asia Airways flight took off for Hong Kong on December 13, 2004. Jetstar Asia and Valuair Airways Limited were me rged on July 22, 2005 ( Jetstar, neodymium ) . We will write a custom essay sample on The Low Budget Airline Jetstar Asia Airways Tourism Essay specifically for you for only $16.38 $13.9/page Order now We will write a custom essay sample on The Low Budget Airline Jetstar Asia Airways Tourism Essay specifically for you FOR ONLY $16.38 $13.9/page Hire Writer We will write a custom essay sample on The Low Budget Airline Jetstar Asia Airways Tourism Essay specifically for you FOR ONLY $16.38 $13.9/page Hire Writer With a fleet of seven A320 aircrafts, Jetstar Asia now offers up to 126 hebdomadal flights from Singapore to 17 finishs in 10 Asiatic states. It is be aftering to increase capacity by more three A320 aircrafts by early following twelvemonth and add finishs in India and China. This selling survey aims to supply the Jetstar Asia Airways current selling environment. It will analyze SWOT every bit good as PESTEL to do clearly internal and external selling environment. The study besides discuss about the current market program of Jetstar Asia Airways. From the audit procedure, recommendations will come out for bettering Jetstar Asia Airways selling public presentation in bing competitory air power environment. II. Background Today, planetary air power industry has been divided into three major classs ( Lelieur, 2003 ) . The first class consists of big web bearers, such as United Airlines, American Airlines, and Delta in the United States ; Air France, British Airway, Lufthansa in Europe. The 2nd 1 is the in-between size bearers such as KLM and SAS in Europe. The concluding class is the low cost bearers, such as Jet Blue, Westjet in North America ; Virgin Blue and Australian Airlines in Australia ; Ryanair, EasyJet, and Air Berlin in Europe ; Air Asia, Oasis Hong Kong Airline, Jetsatr Asia Airway, and Tiger Airway in Asia Pacific. Harmonizing to Weiss ( 2008, p.84 ) , Low-cost bearers, besides known as a no frills or price reduction air hoses, offers low menus in exchange for extinguishing many traditional riders services. These air hoses have a lower cost constructions than rivals. They frequently operate a individual rider category and fleet, cut downing preparation and service costs . In recent old ages, the low-priced bearers ( LLCs ) phenomenon has become more popular in air power industry. The low cost air hose concern has experienced surprising growing in term of riders carried and aircraft ordered. LLCs are likely to maintain their monetary value down exhaustively on-line engagement every bit good as supplying the minimal degree of onboard services. They can be seen as a new large success in the universe air hose industry. Harmonizing to OAG s Quarterly Airline Traffic Statistics ( 2007 ) , low cost international flights have increased 20 % twelvemonth by twelvemonth. Asia Pacific witnessed a dramatic growing in low cost sector, with an addition from 3,900 flights and 600,000 seats in 2001 to 61,000 flights and 9.2 million seats in 2007 ( Abacus, 2008 ) . The Asia Pacific low cost market now has accounted for 12 % of all flights and all seats. Many Asiatic states such as Singapore, Malaysia, India has opened up LCCs to attractive a big figure of riders. As an avowal about Jetstar Airways chance, Geoff Dixon, CEO of Qantas Airways Ltd said: We re really confident about the timing of the launch of this air hose. I do nt cognize where other air hoses will stop up but I can guarantee you Jetstar Asia will be about in four old ages clip and will be profitable, so Temasek and our other investors can be confident. ( 2004 ) . Jetstar Asia has announced its gross increases 20 % for the twelvemonth ended 31 March 2008 ( Jetstar, neodymium ) . These proves that low menus has become attract more travelers. The outlook of Jetstar Asia Airways about the universe s largest possible air power market is coming true. 2.2 PEST analysis Plague analysis is a common tool for analyzing an administration s macro-environment to place those factors that might increase the possible for crisis. ( Elliott, Swartz and Herbane, 2002 ) . These include political, economic, societal and technological factors and the analysis examines the impact of each of them on the concern. 2.2.1 Political factors On the August 09, 1965, Singapore left Malaysia Federation and became crowned head, democratic and independent state. In 1967, Singapore, Indonesia, Malaysia, the Philippines and Thailand established the Association of Southeast Asiatic Nations ( Asnic, neodymium ) . From 1970 Singapore is considered as a political stableness state. It has become the comfortable state with a widespread web of trading links. So far, Singapore political stableness has leaded to a high rate of economic growing. As one of Asia most stable economic sciences, many Singapore companies have developed good. Singapore economic has been developing services industries such as wealth direction and touristry, air power industry. Singaporean air hose industry plays a cardinal function in Singaporean economic system. It now includes mainstream Singapore Airlines and two low cost air hoses Tiger Airways and Jetstar Asia Airways. However, September 11th terrorist onslaught event in United States caused important fal ling in going. Besides, the political instability in South East Asia part, such as Thailand, Indonesia, and Malaysia influenced negatively on air power industry in Asia countries. 2.2.2 Economic factors The economic environment consists of factors that affect consumer buying power and disbursement forms . ( Kotler and Armstrong, 2009, p103 ) . These undermentioned analyses will demo how economic factors have an consequence on air power industry. In recent old ages, planetary economic crisis has pushed the trade-service dependent states into worst recession. The universe travel market has besides been affected in this crisis. Harmonizing to International Air Transport Association, due to economic recession, the planetary rider traffic will diminish by 3 % in 2009 and non turning above 4 % until 2011 ( IATA, 2008 ) . Another major factor effects strongly on air hose market, particularly budget air hoses, that is the addition in fuel monetary value. From 2004, the oil monetary value rush was a consequence of three chief factors: increased demand, a little planetary surplus of production capableness, and the fright of supply break. The fuel cost addition caused of 36 % rise of air hose operating costs in 2008. The deathly combination of falling demand and high oil monetary values made a dip of air power industry s profitableness, about losingss of US $ 10.4 billion in 2008. At the same twelvemonth, Asia Pacific air hose industry incurred losingss US $ 300 million ( IATA, 2009 ) . 2.2.3 Social factors Tendencies in societal factors are important constituent of the PEST analysis for air hose industry. Firstly, some factors such as advanced medical commissariats and low ratio at birth have allowed people to populate longer. The mean age of the population has been increasing steadily. Therefore, the merchandises that air hoses offer refering to older and handicapped riders who need aid at airdromes. Besides, traditional household construction has been altering in today modern society. The addition of divorce rate every bit good as figure of one-parent household has become modern-day tendency that travel industry has to make to suit. They can be promotional and merchandise planning policies, which offer to those who are singles or one-parent household. Furthermore, the alterations in the occupation market have impacts for air hose selling policies. Due to work force per unit areas, executives frequently have to do a day-return trip alternatively of two yearss. This has become more of import for short-haul markets. 2.2.4 Technology factors As an advanced engineering, Internet now plays an of import function in air hoses industry. All air hoses have web sites that allow clients to book air ticket online. In doing reserve, clients can besides choose their place. Use of cyberspace in air power industry brings benefits for both air hoses and riders based on cost economy. The application of Simplifying the Business ( StB ) undertaking in about air hoses brings non merely convenience to consumers but besides lower costs to air hoses industry. The undertaking includes electronic-ticketing, Common-Use Self-Service booths, and bar-coded embarkation base on ballss ( BCBP ) . BCBP can be accessed through web sites, booth, and a check-in desk. It will extinguish magnetic-stripe embarkation base on ballss in close hereafter. With PEST analysis as above, selling environment of Jetstar Asia Airways has merely evaluated to see how the company operates in the today altering environment. III. External analysis 1. Micro-environment ( app 1,200 words ) Description of the market Rivals analysis Market size, location, growing and chances Government engagement in the market place 2. Macro-environment 2.1 SWOT analysis A SWOT analysis is an in-depth scrutiny of cardinal factors that are internal ( strengths and failings ) and external ( chances and menaces ) to a concern ( Pinson, 2008, p.33 ) . Strengths are internal capablenesss that may assist a company make its objects. Failings are internal restrictions that may interfere with a company s ability to accomplish its objects. Opportunities are external factors that the company may be able to work to its advantages. Menaces are current external factors that may dispute the company s public presentation. ( Kotler and Armstrong, 2009, p.78 ) . SWOT analysis helps a concern to concentrate on those countries that present the greatest chances and those competences in which it is strongest. That concern look into ways to decrease its failings, develop schemes to get the better of menaces. The undermentioned analysis focuses on Jetstar Asia s SWOT. SWOT ANALYSIS OF JETSTAR ASIA AIRWAYS Internal Strengths Failings Flexible ticket monetary value construction Growth in market portion One type of aircraft Performance Narrow flight finishs. Limited fleet. External Opportunities Menaces Strengthen competitory capableness. Addition in short-haul traveling. Growth in Singapore touristry Addition of fuel monetary value Unpredictable catastrophe factors Swine grippe spread Customers belief. 2.1.1 Strengths Flexible ticket monetary value construction: Jetstar Asia Airways has applied flexible ticket monetary value construction that allows clients can take any sort of ticket, depending on clients demand. Customers can buy which ticket with or without baggage. By this application, Jetstar Asia Airways desires to run into clients diversified demands. Growth in market portion: The Company is traveling to establish its first service into China on December 16, 2009 ( BusinessWeek, 2009 ) . After that, it will offer new finish in India. Furthermore, with 3 extra A320 aircrafts, it will spread out its current capacity by 46 per cent by establishing twice daily services on the Singapore-Phuket path. One type of aircraft: Thankss to working one type of aircraft Airbus A320- Jetstar Asia Airways can salvage cost of fuel ingestion, cost of keeping other aircrafts and cut down cost of staff preparation, taking to take down operation cost. As a consequence, Jetstar Asia Airways can do up competitory advantage to entice more clients by offering low ticket monetary value. Performance: One of the most of import factors impacting clients pick in air hose industry is on-time public presentation. Understand this ; Jetstar has used the computerised Aircraft Communication Addressing and Reporting System ( ACARS ) to guarantee the truth of going clip and arrival clip. In 2008 and 2009, Jetstar s on-time public presentation ever achieved from 92 % to 98 % ( Jetstar, neodymium ) . 2.1.2 Failings Narrow flight finishs: So far, Jetstar Asia Airways has merely exploited its aeronautic paths to 17 finishs across 10 states in Asia Pacific ( Jetstar, neodymium ) . Meanwhile, Tiger Airways has runing with 27 finishs, and Asia Airways has 50 finishs. This can be seen failings of Jetstar Asia in air power competition to achieve clients. Limited fleet: Due to the limited fleet of seven A320 aircrafts, Jetstar Asia Airways has some troubles in spread outing its market portion to new finishs. 2.1.3 Opportunities Jetstar Asia Airways has focused on non merely single riders but besides concern travelers. It has set up several sorts of privilege services for concern travelers to increase figure of riders twelvemonth by twelvemonth. From merely 50 houses in 2004, now Jetstar has 400 corporations going with it ( Baoying, 2009 ) . More and more concerns, even transnational companies, are likely to take low cost air hoses to salvage their concern cost that create possible low cost market for Jetstar Asia Airways and other air hoses. Besides, tendency of short-haul traveling is increasing in figure of Asiatic tourers ; alternatively of long-haul vacations because it enables Asiatic people travel more on a regular basis in twelvemonth. Concentrating on these topics, Jetstar Asia will catch more chances to spread out its market portion. In add-on to this, in Singapore, two incorporate resorts the Marina Bay Sands and Resorts World Sentosa will be opened in 2010. At that clip, figure of traveler visi ts Singapore will increase dramatically. There will be about 15 million visitants coming to Singapore ( integratedresort, neodymium ) . Such general tendencies as mentioned above will convey chance for Singapore air hose industry, including budget air hoses and mainstream air hoses. 2.1.4 Menaces The addition in fuel monetary value over the past few old ages has bad affected on sustainable growing of Jetstar Asia Airways and air power industry. This can be seen an inexplicit menaces to profitableness of air hoses. Furthermore, the spread swine grippe in many parts has affected significantly on air hose going due to the dramatic lessening of travelers. Unpredictable accidents that come from bad conditions or proficient jobs are besides menaces to air hoses. Passengers may waver in taking between budget air hoses and mainstream air hoses because of the safety in budget air hoses. This menace may veto impact on gross revenues of Jetstar Asia. Recommendation Presents, Asian air hoses industry is acquiring more ferociously competitory between budget air hoses and traditional full services air hoses. Furthermore, competition among the outgrowth of Asiatic budget air hoses, such as Air Asia, Tiger Airways and Jetstar Asia has besides become intensely. In order to better the company s selling public presentation, we suggest some recommendations based on SWOT analysis above and consequences collected from an interview with people who are refering about air hoses market. First, we suggest Jetstar Asia should plan a client driven selling scheme to place its mark market. Its market cleavage includes clients those who normally travel on short draw trips and can non afford mean international tickets. Then the company should construct profitable client relationships based on topics: travelers for leisure, business communities and pupils. Understanding who its clients are, the company will construct client relationship to fulfill their demands. In add-on to this, the consequences from questioning reflect the company s convenience and services are non excessively high, merely over 50 % of respondents think that it is just. In order to capture value from clients and ain client trueness, in its selling schemes, the company needs to construct the right relationship with right clients and make client delectation. The company should beef up clients belief that lower monetary value does non intend bad services. Besides, Jetstar Asia should develop effectual advertisement scheme to consolidate their trade name name through mass media. Furthermore, limited fleet and flight finishs caused limitation in enlargement market place every bit good as pulling mark clients. Therefore, we recommend the company to use competitory schemes. The company should transport out non merely protect its current market portions but besides increase it farther. Books Weiss, J.W. ( 2008 ) Business Ethical motives: A Stakeholder and Issues Management Approach, Cengage Learning, New York. Lelieur, I. ( 2003 ) Law and policy of significant ownership and effectual control of air hoses Prospects for alteration, Ashgate Publishing, Hampshire. Pinson, L.J. ( 2008 ) Anatomy of a concern program: the bit-by-bit usher to constructing a concern and procuring your company hereafter, Out of your mindaˆÂ ¦and into the market place, California. Kotler, P and Amstrong, G ( 2009 ) Principles of Marketing, Pearson, New Jersey. A Elliott, D. , Swartz, E. and Herbane, B ( 2002 ) Business continuity direction: a crisis direction attack, Routledge, London Web sites Abacus ( 2008 ) The Year of the Resourceful A ; Enterprising Rat, accessed September 06, 2009, hypertext transfer protocol: //www.abacus.com.sg BusinessWeek ( 2009 ) Jetstar Airways Pty Ltd, accessed September 06, 2009, hypertext transfer protocol: //investing.businessweek.com/research/stocks/private/snapshot.asp? privcapId=10917341 A ; goback=.cps_1247149767187_1 Baoying, Ng. ( 2009 ) Jetstar Asia expands fleet and paths to maintain up with competition, accessed September 06, 2009, hypertext transfer protocol: //www.channelnewsasia.com/stories/singaporebusinessnews/view/450077/1/.html integratedresort ( nd ) Singapore Integrated Resorts, accessed September 06, 2009, hypertext transfer protocol: //integratedresorts.com.sg/ jetstar ( neodymium ) News, accessed September 06, 2009, hypertext transfer protocol: //www.jetstar.com/sg/en/about-us/news.aspx # SinApr16b Asnic ( neodymium ) Singapore history, accessed September 06, 2009, hypertext transfer protocol: //asnic.utexas.edu/asnic/countries/singapore/Singapore-History.html IATA ( 2008 ) IATA Economic briefing-The impact of recession on air traffic volumes, accessed September 07, 2009, hypertext transfer protocol: //www.iata.org/NR/rdonlyres/7E25AD13-E0AD-4166-ABD8-CFA192D51AB4/0/IATA_Economics_Briefing_Impact_of_Recession_Dec08.pdf IATA ( 2009 ) Annual study 2009, accessed September 07, 2009, hypertext transfer protocol: //www.iata.org/nr/rdonlyres/a33bc4b3-431b-4690-be6d-6788900c8ae3/0/iataannualreport2009.pdf Primary Resource Interview We have conducted market research by an interview with clients of Jetstar Asia and non-clients at Changi Airport to happen replies so develop selling scheme for Jetstar Asia. We would be grateful if you could help our group by finishing our questionnaires, which will supply utile information to us. Personal information 1. Sexual activity: a-? Male a-? Female 2. Age scope: a-?18-25 a-? 26-30 a-? 31-40 a-? 41-50 a-? 51-60 3. Occupation: _______________ A. Questionnaires 1. Which air hose with do you normally wing? a-? Mainstream air hoses a-? Budget airlines a-? Never 2. Which budget air hose with do you normally wing? a-? Jetstar Asia a-? Tiger Airways a-? Air Asia a-? Others ____________ 3. What concerns you most when you think of taking the budget air hose? a-? Money a-? Service a-? Convenience a-? Others ____________ 4. Which beginning lead you know Jetstar Asia? a-? Newspapers a-? Internet a-? Friends a-? Others ____________ 5. What is the intent of your trip? a-? Leisure a-? Business a-? Study a-? Others 6. How would you rate Jetstar Asia in footings of service? a-? Poor a-? Fair a-? Good a-? Excellent 7. How would you rate Jetstar Asia in footings of convenience? a-? Poor a-? Fair a-? Good a-? Excellent 8. What do you believe about Jetstar Asia s ticket monetary value comparing to other budget air hoses? a-? High a-? Reasonable a-? Low Thank you really much for taking the clip to reply these inquiries. B. Answers from appraising Question 1: For this inquiry, the consequences show that riders of budget air hoses are lower than that of mainstream air hoses, 27 % compared to 69 % . It means that budget air power s market portion is little. 4 % of the respondents have neer been on plane. Question 2: Reacting this inquiry, outcomes indicate out that Jetstar Asia rank at 3rd place behind Tiger Airways and Air Asia, with 23 % whereas Tiger Airways and Air Asia are 31 % and 42 % severally. 4 % of the replies flew with other air hoses. It should be recommended that Jetstar Asia need more effectual selling scheme to heighten the competitory capacity. Question 3: The consequence illustrate that the most clients concern when they choose budget air hoses is salvaging money, with 69 % of the respondents. Service standards and convenient standards rank the 2nd and the 3rd pick, with 16 % and 13 % severally. 2 % of the replies chose budget air hoses chiefly because attach toing with friends. Question 4: 41 % of the replies show that they knew Jetstar Asia through Internet. Newspapers, Friends and Others are ordered by 27 % , 25 % and 7 % severally. Question 5: For intent of concern, 31 % of the respondents take this consequence. 44 % of the replies show that their trip for leisure. For analyzing intent is 19 % , other intent is 6 % , such as wellness attention, sing old friends. Therefore, Jetstar Asia should concentrate on mark clients who are travelers in order to hike up its gross revenues. Besides it should pay attending to possible client section, including business communities and pupils. Question 6: In term of services, 53 % of respondents explained that they considered Jetstar Asia s services are sensible and acceptable. In contrast, 8 % of interviewees admitted poverty of service. Good standards and first-class standards are appraised by 25 % and 14 % severally. Question 7: Similarly, 51 % of interviewees illustrated that they evaluated convenience is just. 23 % of the replies think that convenience offered by Jetstar Asia is good whilst 15 % of them considered it as first-class. Staying 11 % of respondents are non pleased with Jetstar Asia convenience as they think it is hapless. Question 8: What do you believe about ticket monetary value of Jetstar Asia comparing to other budget air hoses? 64 % of them think that ticket monetary value offered by Jetstar Asia is sensible. 29 % of them believe that is low. Merely 7 % of the replies claim its monetary value is high.

DDay Thesis essays

DDay Thesis essays A private who was aboard one of the first few gliders to reach Normandy expresses his feeling: "I experienced an interesting psychological change in the few minutes before and immediately after take off. As I had climbed aboard and strapped myself into my seat I felt tense, strange and extremely nervous. It was as if I was in a fantasy dream world and thought that at any moment I would wake up from this unreality and find that I was back in the barrack room at Bulford Camp. Whilst we laughed and sang to raise our spirits - and perhaps to show others that we were no scared - personally I knew that I was frightened to death. The very idea of carrying out a night-time airborne landing of such a small force into the midst of the German army seemed to me to be little more than a suicide mission. Yet at the moment that the glider parted company with the ground I experienced an inexplicable change. The feeling of terror vanished and was replaced by exhilaration. I felt literally on top of the world. I remember thinking, 'you've had it chum, its no good worrying anymore - the die has been cast and what is to be, will be, and there is nothing you can do about it.' I sat back and enjoyed my first trip to Europe." Yet another rifleman who was carried to the beach in the LCVPs relates one of his incidents: I got on the gun. I set the gun up, and were looking, were looking. He says, "See if you can spot him." All of a sudden I spotted him, about 200 yards away, and Id say maybe 30 or 40 feet higher than me. He wasnt firing at me. He was firing down across. So when he opened up again the Germans, when they fire, they fire fast, they dont fire like we did, because they change the barrels of their machine guns in seconds. Ours were a pain. We had to take the whole gun apart and screw the barrel off, and then put another barrel on. They would get hot if you fired like the Germans. We only fi...

Principles of nursing practice Essay Example | Topics and Well Written Essays - 500 words

Principles of nursing practice - Essay Example Nurses account for the well-being of their assigned patients, nursing actions and professional behavior (Bullock, Macleod Clark & Rycroft-Malone 2012, p. 223). The nursing team functions on their level of proficiency in the legally recognized range of practice. The nursing staff undertakes steps to promote the delivery of safe, and appropriate ethical care to patients. They uphold the principle of safeguarding the health and safety of each patient. They enquire and get involved to address unsafe, corrupt, or incompetent practices that interfere with their ability to provide safe, ethical, compassionate, and competent care to the patients. They also take preventive measures to minimize harm that arises from adverse occurrences. They work as a team to reduce the potential for future risks and preventable harms. Nurses provide information to patients in their care with the facts they need to make well-versed decisions connected to their health and well-being. They ensure they provide nursing care with the patients informed consent. The nurses respect the wishes of people who decline to receive information about their health conditions. The nurses recognize and respect an individuals freedom to withdraw consent for care or treatment at any time. Nurses express linguistic expertise in their practice. The nursing team engages in compassionate care through their speech and physical response in an effort to realize and care for the needs of the patients. They identify and analyze relevant information when making decisions regarding the status of the patient (Bullock, Macleod Clark & Rycroft-Malone 2012, p.159). They assist patients to learn about the health care system and assessing appropriate health care facilities. The nurses have a responsibility to exhibit competence continuously. They utilize a combination of technical expertise and clinical reasoning to provide appropriate healthcare to patients. The qualities and capabilities of nurses

Analytical report on a current 'people issue' in the business news Essay

Analytical report on a current 'people issue' in the business news event as a 'case study you are required to undertake an - Essay Example The two major areas of HRM chosen for the purpose are human resource management care for the employees in organisations; and resourcing the organisation. The article chosen is on a recent survey which was undertaken by the â€Å"WorldatWork† (HRM Guide, 2010). The article has been chosen to ensure that it highlights the major aspects of recruitment practices and other benefits that employees are liable to in an organisations. It tries to bring about a link between the theories and practices and identifies the gaps between the same. Lastly, it provides suitable and needful recommendations to be undertaken by organisations in removing the same. Description about the news article The news article which was published on July 02, 2010 brings forth the results of a survey which was conducted on a number of employers in the US over â€Å"paid time off work† (HRM Guide, 2010). Three fourth of the employers in USA responded by saying that it was necessary to offer programs of pa id time off in order to remain competitive in the labour market. They conducted the programs through traditional and non-traditional ways. There were 1036 numbers of respondents from the benefits and compensation departments in the large corporations in USA. Lenny Sanicola, a member of the WorldatWork said that â€Å"time is the new currency and employers remaining committed to providing paid time off as a key employee benefit and reward† (HRM Guide, 2010). The three programs which were used in by employers are the traditional method, the PTO Bank type method and the Unlimited Leave method. The first method was used by 54% of the US companies. Under this program, employees are given particular allotments for vacations, sick and personal days. The PTO Bank model were being used by 40% of the employers under which employees were given a particular numbers of days to be used as leave for individual purposes. The unlimited leave strategy was undertaken by only 1% of the organisat ions under which employees would be given as many leaves as they wanted. It was seen that majority of the companies in USA were losing numerous dollars in the form of productivity and payroll expenses. The reason was that they were failing to manage the employees’ time off effectively. Employers believed that this would be crucial for successful recruitment, selection and retention of candidates but most of them did not maximise on the value of this aspect in the benefits program. The survey on 421 companies showed that 11% of them provided the time-off programs equally among all the employees. This made it difficult for them to manage and administer. The reports showed that the time-off programs were important tools for increasing attractiveness of organisations as employers but it had become extremely complex. This had made their administration and management difficult. It is crucial that companies undertake such programs which would allow them to quantify and track the tim e-off that their employees take since the programs involved are as expensive as that involving health care benefits, or overtime and temporary labour. It is realised that employers are the first ones and directly responsible providers of welfare to the employees. It is their involvement with the welfare facilities which

What Is A Mixed Economy? Benefits of Mixed Economy

What Is A Mixed Economy? Benefits of Mixed Economy The most current economies offer a blend of two or more budgetary frameworks. People in general part works nearby the private segment, however may seek the same constrained assets. Blended budgetary frameworks dont hinder the private part from benefit looking for, yet do screen benefit levels and may nationalize organizations that are regarded to go against general society great. Blended monetary frameworks are not free enterprise frameworks: the administration is included in arranging the utilization of assets and can push control over organizations in the private part. Governments may try to redistribute riches by burdened the private part, and utilizing stores from charges to push social destinations. While free enterprise permits costs to be set by supply and interest strengths and communism fixes costs through focal arranging, blended budgetary frameworks take into consideration costs in a few areas to change, while altering different costs, for example, vitality. Discuss whether a mixed economic system is able to take care of the welfare of the citizens in general. Include two country examples to support your discussion. The first country example to support my discussion is American is a paragon of a mixed economy system. The American free endeavor framework underscores private possession. Private organizations transform most merchandise and administrations, and very nearly two-thirds of the countrys aggregate budgetary yield goes to people for particular utilize the purchaser part is so incredible, indeed, that the country is some of the time portrayed as having a buyer economy. This accentuation on private proprietorship emerges, to some degree, from American convictions about individual opportunity. From the time the country was made, Americans have dreaded extreme government force, and they have looked to farthest point governments power over people incorporating its part in the financial domain. Also, Americans for the most part accept that an economy described by private proprietorship is liable to work more effectively than unified with generous government possession. At the point when financial powers are free, Americans accept, supply and interest focus the costs of merchandise and administrations. Costs, thus, advise organizations what to prepare; if individuals need to a greater extent a specific great than the economy is generating, the cost of the great ascents. That gets the consideration of new or different organizations that, sensing a chance to acquire benefits, begin preparing a greater amount of that great. Then again, if individuals need less of the great, costs fall and less aggressive makers either go bankrupt or begin transforming diverse products. Such a framework is known as a business sector economy. A communist economy, conversely, is described by more government proprietorship and focal arranging. Most Americans are persuaded that communist economies are characteristically less proficient in light of the fact that administration, which depends on duty incomes, is far more outlandish than private organizations to regard value s igns or to feel the control forced by business sector strengths Nowadays, pretty much everyone in America has made their peace with the blended economy. Granted, you may have the capacity to discover a honest libertarian out there some place who genuinely accepts that the administration ought to assume no part at all in financial life. Also you may even have the capacity to find an extremist comrade, some old lefty sticking to the disparaged long for a charge economy controlled by the autocracy of the working class. However those gentlemen are a long distance on the periphery. Whatever is left of us live in a world in which the blended economy appears to be superbly ordinary People practice a lot of particular control over their budgetary lives; most transactions happen in a commercial center that is moderately free. The soul of the countrys financial life is found in the private segment. Be that as it may the administration likewise assumes a critical part in the economy also. It officials the commercial center and through a mixture of measures impacts the courses in which assets are designated and circulated. Second country that supports my discussion is Malaysia is economy system mixed economy system. The Malaysia investment exercises completed by two gatherings, the first is a gathering of business people who do creation exercises of merchandise and administrations requested by Malaysians and in addition for fares. In the meantime the administration has done budgetary exercises in giving open merchandise like ways, schools, wellbeing and others. Plus the state-claimed organizations, for example, Khazanah Berhad, is likewise heartily included in financial exercises. In the meantime the legislature does monetary exercises focused around Islamic financial framework, in particular by giving Islamic managing an account framework. In any case, the Islamic keeping money framework in Malaysia is little contrasted and the accepted managing an account framework. In Malaysia, The value instrument is permitted to work however in a few cases the value component fizzles or works against open investment. The administration can help the specialists concurring the legislature enactment and regulation and business are not just incorporated the vender, that is incorporated the purchaser, the legislature additionally need to help the buyer as verify that the shopper are fulfill or concur that the costs of products and administrations gave by the dealer. Thus, we discuss value component. Value system is wide of assorted types of approach to adjust the purchaser and vender through value proportioning, value apportioning is imply that the conveyance of merchandise and administrations utilizing market and cost. Because of the lack of assets, value apportioning was required as needs and needs are boundless however the assets are constrained, for the contending utilize the accessible merchandise and administrations must be apportioned out. So as to verify that those purchasers eager and ready to pay the value, markets apportion stock by constraining the buy just is likewise required. Plus that, value component is additionally portraying the cost of products and administrations focused around the interest and supply. Be that as it may in a few cases the value system comes up short or works against open premium, for example, the purchaser are not capable and not eager to use the cash to buy the products and administrations because of the vender are put the cost are not been fulfill by the lions share of customer and the dealer dont conform to the value component worked by the legislature. Since the lack and surplus happen in the business, the legislature have obligation to defeat these issues. Along these lines, the maker of the merchandise and administrations will raise the cost to procure more benefit. Moreover, when the business confronted deficiency, there are such a large amount of burdens to the shopper. For instance, a cell telephone organization was dispatch a just took the ribbon off new cellular telephone, this cell telephone was made by cutting edge engineering. Tragically, the cost of the cellular telephone is very costly. After propelled to the business sector a time of time, the supply dont take care of the demand of the buyer as the customer not eager to use that much cash to buy that cellular telephone. In this way, the maker will decrease the cost of the cell telephone to take care of the demand of the shopper. In this circumstance, the administration needs to utilize different approaches to revise the imperfections. In this way, the duty installment for the family unit and organizations will be reasonable to them and the organization ready to set the cost of the item and administrations as indicated by the interest on account of the assessment installment are been balanced by ascertain the salary in every certain time of time or the organizations can set the item and administrations in low cost as the expense installment was decreased. Conclusion The legislature ought to intercede the economy by the right way, rectify the deformities by utilizing suitable results, conquer the economy issue by well and deal with the account by sound. It is on the grounds that Malaysia and American is a blended economy framework, the legislature need to mediate it by professionally and consider it important, if not, there will some negative evidence will happen, for example, supplier and purchaser disappointment, open behavior exhibit due to the cost of every day needs of products expand by abruptly etc. At the point when confronting surplus or deficiencies in the business, government may make fitting move to alter the circumstances.

Growing and Expanding Sandwich Blitz Essay

Creating a new position between the CEO and the location managers will help the business to grow because this newly created role will help to clear up time for Dalman to focus on the other aspects of his position. Since he is spending so much time on talking with location managers, other portions of Sandwich Blitz, Inc. could be suffering from it. Not only that, but adding in the factor that he is just one person makes is clear that a new level in management would help with growing the other managers into the best managers possible. Promoting an existing manger is a good option to fill this position as they are already very familiar with the organization. With the added benefit of having the experience of working in the role as manager to give them a better understanding and insight into what issues and problems can be found within a location. However, for promoting an existing manager, I believe that there are advantages and disadvantages with promoting an existing manager to fill this position. If you promote one of the store managers, you gain the advantage of someone who is already familiar with the day to day operations. But you lose them as your location manager. If you hire someone who didn’t already work at Sandwich Blitz, this person may not be familiar with the product line, but they could introduce new management ideas into the organization. New ideas could help the organization run more efficiently. Furthermore, when it comes to decision making, I think managers should stick with tactical decisions, owners board of directors should stick to strategic decisions and employees should stick to operational decisions. With strategic decisions, these affect the long-term direction of the business eg whether to take over Company A or Company B. Tactical Decisions, these are medium-term decisions about how to implement strategy eg what kind of marketing to have, or how many extra staff to recruit. To add Operational Decisions, these are short-term decisions (also called administrative decisions) about how to implement the tactics eg which firm to use to make deliveries. To conclude, the levels of authority (management) that Sandwich Blitz, Inc. would have if the new position is created, would be line authority gives a manager the right to direct the work of his or her employees and make many decisions without consulting others. Staff authority supports line authority by advising, servicing, and assisting, but this type of authority is typically limited. For example, the assistant to the department head has staff authority because he or she acts as an extension of that authority. These assistants can give advice and suggestions, but they don’t have to be obeyed. Functional authority is delegated to an individual or department over specific activities undertaken by personnel in other departments.

Motor Vehicle Safety Laws and Public Health Essay

â€Å"The U. S. Congress responded with the National Highway Traffic and Motor Vehicle Safety Act and the Highway Safety Act of 1966, creating a new federal program to address motor vehicle safety† (Waller, para. 5). This act allows the federal government to implement laws regarding motor vehicle safety. This act created the National Highway Traffic Safety Administration (NHTSA). William Haddon, public health physician, was the first director of the NHTSA. He was the first to set safety standard for motor vehicles and the first to administer programs for driver’s licensing, impaired driving from alcohol, motorcycle safety and etc. Federal Motor Vehicle Safety Standards are applied to new motor vehicle. â€Å"Legislation enacted in 1966 requires the federal government to establish safety standards for new motor vehicles sold in the United States, whether of domestic or foreign manufacture† (Waller, para. 16). These standards have prevented people from getting seriously injured during a motor vehicle accident. FMVSS, including softer instrument panels, head restraints, energy absorbing steering columns, and high penetration-resistant windshields, have saved thousands of lives and prevented tens of thousands of injuries† (Waller, para. 17). FMVSS also requires safety belts and child safety seats meet certain safety standards. State Laws Every state is required by law to follow the federal government’s standards. Most states have additional safety standards and programs regarding motor vehicle safety. The state of Maryland follows federal motor vehicle safety standards, as well as, their own safety standards. As of last year, Maryland set a new standard of no texting and talking on cell phones while driving, even at red lights. â€Å"Texting and talking on a cell phone while driving is illegal in Maryland; it is not safe for anyone and it can be especially dangerous for teens† (Young, para. 1). Texting and talking on cell phones while driving can become a huge distraction for drivers and has caused a lot of accidents. Maryland also has standards for unattended children in a motor vehicle. Every child that is unattended in a motor vehicle, especially during extreme hot and cold conditions, can get seriously injured which is why it is illegal. Legislative Laws These laws, federal and state, fall under legislative laws. Legislative laws are first called bills that are enacted by Congress, General Assembly and the President. For federal laws, the bill has to be passed through the U. S Congress and then signed by the President. Fore state laws, the bill has to be passed through the General Assembly and then signed by the State’s Governor. The U. S Congress can veto the President’s decision if the majority of Congress agrees. The same thing goes to the General Assembly. If the General Assembly disagrees with the Governor’s decision then the majority of the General Assembly can veto his decisions. For Motor Vehicle Safety, each state has to follow federal laws but they can pass their own laws to prevent motor vehicle injuries. State laws cannot contradict with federal laws. Most motor vehicle accidents occur from impairment driving from alcohol, recklessness and inexperienced. Public health is preventing people from injuries and diseases. With the help of these laws, there will be fewer motor vehicle accidents which will cause fewer injuries and deaths. â€Å"The reduction of the rate of death attributable to motor-vehicle crashes in the United States represents the successful public health response to a great technologic advance of the 20th century† (Centers of Disease Control and Prevention, para. 1). Every standard that is regulated is there to prevent motor vehicle accidents from occurring. â€Å"In 1966, passage of the Highway Safety Act and the National Traffic and Motor Vehicle Safety Act authorized the federal government to set and regulate standards for motor vehicles and highways, a mechanism necessary for effective prevention† (Centers for Disease Control and Prevention, para. 3). Every new vehicle is designed to protect people from serious injuries when involved in an accident. Relating to Public Health Every year, the amount of motor vehicle deaths has decreased. Reductions in motor vehicle injury and death represent a major public health success† (Waller, para. 1). Motor vehicle accidents are still one of the largest causes of deaths in the United States. â€Å"Traffic crashes are identified as the ninth leading cause of death worldwide, and it is estimated that by the year 2020 traffic crashes will be the third largest cause of death and disability in the world† (Waller, para. 3). With setting more safety standards, motor vehicle accidents can decrease if everyone follows these standards. Preventing injuries from motor vehicle accidents will save many lives. â€Å"The record of motor vehicle injury prevention nevertheless represents a major success in public health in the United States† (Waller, para. 4). The estimation of motor vehicle accidents being the third cause of death and disability by 2020 can change by then if more safety standards and programs are issued. Federal and State Government It can take a lot to prevent motor vehicle accidents but if all standards are regulated then fewer motor vehicle accidents will happen. State and local governments have enacted and enforced laws that affect motor-vehicle and highway safety, driver licensing and testing, vehicle inspections, and traffic regulations† (Centers for Disease Control and Prevention, para. 5). The federal and state government should continue to play a role in preventing motor vehicle accidents. If the federal and state government does not play a role in motor vehicle safety then there will be more injuries from accidents. The only reason why there has been a reduction in motor vehicle accidents is because of the standards regulated by federal and state governments.

Honeypot and Honeynet - Free Essay Example

Sample details Pages: 31 Words: 9337 Downloads: 4 Date added: 2017/06/26 Category Information Systems Essay Type Narrative essay Topics: Network Essay Did you like this example? Chapter 1 Introduction Honeynet is a kind of a network security tool, most of the network security tools we have are passive in nature for example Firewalls and IDS. They have the dynamic database of available rules and signatures and they operate on these rules. That is why anomaly detection is limited only to the set of available rules. Don’t waste time! Our writers will create an original "Honeypot and Honeynet" essay for you Create order Any activity that is not in alignment with the given rules and signatures goes under the radar undetected. Honeypots by design allows you to take the initiative, and trap those bad guys (hackers). This system has no production value, with no authorized activity. Any interaction with the honeypot is considered malicious in intent. The combination of honeypots is honeynet. Basically honeypots or honeynets do not solve the security problem but provide information and knowledge that help the system administrator to enhance the overall security of his network and systems. This knowledge can act as an Intrusion detection system and used as input for any early warning systems. Over the years researchers have successfully isolated and identified verity of worms exploits using honeypots and honeynets. Honeynets extend the concept of a single honeypot to a highly controlled network of honeypots. A honeynet is a specialized network architecture cond in a way to achieve Data Control, Data Ca pture Data Collection. This architecture builds a controlled network that one can control and monitor all kind of system and network activity. 1.1 Information Security Information Security is the protection of all sensitive information, electronic or otherwise, which is owned by an individual or an organization. It deals with the preservation of the confidentiality, integrity and availability of information. It protects information of organizations from all kinds of threats to ensure business continuity, minimize business damage and maximize the return on investment and business opportunities. Information stored is highly confidential and not for public viewing. Through information security we protect its availability, privacy and integrity. Information is one of most important assets of financial institutions. Fortification of information assets is essential to ascertain and maintain trust between the financial institution and its customers, maintain compliance with the law, and protect the reputation of the institution. Timely and reliable information is compulsory to process transactions and support financial institution and customer decisi ons. A financial institutions earnings and capital can be adversely affected, if information becomes known to unauthorized parties is distorted or is not available when it is needed [15]. 1.2 Network Security It is the protection of networks and its services from any unauthorized access. It includes the confidentiality and integrity of all data passing through the network. It also includes the security of all Network devices and all information assets connected to a network as well as protection against all kind of known and unknown attacks. The ITU-T Security Architecture for Open System Interconnection (OSI) document X.800 and RFC 2828 are the standard documentation defining security services. X.800 divides the security services into 5 categories and 14 specific services which can be summarized as Table 1.1 OSI X.800 Summary[8] â€Å"1. AUTHENTICATION The assurance that the communicating entity is the one that it claims to be. Peer Entity Authentication Used in association with a logical connection to provide confidence in the identity of the entities connected. Data Origin Authentication In a connectionless transfer, provides assurance that the source of received data is as claimed. 2. ACCESS CONTROL The prevention of unauthorized use of a resource (i.e., this service controls who can have access to a resource, under what conditions access can occur, and what those accessing the resource are allowed to do). 3. DATA CONFIDENTIALITY The protection of data from unauthorized disclosure. Connection Confidentiality The protection of all user data on a connection. Connectionless Confidentiality The protection of all user data in a single data block Selective-Field Confidentiality The confidentiality of selected fields within the user data on a connection or in a single data block. Traffic Flow Confidentiality The protection of the information that might be derived from observation of traffic flows. 4. DATA INTEGRITY The assurance that data received are exactly as sent by an authorized entity (i.e., contain no modification, insertion, deletion, or replay). Connection Integrity with Recovery Provides for the integrity of all user data on a connection and detects any modification, insertion, deletion, or replay of any data within an entire data sequence, with recovery attempted. Connection Integrity without Recovery As above, but provides only detection without recovery. Selective-Field Connection Integrity Provides for the integrity of selected fields within the user data of a data block transferred over a connection and takes the form of determination of whether the selected fields have been modified, inserted, deleted, or replayed. Connectionless Integrity Provides for the integrity of a single connectionless data block and may take the form of detection of data modification. Additionally, a limited form of replay detection may be provided. Selective-Field Connection less Integrity Provides for the integrity of selected fields within a single connectionless data block; takes the form of determination of whether the selected fields have been modified. 5. NONREPUDIATION Provides protection against denial by one of the entities involved in a communication of having participated in all or part of the communication. Nonrepudiation, Origin Proof that the message was sent by the specified party. Nonrepudiation, Destination Proof that the message was received by the specified party.† [1] [8], [9], 1.3 The Security Problem System security personnel fighting an unending battle to secure their digital assets against the ever increasing attacks, verity of attacks and their intensity is increasing day by day. Most of the attacks are detected after the exploitations so there should be awareness of the threats and vulnerabilities that exist in the Internet today. First we have to understand that we cannot say that there exists a perfect secure machine or network because the closest we can get to an absolute secure machine is that we unplugged the network cable and power supply and put that machine in to a safe. Unfortunately it is not useful in that state. We cannot achieve perfect security and perfect access at the same time. We can only increase the no of doors but we cannot put wall instead of doors. In field of security we need to find the vulnerably and exploits before they affect us. Honeypot and honeynet provides a valuable tool to collect information about the behavior of attackers in order to d esign and implement better defense. In the field of security it is important to note that we cannot simply state that what is the best type of firewall? Absolute security and absolute access are the two chief points. Absolute security and absolute access are inverse to each other. If we increase the security access will be decrease. There should be balance between absolute security and absolute defense, access is given without compromising the security. If we compare it to our daily lives we observe not much difference. We are continuously making decisions regarding what risks we are ready to take. When we step out of our homes we are taking a risk. As we get into a car and drive to our work place there is a risk associated with it too. There is a possibility that something might happen on the highway which will make us a part of an accident. When we fly and sit on an airplane we are willing to undergo the level of risk which is at par with the heavy amount we are paying for t his convenience. It is observed that many people think differently about what an acceptable risk would be and in majority cases they do go beyond this thinking. For instance if I am sitting upstairs in my room and have to go to work, I wont take a jump straight out of the window. It might be a faster way but the danger of doing so and the injury I would have to face is much greater than the convenience. It is vital for every organization to decide that between the two opposite poles of total security and total access where they need to place themselves. It is necessary for a policy to articulate this system and then further explain the way it will be enforced with which practices and ways. Everything that is done under the name of security must strictly agree to the policy. 1.4 Types of Hacker Hackers are generally divide into two major categories. 1.4.1 Black Hats Black hat hackers are the biggest threat both internal and external to the IT infrastructure of any organization, as they are consistently challenging the security of applications and services. They are also called crackers, These are the persons who specialize in unauthorized infiltration. There could be Varity of reasons for this type of penetration it could be for profit, for enjoyment, or for political motivations or as a part of a social cause. Such infiltration often involves modification / destruction of data. 1.4.2 White Hats White hat hackers are similar to black hat hackers but there is a important difference that is white hat hackers do it without any criminal intention. Different companies all around the world hire/contact these kinds of persons to test their systems and softwares. They check how secure these systems are and point out any fault they found. These hackers, also known as ethical hackers, These are the persons or security experts who are specialize in penetration testing. These types of people are also known as tiger teams. These experts may use different types of methods and techniques to carry out their tests, including social engineering tactics, use of hacking tools, and attempts to bypass security to gain entry into protected areas, but they do this only to find weaknesses in the system[8]. 1.5 Types of Attacks There are many types of attacks that can be categorized under 2 major categories Active Attacks Passive Attacks 1.5.1 Active Attacks Active attacks involve the attacker taking the offensive and directing malicious packets towards its victims in order to gain illegitimate access of the target machine such as by performing exhaustive user password combinations as in brute-force attacks. Or by exploiting remote local vulnerabilities in services and applications that are termed as holes. Other types of attacks include Masquerading attack when attacker pretends to be a different entity. Attacker user fake Identity of some legitimate user. Replay attack In Replay attack, attacker captures data and retransmits it to produce an unauthorized effect. It is a kind of man in middle attack. Modification attack In this type of attack integrity of the message is compromise. Message or file is modified by the attacker to achieve his malicious goals. Denial of service (DOS)attack In DOS attack an attacker attempts to prevent legitimate users from accessing information or services. By targeting your computer and its network connection, or the computers and network of the sites you are trying to use, an attacker may be able to prevent you from accessing email, websites, online accounts (banking, etc.), or other services that rely on the affected computer. TCP ICMP scanning is also a form of active attacks in which the attackers exploit the way protocols are designed to respond. e.g. ping of death, sync attacks etc. In all types of active attacks the attacker creates noise over the network and transmits packets making it possible to detect and trace the attacker. Depending on the skill level, it has been observed that the skill full attackers usually attack their victims from proxy destinations that they have victimized earlier. 1.5.2 Passive Attacks Passive attacks involve the attacker being able to intercept, collect monitor any transmission sent by their victims. Thus, eavesdropping on their victim and in the process being able to listen in to their victims or targets communications. Passive attacks are very specialized types of attacks which are aimed at obtaining information that is being transmitted over secure and insecure channels. Since the attacker does not create any noise or minimal noise on the network so it is very difficult to detect and identify them. Passive attacks can be divided into 2 main types, the release of message content and traffic analysis. Release of message content It involves protecting message content from getting in hands of unauthorized users during transmission. This can be as basic as a message delivered via a telephone conversation, instant messenger chat, email or a file. Traffic analysis It involves techniques used by attackers to retrieve the actual message from encrypted interc epted messages of their victims. Encryption provides a means to mask the contents of a message using mathematical formulas and thus make them unreadable. The original message can only be retrieved by a reverse process called decryption. This cryptographic system is often based on a key or a password as input from the user. With traffic analysis the attacker can passively observe patterns, trends, frequencies and lengths of messages to guess the key or retrieve the original message by various cryptanalysis systems. Chapter 2 Honeypot and Honeynet 2.1 Honeypot Is a system, or part of a system, deliberately made to invite an intruder or system cracker. Honeypots have additional functionality and intrusion detection systems built into them for the collection of valuable information on the intruders. The era of virtualization had its impact on security and honeypots, the community responded, marked by the fine efforts of Niels Provos (founder of honeyd) Thorsten Holz for their masterpiece book â€Å"Virtual Honeypots From Botnet Tracking to Intrusion Detection† in 2007. 2.2 Types of Honeypots Honeypots can be categorized into 2 main types based on Level of interaction Deployment. 2.2.1 Level of interaction Level of interaction determines the amount of functionality a honeypot provides. 2.2.1.1 Low-interaction Honeypot Low-interaction honey pots are limited in the extent of their interaction with the attacker. They are generally emulator of the services and operating systems. 2.2.1.2 High interaction Honeypot High-interaction honeypots are complex solution they involve with the deployment of real operating systems and applications. High interaction honeypots capture extensive amount of information by allowing attacker to interact with the real systems. 2.2.2 Deployment Based on deployment honeypot may be classified as Production Honeypots Research Honeypots 2.2.2.1 Production Honeypots Production honeypots are honeypots that are placed within the production networks for the purpose of detection. They extend the capabilities of the intrusion detection systems. These type of honeypots are developed and cond to integrate with the organizations infrastructure and scope. They are usually implemented as low-interaction honeypots but implementation may vary depending on the available funding and expertise required by the organization. Production honeypots can be placed within the application and authentication server subnets and can identify any attacks directed towards those subnets. Thus they can be used to identify both internal and external threats for an organization. These types of honeypots can also be used to detect malware propagation in the network caused by zero day exploits. Since IDSs detection is based on database signatures they fail to detect exploits that are not defined in their databases. This is where the honeypots out shine the Intrusion detectio n systems. They aid the system network administrators by providing network situational awareness. On basis of these results administrators can take decisions necessary to add or enhance security resources of the organization e.g. firewall, IDS and IPS etc. 2.2.2.1 Research Honeypots Research honeypots are deployed by network security researchers the whitehat hackers. Their primarily goal is to learn the tools, tactics techniques of the blackhat hackers by which they exploit computers network systems. These honeypots are deployed with the idea of allowing the attacker complete freedom and in the process learn his tactics from his movement within the system. Research honeypots help security researchers to isolate attacker tools they use to exploit systems. They are then carefully studied within a sand box environment to identify zero day exploits. Worms, Trojans and viruses propagating in the network can also be isolated and studied. The researchers then document their findings and share with system programmers, network and system administrators various system and anti-virus vendors. They provide the raw material for the rule engines of IDS, IPS and firewall system. Research Honeypots act as early warning systems. They are designed to detect and log maxim um information from attackers yet being stealthy enough not to let attackers identify them. The identity of the honeypot is crucial and we can conclude that the learning curve (from the attacker) is directly proportional to the stealthiest of thehoneypot .These types of honeypots are usually deployed at universities and by the RD departments of various organizations. These types of honeypots are usually deployed as High-Interaction honeypots. 2.3 Honeynet The concept of the honeypot is sometimes extended to a network of honeypots, known as a honeynet. In honeynet we grouped different types of honeypots with different operatrating systems which increases the probability of trapping an attacker. At the same time, a setting in which the attacker explores the honeynet through network connections between the various host systems provides additional prospects for monitoring the attack and revealing information about the intruder. The honeynet operator can also use the honeynet for training purposes, gaining valuable experience with attack strategies and digital forensics without endangering production systems. The Honeynet project is a non-profit research organization that provides tools for building and managing honeynets. The tools of the Honeynet project are designed for the latest generation of high interaction honeynets that require two separate networks. The honeypots reside on the first network, and the second network holds the tools for managing the honeynet. Between these tools (and facing the Internet) is a device known as the honeywall. The honeywall, which is actually a kind of gateway device, captures controls, and analyzes all inbound and outbound traffic to the honeypots[4]. It is a high-interaction honeypot designed to capture wide-range of information on threats. High-interaction means that a honeynet provides real systems, applications, and services for attackers to interact with, as opposed to low-interaction honeypots which provide emulated services and operating systems. It is through this extensive interaction we gain information on threats, both external and internal to an organization. What makes a honeynet different from most honeypots is that it is a network of real computers for attackers to interact with. These victim systems (honeypots within the honeynet) can be any type of system, service, or information you want to provide [14]. 2.4 Honeynet Data Management Data management consist of three process Data control, data capture and data collection. 2.4.1 Data Control Data control is the containment of activity within the honeynet. It determines the means through which the attackers activity can be restricted in a way to avoid damaging/abusing other systems/resources through the honeynet. This demands a great deal of planning as we require to give the attacker freedom in order to learn from his moves and at the same time not let our resources (honeypot+bandwidth) to be used to attack, damage and abuse other hosts on the same or different subnets. Careful measures are taken by the administrators of the honeynet to study and formulate a policy on attackers freedom versus containment and implement this in a way to achieve maximum data control and yet not be discovered or identified by the attacker as a honeypot. Security is a process and is implemented in layers, various mechanisms to achieve data control are available such as firewall, counting outbound connections, intrusion detection systems,intrusion prevention systems and bandwidth restriction etc. Depending on our requirements and risk thresholds defined we can implement data control mechanisms accordingly [4]. 2.4.2 Data Capture Data Capture involves the capturing, monitoring and logging of allthreats and attacker activities within the honeynet. Analysis of this captured data provides an insight on the tools, tactics, techniques and motives of the attackers. The concept is to achieve maximum logging capability at all nodes and hence log any kind of attackers interaction without the attacker knowing it. This type of stealthy logging is achieved by setting up tools and mechanisms on the honeypots to log all system activity and have network logging capability at the honeywall. Every bit of information is crucial in studying the attacker whether its a TCP port scan, remote and local exploit attempt, brute force attack, attack tool download by the haacker, various local commands run, any type of communication carried out over encrypted and unencrypted channels (mostly IRC) and any outbound connection attempt made by the attacker [25]. All of this should be logged successfully and sent over to a remote location to avoid any loss of data due to risk of system damage caused by attackers, such as data wipe out on disk etc. In order to avoid detection of this kind of activity from the attacker, data masking techniques such as encryption should be used. 2.4.3 Data Collection Once data is captured, it is securely sent to a centralized data collection point. Data is used for analysis and archiving which is collected from different honeynet sensors. Implementations may vary depending on the requirements of the organization, however latest implementations incorporate data collection at the honeywall gateway [19]. 2.5 Honeynet Architectures There are three honeynet architectures namely Generation I, Generation II and Generation III 2.5.1 Generation I Architecture Gen I Honeynet was developed in 1999 by the Honeynet Project. Its purpose was to capture attackers activity and give them the feeling of a real network. The architecture is simple with a firewall aided by IDS at front and honeypots placed behind it. This makes it detectable by attacker [7]. 2.5.2 Generation II III Architecture Gen II honeynets were first introduced in 2001 and Gen III honeynets was released in the end of 2004. Gen II honeynets were made in order to address the issues of Gen I honeynets. Gen II and Gen III honeynets have the same architecture. The only difference being improvements in deployment and management, in Gen III honeynets along with the addition of Sebek server built in the honeywall. Sebek is a stealthy capture tool installed on honeypots that capture and log all requests sent to the system read and write system call. This is very helpful in providing an insight on the attacker [7]. A radical change in architecture was brought about by the introduction of a single device that handles the data control and data capture mechanisms of the honeynet called the IDS Gateway or marketing-wise, the Honeywall. By making the architecture more â€Å"stealthy†, attackers are kept longer and thus more data is captured. There was also a major thrust in improving honeypot layer of dat a capture with the introduction of a new UNIX and Windows based data. 2.6 Virtual Honeynet Virtualization is a technology that allows running multiple virtual machines on a single physical machine. Each virtual machine can be an independent Operating system installation. This is achieved by sharing the physical machines resources such as CPU, Memory, Storage and peripherals through specialized software across multiple environments. Thus multiple virtual Operating systems can run concurrently on a single physical machine [4]. A virtual machine is specialized software that can run its own operating systems and applications as if it were a physical computer. It has its own CPU, RAM storage and peripherals managed by software that dynamically shares it with the physical hardware resources. Virtulization A virtual Honeynet is a solution that facilitates one to run a honeynet on a single computer. We use the term virtual because all the different operating systems placed in the honeynet have the appearance to be running on their own, independent computer. Network to a machine on the Honeynet may indicate a compromised enterprise system. CHAPTER 3 Design and Implementation Computer networks, connected to the Internet are vulnerable to a variety of exploits that can compromise their intended operations. Systems can be subject to Denial of Service Attacks, i-e preventing other computers to gain access for the desired service (e.g. web server) or prevent them from connecting to other computers on the Internet. They can also be subject to attacks that cause them to cease operations either temporarily or permanently. A hacker may be able to compromise a system and gain root access as if he is the system administrator. The number of exploits targeted against various platforms, operating systems, and applications increasing regularly. Most of vulnerabilities and attack methods are detected after the exploitations and cause big loses. Following are the main components of physical deployment of honeynet. First is the design of the Deployed Architecture. Then we installed SUN Virtual box as the Virtualization software. In this we virtually installed three O perating System two of them will work as honey pots and one Honeywall Roo 1.4 as Honeynet transparent Gateway. Snort and sebek are the part of honeywall roo operating system. Snort as IDS and Snort-Inline as IPS. Sebek as the Data Capture tool on the honeypot. The entire OS and honeywall functionality is installed on the system it formats all the previous data from the hard disk. The only purpose now of the CDROM is to install this functionality to the local hard drive. LiveCD could not be modified, so after installing it on the hard drive we can modify it according to our requirement. This approach help us to maintain the honeywall, allowing honeynet to use automated tools such asyumto keep packages current [31]. In the following table there is a summry of products with features installed in honeynet and hardware requirements. Current versions of the installed products are also mention in the table. Table 3.1 Project Summary Project Summary Feature Product Specifications Host Operating System Windows Server 2003 R2 HW Vendor HP Compaq DC 7700 ProcessorIntel(R) Pentium ® D CPU 3GHz RAM 2GB Storage 120GB NIC 1GB Ethernet controller (public IP ) Guest Operating System 1 Linux, Honeywall Roo 1.4 Single Processor Virtual Machine ( HONEYWALL ) RAM 512 MB Storage 10 GB NIC 1 100Mbps Bridged interface NIC 2 100Mbps host-only interface NIC 3 100Mbps Bridged interface (public IP ) Guest Operating System 2 Linux, Ubuntu 8.04 LTS (Hardy Heron) Single Processor Virtual Machine ( HONEYPOT ) RAM 256 MB Storage 10 GB NIC 100Mbps host-only vmnet (public IP ) Guest Operating System 3 Windows Server 2003 Single Processor Virtual Machine ( HONEYPOT ) RAM 256 MB Storage 10 GB NIC 100Mbps host-only vmnet (public IP ) Virtualization software SUN Virtual Box Version 3 Architecture Gen III Gen III implement ed as a virtual honeynet Honeywall Roo Roo 1.4 IDS Snort Snort 2.6.x IPS Snort_inline Snort_inline 2.6.1.5 Data Capture Tool (on honeypots) Sebek Sebek 3.2.0 Honeynet Project Online Tenure November 12, 2009 TO December 12, 2009 3.1 Deployed Architecture and Design 3.2 Windows Server 2003 as Host OS Usability and performance of virtualization softwares are very good on windows server 2003. Windows Server 2003is aserveroperating system produced byMicrosoft. it is considered by Microsoft to be the cornerstone of itsWindows Server Systemline of business server products. Windows Server 2003 is more scalable and delivers better performance than its predecessor,Windows 2000. 3.3 Ubuntu as Honeypot Determined to use free and open source software for this project, Linux was the natural choice to fill as the Host Operating System for our projects server. Ubuntu 8.04 was used as a linux based honeypot for our implementation. The concept was to setup an up-to-date Ubuntu server, cond with commonly used services such as SSH, FTP, Apache, MySQL and PHP and study attacks directed towards them on the internet. Ubuntu being the most widely used Linux desktop can prove to be a good platform to study zero day exploits. It also becomes a candidate for malware collection and a source to learn hacker tools being used on the internet. Ubuntu was successfully deployed as a virtual machine and setup in our honeynet with a host-only virtual Ethernet connection. The honeypot was made sweeter i.e. an interesting target for the attacker by setting up all services with default settings, for example SSH allowed password based connectivity from any IP on default port 22, users created were given pri vileges to install and run applications, Apache index.html page was made remotely accessible with default errors and banners, MySQL default port 1434 was accessible and outbound connections were allowed but limited [3]. Ubuntu is a computeroperating systembased on theDebianGNU/Linux distribution. It is named after theSouthern Africanethical ideology Ubuntu (humanity towards others)[5]and is distributed asfree and open source software. Ubuntu provides an up-to-date, stable operating system for the average user, with a strong focus onusabilityand ease of installation. Ubuntu focuses onusability andsecurity. The Ubiquity installer allows Ubuntu to be installed to the hard disk from within the Live CD environment, without the need for restarting the computer prior to installation. Ubuntu also emphasizesaccessibilityandinternationalization to reach as many people as possible [33]. Ubuntu comes installed with a wide range of software that includes OpenOffice, Firefox,Empathy (Pidgin in versions before 9.10), Transmission, GIMP, and several lightweight games (such as Sudoku and chess). Ubuntu allows networking ports to be closed using its firewall, with customized port selection available. End-users can install Gufw and keep it enabled. GNOME (the current default desktop) offers support for more than 46 languages. Ubuntu can also run many programs designed for Microsoft Windows (such as Microsoft Office), through Wine or using a Virtual Machine (such as VMware Workstation or VirtualBox). The use of Ubuntu as a honey pot here would be effective to trick the hacker into believing for the presence of enterprise level server. 3.4 Windows Server 2003 as Honeypot Windows Server 2003 is aserveroperating system produced byMicrosoft. it is considered by Microsoft to be the cornerstone of itsWindows Server Systemline of business server products. Windows Server 2003 is more scalable and delivers better performance than its predecessor,Windows 2000. We can run different type of sevices. FTP and SMTP services are running on this server. 3.5 Sun Virtual Box as Virtualization Software Virtualization software has greatly helped reduce expenses and total cost of ownership (TCO) for organizations on their IT infrastructure. This is achieved by setting up an entire farm of enterprise servers as virtual machines on a single physical machine. Organizations are now developing their own virtualization software and solutions, many of which are free and open source. A few notable names that we considered for deployment include VMware, User-Mode Linux, SUN Virtual Box, Xen, Qemu, Lugest and Linux-Vserver. We selected SUN Virtual Box because light use very less system resources as compare to others. 3.5.1 Installation Procedure SUN Virtual box supports various versions of windows as a host operating system. In addition, Windows Installer 1.1 or higher must be present on your system. This should be the case if you have all recent Windows updates installed. Performing the installation â€Å"The VirtualBox installation can be started either by double-clicking on its executable file (contains both 32- and 64-bit architectures) or by entering VirtualBox.exe -extract on the command line. This will extract both installers into a temporary directory in which youll then find the usual .MSI files. Then you can do a msiexec /i VirtualBox-version-MultiArch_x86|amd64.msi to perform the installation. In either case, this will display the installation welcome dialog and allow you to choose where to install VirtualBox to and which components to install. In addition to the VirtualBox application, the following components are available. Depending on your Windows configuration, you may see warnings about unsigned dri vers or similar. Please select Continue on these warnings as otherwise VirtualBox might not function correctly after installation. The installer will create a VirtualBox group in the programs startup folder which allows you to launch the application and access its documentation. With standard settings, VirtualBox will be installed for all users on the local system. In case this is not wanted, you have to invoke the installer by first extracting it by using VirtualBox.exe -extract and then do as follows VirtualBox.exe -msiparams ALLUSERS=2 or msiexec /i VirtualBox-version-MultiArch_x86|amd64.msi ALLUSERS=2 on the extracted .MSI files. This will install VirtualBox only for the current user.†[15] 3.6 Honeywall Roo Honeywall CDROMis a bootable CDROM it consist of all the tools and functionality required to create maintain and effetely analyze the third generation honeynet. The honeynet project has developed 2 version of the Honeywall CDROM. Honeywall Eyore and Honeywall Roo Released in May, 2005 based on Gen III architecture. (current version 1.4) Honeywall serves as a transparent gateway for the honeynet. It is this gateway that has to perform data capture, data control, data collection and data analysis functions in order to ensure successful operations of a honeynet. Being a transparent gateway, this node is completely undetectable by the attacker when they are interacting with the honeypots. The purpose of the Honeywall CDROM is to automate the installation and maintenance of a honeynet and provide data analysis support for all activity within the honeynet. Deploying Honeynets was a tough task as it involved advance configuration and integration of security tools. There was no stand ard honeynet development till 1999. Many small groups had their own implementation of Honeynets. The Honeynet Project has done remarkably well by developing a complete Honeywall distribution on a CDROM to deploy as an Operating system on disk and thus made Honeynets easy to deploy and manage. Honeywall was initially based on Fedora for quite some time as its base Operating System, but due to frequent updates going on in fedora it is now based on CentOS. This gives freedom to install operating system specific applications using standard package managers like RPM [31]. Honeywall has evolved over the years. Previous version, Eyore had limited features and control. Roo, the advanced version has vastly improved hardware support, administration capabilities, and data analysis functionality. Thus the system is now moving towards giving the administrator more flexibility and control over the operating system. Honeywall Roo comprises of many well known security tools incorporated into it [31]. Table: 3.1 Security Tools of Honeywall Security Tool Discription Snort Sniffer, IDS Hflow2 Data coalescing tool for honeynet data analysis. Snort_inline Sniffer, IPS P0f A Passive OS fingerprinting tool. P0f Tcpdump View Packet headers. Sebek Data capture tool. 3.6.1 Installation First we need to Start the Virtual box and boot it with Honeywall CDROM. Honeynet Project splash screen with Boot loader should appear. At this point the system will wait to let you interact with the installation process. If you press the Enter button, the system will begin the installation process after formatting the existing hard drive. After this installation is a fully automated process, and no need to interact with the installation from this point on. The installation process of Honeywall is very much like a standard Linux kick-start install. Involving following steps. Boot from Honeywall Roo CDROM For our implementation we booted our virtual machine off the Honeywall Roo 1.4 ISO. Choose install (press Enter) from boot menu to wipe out all free space on disk and install the OS on this space. The installation is a fully automated process and does not require any further user interaction. Once the installation process is complete it will eject the CDROM and boot into the new ly installed system [12]. After the system boots,your installation is completeand will be presented with a command line login prompt.Your hard drive now has a minimized and hardened linux operating system with Honeywall functionality. Now you can login and begin the configuration process.In honeywall there is two default system accounts,rooandroot. Both share the same default passwordhoney, which you will want to change right away. You cannot login asroot, so you will have to login asroothensu-. Honeywall Roo creates two default system user accounts roo (uid 501) and root (uid 0) Both these accounts are created with the default password â€Å"honey†. Root login is not allowed by default so one has to login as roo and then â€Å"su -† to root privileges [12]. Two methods can be used to con the Honeywall first is Dialog Menu interface and other is Honewall.conf configuration file 3.7 Maintaining the Honeywall After Honeywall is installed, key issue is to maintain it properly.The new Honeywall gives you three options for configuring and maintaining your installation. 3.7.1 Dialog Menu It is the classic interface to administering the Honeywall CDROM. The new version is very similar to the older one, except it has new features added. We have already cond our Honeywall using Dialog Menu in pervious steps. It can be loaded by typingmenuon shell. 3.7.2 HWCTL It is a powerful command line utility that allows you to con the system variables used by various programs, and the ability to start/start services. The advantage with this tool is you can simply modify the behavior of the system at the command line via local or SSH access. Following are some examples taken from man file [12]. Show all variables currently set with NAME = VALUE form (use -A if you dont want the spaces) # hwctl -a Just print on standard output the value of HwHOSTNAME # hwctl -n HwHOSTNAME Set all four connection rate limits and restart any services that depend on these variables # hwctl -r HwTCPRATE=20 HwUDPRATE=10 HwICMPRATE=30 HwOTHERRATE=10 Load a complete new set of variables from /etc/honeywall.conf and force a stop before changing values, and a start afterwards # hwctl -R -f /etc/honeywall.conf 3.7.3 Walleye It is the honeywall GUI web based interface. The honeywall runs a webserver that can be remotely connected to over a SSL connection on the management interface. This walleye interface allows the user to con and maintain the system using a simple point and click approach. It has an expanding menu making it easy to access and visualize all the information. It also comes with more in-depth explanations of the different options. It also has different roles, allowing organizations to control who can access what through the walleye interface depending on the role they have been assigned. The primary advantage ofWalleyeis its much easier to use then the other two options [7]. The disadvantage is it cannot be used locally, but requires a 3rd network interface on the honeywall used for remote connections. The web-based GUI currently supports almost all the browsers. Lets launch the browser and point it to management interface IP address,https//managementip/. Login withUser Name rooandPas sword honey. â€Å"This GUI allows the user to con and maintain the system using a simple point and click approach. It has an expanding menu making it easy to access and envisage all the information. The prime advantage ofWalleyeis that its much easier to use then the other two options. The disadvantage is it cannot be used locally, but requires a 3rd network interface on the honeywall used for remote connections. The web-based GUI currently supports either Internet Explorer or Firefox browsers† [31]. Following screen shots shows the Snort Alert on walleye Interface. 3.8 Honeywall Email Alerts Any activity on our honeypots INBOUND or OUTBOUND if detected, an email alert will automatically be generated by server to the administrator. Honeywall also sends an automated detailed report at the end of the day to the system administrator. Cond email ID for walleye email alert is [email  protected]/* */ Honeywall has the builtin SMTP server to send mails. SampleEmail outbound alert Oct 28 043217 wall kernel OUTBOUND UDP IN=br0 OUT=br0 PHYSIN=eth1 PHYSOUT=eth0 SRC=192.168.142.155 DST=224.0.0.251 LEN=204 TOS=0x00 PREC=0x00 TTL=255 ID=0 DF PROTO=UDP SPT=5353 DPT=5353 LEN=184 3.9 Snort as IDS and Snort-Inline as IPS Snort is integrated with honeywall and runs in inline mode to provide realtime Intrusion detection with the current updated database of signatures available on snorts website. Snortis afreeandopen sourcenetwork intrusion prevention system(NIPS) andnetwork intrusion detection system (NIDS)capable of performingpacketlogging and real-timetraffic analysisonIPnetworks. It is the most widely used IDS/IDP technology worldwide. Combining the benefits of signature, protocol and anomaly based inspection. Snort performs protocol analysis, content searching/matching, and is commonly used to actively block or passively detect a variety of attacks and probes, such asbuffer overflows, stealthport scans, web application attacks,SMBprobes, andOS fingerprintingattempts, amongst other features. The software is mostly used forintrusion preventionpurposes, by dropping attacks as they are taking place. Snort can be combined with other free software such assguil,OSSIM, and the Basic Analysis and Se curity Engine (BASE) to provide a visual representation of intrusion data [10]. Snort is integrated with honeywall and runs in inline mode to provide realtime Intrusion Detection with the current updated database of signatures available on snorts website.Snort may be used in a variety of ways, including as a packet sniffer, packet logger, or an intrusion detection system (IDS). With the ability to use rulesets to monitor IP packets, Snort is an excellent choice for administrators responsible for security on small- to medium-sized networks. 3.9.2 Experiences with Snort A random attacker on the internet scans the entire class C of 10.10.10.* and our servers are hosted on the same IP range. What will happen when our honeywall detects such attempts? It will send an email alert to the administrator and it will log all data and protocols and ports information including source and destination ip. Following is the screen shoots, a preview of how the logs will look like if viewed from the walleye web interface. SNORT alerts in CLI of Honeywall, we can manage snort alerts from the walleye GUI interface and also from the command line interface of honeywall. 3.10 Sebek as data capture tool Sebek is the most advanced and complex honeynet data capture tool. It is an open-source tool whose purpose is to capture from a honeypot as much information as possible of the attackers activities by intercepting specific system calls (syscalls) at the kernel level. Sebek is based on a client-server architecture. The client is installed on the honeypots and the server is typically deployed on the Honeywall, that is, the honeynet gateway all the traffic entering and leaving the honeynet passes through. The Sebek client component uses techniques similar to those used by kernel-based rootkits. Sebek is implemented in the form of a Linux Kernel Module (LKM) on Linux, as an OS kernel driver on Windows, and as a kernel patch on the various *BSD operating systems. The server module contains user-level tools that allow to gather and display the information captured and exported by the Sebek clients. [18] 3.10.1 Sebeks new capabilities Sniffing network traffic has long been the traditional way of inspecting the actions performed by an attacker remotely accessing a compromised resource. However, this is not possible if the attacker is protecting his communication channel through encryption and the key used is unknown. The first Sebek version intercepted all read kernel syscalls with a length of one byte, which is what allows one to get the keystrokes typed by the honeypot intruder before they are encrypted, including the commands executed or the passwords used. This initial Sebek data capture functionality was later improved in version 2 to capture all read data. This second version also allows to recover entire files copied with SCP or complete IRC and mail messages. Sebek version 3 extends this functionality by intercepting a new set of system calls. Additionally, it retrieves the parent process id (PPID) and the inode associated with any file-related event. These two fields will be added for each Sebek re cord. Apart from intercepting the standard read syscall, the new version hijacks additional read syscalls, the socket syscall, the open syscall, and the fork and clone syscalls. The following descriptions use the Linux version as a reference. The same ideas also apply to the Windows version [26]. 3.10.2 Sebek Architecture The client collects the data from the Honeypot and exports it to the network. The server collects from one of two sources live packet capture from the network or packet capture archive stored as a tcpdumpn formatted file. The client resides entirely in the Honeypot kernel space and records all user data accessed via a system read() call. 3.10.3 Client Module Hiding As Sebek works entirely in kernel space due to this functionality most of the rootkit techniques does not apply. Hiding the existence of the module is a direct benefit. A second module, the cleaner, is also installed it manipulates the linked list of installed module to remove Sebek. This is not completely robust, Users can no longer see that Sebek is installed and users are unable to rmmod the Sebek module [26]. 3.11 Making Honeynet Undetectable for hackers The possibility of an attacker being able to detect a honeynet or honeypot is directly related to its its configuration that, how the honeynet administrator cond it. Since honeynet transparency, the inability for an attacker to detect it, is one of the important goal of a honeynet. 3.11.1 Virtulization Honeynet is deployed as a high interaction honeynet its very difficult to detect its honeypot because it has complete Operating system for hacker to interact with and all the services are running and all the ports are open and closed according to our requirements similar to production system. Some hackers can detect that this Operating system is running on virtualization software , but this is no prove that it is honeypot or honeynet because now a days most of the organizations are using virtualization in their production environment. Virtualization has greatly helped reduce expenses and total cost for organizations on their IT infrastructure. This is achieved by setting up an entire farm of enterprise servers as virtual machines on a single physical machine. Organizations are now developing their own virtualization software and solutions, many of which are free and open source. 3.11.2 IP Address Scheming IP address scheme used is identical to production environment. That is it used the same IP pool on which most of the production system are running. So hacker cannot detect that which system is honeypot and which is not because It has used the public IP pool of production servers and most of the legitimate services are running on these IP pools. From hands on research with honeynets most of the honeynet detection are probabilistic in nature, hacker sometime can predict that It could be honeynet but they cannot prove it. All the online existing data and technical means to detect honeynet will not work on current configuration and its very difficult to detect. Amount of attacks coming on deployed honeynet shows that this honeynet architecture is undetectable for most of the hackers. Chapter 4 Results and Statistics 4.1 Attack Statistics Port Scanningis one the most widely used reconnaissance techniques used by attackers to find out the services running on the system. All types of machines connected to internet and LAN runs many services that listen to different types of ports. Attacker sends a message on different ports, one at a time and gets the response. From this response attacker find outs whether the port is open and then probe further for weakness. Post Scan is kind of ringing the door bell to check whether someones is at home or not. It is not consider a crime but we should not ignore it. We should investigate the person why he is ringing the bell without any reason. Attacks came from verity of IPs from different countries all around the world. Most to the attackers use brute force to gain the access. It is observed that defense mechanism is getting better, different sophisticated tools and techniques are applied by organizations to protect their assets but attackers are also getting smarter in beating the defense mechanism and diversifying their range of threat options. Attackers often attempt to clean their tracks by launching attacks from different locations and from more than one servers and those servers could be located anywhere in the world. This means that attacker is not located in the country from where attack seems to be launched. We have analyzed attacks targeting to honeynet over a period of 30 days (September 12th to October 12th) and documented them as Attacked/Probed ports and services. Attacker IPs. Attackers Country of Origin. 4.2 Attacked Ports and Services We have taken the sample of attacked ports and services. It has been observed that out of total of 19562 probed ports and services, 13504 were targeted at SSH. This indicates the attackers focus on brute force means of gaining access to the server. This is followed by high activity on IRC ports indicating botnet activity. Table 4.1 Probed Ports their frequency Port Discription Frequency Port Discription Frequency 8 Unassigned 50 3259 epncdp2 3 22 SSH 1793 3283 net-assistant 13 43 WHOIS 67 3411 biolink-auth 2 53 DNS 141 5353 mdns 1 69 TFTP 3 6667 IRC 77 80 HTTP 58 14354 RootKit comm 15 135 epmap 36 20268 RootKit comm 3 137 netbios-ns 18 31337 RootKit comm 1 138 netbios-dgm 3 34611 RootKit comm 2 443 https 17 38111 RootKit comm 6 445 microsoft-ds 70 43495 RootKit comm 1 1101 sebek 103 53100 RootKit comm 1 1412 innosys 6 56594 RootKit comm 8 1700 mps-raft 7 56981 RootKit comm 1 2457 rapido-ip 3 60372 RootKit comm 1 Chart 4.1 Pie chart of Probed Ports Public IP addresses are controlled by worldwide registrars, and are unique globally. Port numbers are not so controlled, but over the decades certain ports have become standard for certain services. The port numbers are unique only within a computer system. Port numbers are 16-bit unsigned numbers. The port numbers are divided into three ranges: Well Known Ports (0 1023) Registered Ports (1024 49151) Dynamic and/or Private Ports (49152 65535) Well-Known Ports Ports numbered 0 to 1023 are considered well known (also called standard ports) and are assigned to services by the IANA (Internet Assigned Numbers Authority)[17]. Here are a few samples: echo 7/tcp Echo ftp-data 20/udp File Transfer [Default Data] ftp 21/tcp File Transfer [Control] ssh 22/tcp SSH Remote Login Protocol telnet 23/tcp Telnet domain 53/udp Domain Name Server www-http 80/tcp World Wide Web HTTP Almost 70 percent of the attacks launched at port 22 SSH port and after that port 53 DNS port. In below mentioned chart port 22 SSH port is excluded. Chart 4.2 Pie chart of Probed Ports (Exluding port 22) 4.3 Attacker IPs During its 30 day tenure the honeypot received 22711 attacks from 421 unique IPs. A great amount of these attacks originated from Europe and China. Table 4.2 Attack IPs their origin IP Frequency Country IP Frequency Country 218.30.22.82 3011 CN 80.31.189.175 45 ES 122.225.100.154 1378 CN 69.191.193.47 342 US 60.190.49.243 986 CN 58.218.182.18 518 CN 219.149.53.239 566 CN 125.244.77.67 981 KR 116.71.215.104 1231 PK 82.99.173.51 432 CZ 119.153.3.25 451 PK 140.130.99 45 TW 212.252.124.15 381 CN 125.244.77.34 23 KR 218.75.95.244 768 CN 194.1.9.21 12 SK 218.23.37.51 23 CN 78.111.82.127 9 RU 122.225.100.154 221 CN 218.75.172.38 544 CN 219.149.53.239 12 CN 61.178.91.48 970 CN 195.234.184.111 76 BE 210.188.201.198 322 JP 122.160.23.228 781 IN 2 01.238.235.25 7 CL 59.103.3.169 389 PK 87.62.49.128 37 DK 203.99.163.156 12 PK 204.11.236.213 21 US 189.104.241.232 76 BR 122.160.207.28 91 IN 203.99.163.153 211 PK 207.182.34.45 561 US 151.21.107.21 34 IT 69.73.208.59 32 GD 78.13.99.15 3 IT 218.23.107.51 12 CN 84.221.56.205 691 IT 125.244.147.67 9 KR 208.69.36.11 2217 US 207.10.34.112 376 US In above mentioned PIE graph we selected 20 IPs from different countries with their attack frequencies. China has one of highest total for malicious activities, it could be due to the fact that the china has the most broadband users in the world. More you spent time online the longer your system exposed and more chances that your system will get attacked or compromised. In above mentioned PIE graph we selected 20 IP from different countries with their attack frequencies. 4.4 Attackers Country of Origin 545 unique attacker IP addresses were identified originating from 61 countries across the globe. Out of these 61 countries the highest number of attacks came from China and Europe followed by the US. This proportion also stands for the highest attack frequencies. Table 4.3 Top 20 Attack Frequency vs Country Country Frequency BE 76 BR 76 CL 7 CN 9390 CZ 432 DK 37 ES 45 GD 32 IN 872 IT 728 JP 322 KR 1013 PK 2294 RU 9 SK 12 TW 45 US 3517 Grand Total 18907 4.4.1 No of Attackers IP per Country Table 4.4 Number of attack IPs vs Country Country # of IP CN 68 PK 14 BE 1 BR 1 IT 2 US 43 ES 2 KR 35 CZ 1 TW 21 SK 1 RU 4 JP 13 CL 1 DK 9 IN 23 GD 1 ZA 1 VN 1 AU 2 RO 5 AW 1 NL 3 TR 1 PL 5 Chapter 5 Conclusion 5.1 Overview Success of a honeynet lies in the number of users (attackers) try to access it, honeynets dont have any production value so any interaction with honeypots is suspicious. Information gathered through honeynet will raise the awareness of different types of treats present on internet. Now a days many organization dont realize that they are targeted and who is attacking them and why. Honeynet help us to understand the attacks and basic measures we can take to prevent these threats. It also help us to improve our defense mechanism and secure ways to defend our resources. Through honeynet we can able to know the 0 days attacks, without effecting our production systems. Focus should be done on the attacks initiating from your own enterprise network. These types attacks can do more damage to your own network. Enterprise administrator should take immediate notice of these types of attacks as these attacks indicate machines that have already been compromised within the network. 5.2 Achievements The deployed honeynet has provided the extensive information on different types of attacks, it also helped us to detect the internal (LAN) compromised systems which tying to communicate with honeypot through different types of rootkits. It has been observed that within the period of 30 days out of total of 19562 probed ports and services, 13504 were targeted at SSH. This shows the attackers focus on brute force for gaining access to the server. It also help us to know most common ports used for attacks and through this information we can enforce different types of policies on external firewalls and also block the open unused ports on different servers. It is concluded that most of the attacks are coming from China but more successful attacks are coming from Europe. 5.3 Future Work Keeping in view the existing features of detection mechanism, its working may be enhanced and it can be made more effective in the future by enhancing its capability by increasing the no of honeypots with the functionality of different type of services like DNS, Webhosting and FTP servers etc. Detailed Forensic analysis of attacks can help us to understand working of botnets and identification of different new 0 day attacks. Centralized data sharing, could be a website www.mschoneynetproject.com.pk, where all the information gathered through honeynet is shared with MCS security related students. So they can get realtime information of different latest attacks and understand the attack methodology. References [1] Spitzner.L (2002). Honeypots Tracking Hackers. US Addison Wesley. 1-430. [2] Stoll, C. The Cuckoos Egg Tracking a Spy Through the Maze of Computer Espionage. Pocket Books,New York, 1990 [3] Automated deployments of Ubuntu By Nick Barcet September 2008  © Copyright Canonical 2008 [4] The Honeynet Project http//project.honeynet.org [5] CERT Advisory CA-2001-31 Buffer Overflow in CDE Subprocess Control Service http//www.cert.org/advisories/CA-2001-31.html [6] Provos, N and Holz, T (July 26, 2007). Virtual Honeypots From Botnet Tracking to Intrusion Detection. US Addison-Wesley Professional. [7] Talabis, R. (2005). The Gen II Gen III Honeynet Architecture. Available http//www.philippinehoneynet.org/index2.php? Last accessed June, 2008. [8] William Stallings, â€Å"Cryptography and Network Security Principles and Practices†, Third Edition, Prentice Hall, 2003. [9] Security architecture for open systems interconnection for CCITT applications, ITU-T, Study Group VII Data Communications Networks, 1991 [10] Snort user manual 2.8.3 , www.snort.org [11] Know Your Enemy Sebek, A kernel based data capture tool,The Honeynet Project, http//www.honeynet.org, Last Modified 17 November 2003 [12] Shuja, F. (October, 2006). Virtual Honeynet Deploying Honeywall using VMware Available http//www.honeynet.pk/honeywall/index.htm. Last accessed June, 2008. [13] Robert McGrew, Rayford B. Vaughn, JR. Experiences With Honeypot Systems Development,Deployment, and Analysis. Proceedings of the 39th Hawaii International Conference on System Sciences 2006. [14] Levine.J, LaBella.R, Owen.H, Contis.D, Culver.B. (2003). The Use of Honeynets to Detect Exploited Systems. Proceedings of the 2003 IEEE [15] http//www.securityfocus.com/print/infocus/1855 [16] http//wiki.virtualbox.org/page/User_Guide/Installation/Windows [17] https://www.auditmypc.com/freescan/readingroom/port_scanning.asp [18] Know Your Enemy Sebek A kernel based data capture tool. Honeynet Project (The). 21 April 2004 www.honeynet.org/papers/sebek.pdf [19] Know Your Enemy: Honeynets What a honeynet is, its value, overview of how it works, and risk/issues involved. honeynet Project https://www.honeynet.org Last Modified: 31 May, 2006 [20] Honeynet Learning Discovering IT Security- MARK RYAN DEL MORAL TALABIS Phillipine Honeynet Project Manila, Phillipines [email  protected]/* */ [21] Development and Implementation of the Honeynet on a University Owned Subnet Erin L. Johnson, John M. Koenig, Dr. Paul Wagner (Faculty Mentor) [22] A Virtual Honeypot Framework Niels Provos_ Google, Inc. [email  protected]/* */ [23] Towards a Third Generation Data Capture Architecture for Honeynets Edward Balas and Camilo Viecco Advanced Network Management Lab Indiana University [24] Evaluation and Demonstration of the Usage of a Virtual Honeynet for Monitoring and Recording Online Attacks Rajiv J. C. Ponweera1, Ravindra Koggalage2, [25] Kn ow Your Enemy: GenII Honeynets Easier to deploy, harder to detect, safer to maintain. Honeynet Project https://www.honeynet.org Last Modified: 12 May,2005 [26] Know Your Enemy Sebek A kernel based data capture tool The Honeynet Project http//www.honeynet.org Last Modified 17 November 2003 [27] http//www.ffiec.gov/ffiecinfobase/booklets/information_security/information_security.pdf [28] Improving Network Security With Honeypots Christian Doring. July, 2005. Thesis. [German Honeyent Project] [29] Sebek 3: tracking the attackers, part one Raul Siles, GSE 2006-01-16 [30] Honeynet Learning Applying problem and case-based approach in IT security education through the use of honeynets. Publication in the ACM InRoads journal in June 2006. [Phillipine Honeynet Project] [31] Know Your Enemy: Honeywall CDROM Roo 3rd Generation Technology Honeynet Project Research Alliance https://www.honeynet.org Last Modified: 17 August,2005