Sense and Sensuality in Indian Religious Literature

A particular poem, Nurse 1126†³ taken from Sanskrit Poetry From Fiduciary's â€Å"Treasury', emphasizes the lustful emotions and romantic experiences that accompany the south winds as well as the significance of a reticular sense object that holds an extremely valuable place in Indian religious culture – sandalwood. The strange inclusion of the sense of smell and the sense object of sandalwood in this poem, which deals nearly exclusively with the sense of touch, raises a variety of questions pertaining to the significance of this inclusion and the relationship between the senses of touch and smell as well as the senses in general.Meanwhile, upon examination of the Kamala sutra the sense of smell and the scents of objects comes into play in a context of Indian literature associated not with esthetics poetry but with a much more technical and instructive guidebook. In this case, the sense of smell is used to convey not simply emotion but allows the reader to make a wide ra nge of inferences about characters, the text, and the values of the time period.Ultimately, despite stemming from the same sense of smell, the usage of this sense can differ widely between different genres of texts and even within a single genre conveying a multitude of emotions, facts that, though seemingly follow a trend, are in fact unique to the text. The aforementioned poem from Sanskrit Poetry From Fiduciary's â€Å"Treasury' expresses romantic and mysterious undertones through metaphors and the establishment of a particular mood or Rasa. This entire poem uses a complex and extended metaphor that draws upon the movement and qualities of the south winds to represent a seemingly mysterious and well-traveled lover.The winds are personified as having associated with and wooed a variety of women from regions such as Andorra, Tamil, Ceylon, and Kraal. This metaphor capitalizes upon the ethereal, fast-moving, gentle, caressing, and aromatic nature of air and the south breeze and app lies it to the poem's apparent description of a ascribable lover. This poem furthermore utilizes two specific moods or Rasa, which are emotional flavors that one tastes or feels upon experiencing the words of the writer. The two Rasa used in the poem are peacefulness and romance.The poem establishes a peaceful mood both by using a repetitive sentence structure which has a seemingly calming effect on the reader as well as by using light and airy words such as â€Å"tousled†, â€Å"kissed†, and â€Å"perfumed† that give the poem a quaint and dainty feel. The poem also gives of a feeling of erotic excitement by the description of the erotic actions of the breeze and its apparent metaphor for a desired lover. The breeze has apparently touched the breasts, hairnets, mouths, and cheeks of women from a variety of regions in India indicating the attractiveness of this lover and the great deal of experience and ability he has with women.The two Rasa, peacefulness and rom antic excitement, appear to complement each other and bring about a unique experience within the reader. Rather than feeling solely lustfulness that would usually be felt in poems that utilize only erotic excitement, the element of peacefulness evokes feelings of love in contrast with lust. Because of the peaceful Rasa, the reader perceives the well-traveled lover not as a womanlier but as a gentleman who truly loves and brings happiness to the women he meets. Upon reading the poem, one inevitably comes to the question of â€Å"why is that last line included in this poem? At first glance, it certainly appears that the line â€Å"gently the south winds blow, perfumed with sandalwood† does not fit with the rest of the poem that emphasizes the breeze's touch upon the breasts, hair, and bodies of women. Furthermore, what exactly is the importance and significance of the particular sense abject sandalwood that its scent was noted in the poem? Ultimately the inclusion of the sense of smell and the specific sense object, sandalwood, in the poem gives additional depth to the two Rasa expressed within the poem. Smell is often used in Indian literature to express erotic desire and passionate lust.For example, the lingering and distinctive scent of a long-gone lover brings about both lustful and mournful emotion as one realizes that he or she has lost their love. Smelling that scent would undoubtedly bring about happy and painful memories of that lost love. The inclusion of sandalwood then similarly affects the peaceful Rasa evoked by the gentle and repetitive nature of this poem. Sandalwood is conventionally used in Indian literature as a valuable scent known for its cooling, relaxing, and calming properties as well as for its relationship to love.Conventional Sanskrit poetry and literature often indicates that sandalwood grows in Southern India and is carried by south breezes northward, bringing love as it travels toward its northern mistress. Thus the aroma of the south breeze plays a pivotal role in both characterizing the advertorial lost-lover and establishing the two central Rasa used within the poem. Though not the central sense used within the poem, that honor obviously goes to touch, by including the sense of smell in the last line of the poem, the writer adds a great deal of depth in the poem that could not have been created solely through a description of touch.One could not have touched the bodies of the women that the south breeze has touched but one could have smelled the scent of the sandalwood that accompanies the breeze and felt the emotions brought about by it. Ultimately he sense of smell drives the poem drives poem forward by promoting the mysterious, lustful, and peaceful mood of the poem and by applying emotions that are associated with the smell of a lover to the metaphorical lover described within the poem. The Kamala Sutra, however, is a type of text that contrasts starkly with the flowing, soothing aesthetics of I ndian poetry.Gone are the descriptions of soft scented winds slowly caressing the bodies of young, beautiful lovers; in their place are descriptions of scented oils belonging to â€Å"women of the harem†, the scent of lust ND erotic desire and act, the proper scent of desirable men and women, and the scent of man's â€Å"worn-out† clothing. In this text, good or desirable scents and the corresponding sense object may correspond to wealth and power as the harem girls are said to have been given gifts of scented oils from kings and men of wealthy descent in return for bodily pleasures and favors.These gifts are described as â€Å"leftovers of a deity' indicating the importance and value placed upon scents due to the powerful emotional attachment and memory stimulation that can be drawn from this sense. Looking at the nature of the text, one can glean other characteristics of this sense – the Kamala Sutra is a guide-like manual on navigating the world of eroticism , sex, and romance. The sense of smell is present on nearly every page during descriptions of the smell of various objects, sexual and nonsexual. Thus, smell is quite clearly related to erotic sexual desire, even in sacred books of instruction.When reading through the Kamala Sutra it is seemingly impossible to come across an account of a sexual encounter without some description of one's scent or the scent of scarred clothing, sexual tension, and erotic desire, and one's breathing; sex and smell practically go hand in hand in this text. Ultimately this text reflects the Indian culture's view on the sense of smell – it has the gentle caress to stir love and romance, it has the sudden spark to kindle hot, erotic, sexual desire, and it has the power to create perceptions of grandeur, wealth, and power.While the two cited texts, poetry from Sanskrit Poetry From Fiduciary's â€Å"Treasury' and the instructive Kamala Sutra, may seem to use the sense of smell in a very similar mann er, their ascriptions and usage of the sense is in fact quite unique. The referenced Indian poem uses the sweet and desirable scent of sandalwood to convey emotions of romance and desire in order to add depth and aestheticism to the poem.Meanwhile, the Kamala Sutra uses the sense not to draw out emotion in the reader, as the text is more of sacred and instructive manual, but to give the reader the ability to infer characteristics of the their own lives or the lives of others, whether it be romance, erotic desire, or wealth and power. The difference lies in the desired outcome in the deader after using the sense of smell as a tool to convey information or emotion. The ability of this sense to convey a multitude of outcomes in readers represents the multifaceted nature of smell.Unlike other senses which are relatively concrete – the sense of touch is constant based on the object one is touching, the sense of sight is constant based on the object one is viewing – the sens e of smell is much more fluid and up to the interpretation of the subject. Because of this unique characteristic of the sense of smell, it allowed writers of Indian literature the ability to use the sense f smell to relate multiple emotions and inferences to the reader, with each being unique to the reader and unique in and of itself.While in contemporary American culture and literature, the sense of smell takes a back seat to the more concrete and reliable senses such as sight and touch, this is not so in Indian culture. Smell is used in all texts – poetry, instructive manuals, sacred texts – liberally due to its unique ability to convey multiple emotions and facts. Based on the two referenced works, smell occupies a sacred place in Indian literature and could seemingly be considered he foundation of love, sexual desire, and wealth and power as seen in the role it plays in this culture's literature.

The Host Chapter 42: Forced

Ian's jaw fell slack. â€Å"You†¦ what?† â€Å"I'll explain in a minute. This isn't fair to you, but†¦ please. Just kiss me.† â€Å"It won't upset you? Melanie won't bother you?† â€Å"Ian!† I complained. â€Å"Please!† Still confused, he put his hands on my waist and pulled my body against his. His face was so worried, I wondered if this would even work. I hardly needed the romance, but maybe he did. He closed his eyes as he leaned toward me, an automatic thing. His lips pressed lightly against mine once, and then he pulled back to look at me with the same worried expression. Nothing. â€Å"No, Ian. Really kiss me. Like†¦ like you're trying to get slapped. Do you understand?† â€Å"No. What's wrong? Tell me first.† I put my arms around his neck. It felt strange; I wasn't at all sure how to do this right. I pushed up on my toes and pulled his head down at the same time until I could reach his lips with mine. This wouldn't have worked with another species. Another mind wouldn't have been so easily overwhelmed by its body. Other species had their priorities in better order. But Ian was human, and his body responded. I shoved my mouth against his, gripping his neck tighter with my arms when his first reaction was to hold me away. Remembering how his mouth had moved with mine before, I tried to mimic that movement now. His lips opened with mine, and I felt an odd thrill of triumph at my success. I caught his lower lip between my teeth and heard a low, wild sound break from his throat in surprise. And then I didn't have to try anymore. One of Ian's hands trapped my face, while the other clamped around the small of my back, holding me so close that it was hard to pull a breath into my constricted chest. I was gasping, but so was he. His breath mingled with mine. I felt the stone wall touch my back, press against it. He used it to bind me even closer. There was no part of me that wasn't fused to part of him. It was just the two of us, so close that we hardly counted as two. Just us. No one else. Alone. Ian felt it when I gave up. He must have been waiting for this-not as entirely ruled by his body as I'd imagined. He eased back as soon as my arms went limp, but kept his face next to mine, the tip of his nose touching the tip of mine. I dropped my arms, and he took a deep breath. Slowly, he loosened both his hands and then placed them lightly on my shoulders. â€Å"Explain,† he said. â€Å"She's not here,† I whispered, still breathing in gasps. â€Å"I can't find her. Not even now.† â€Å"Melanie?† â€Å"I can't hear her! Ian, how can I go back in to Jamie? He'll know that I'm lying! How can I tell him that I've lost his sister now? Ian, he's sick! I can't tell him that! I'll upset him, make it harder for him to get well. I -â€Å" Ian's fingers pressed against my lips. â€Å"Shh, shh. Okay. Let's think about this. When was the last time you heard her?† â€Å"Oh, Ian! It was right after I saw†¦ in the hospital. And she tried to defend them†¦ and I screamed at her†¦ and I-I made her go away! And I haven't heard her since. I can't find her!† â€Å"Shh,† he said again. â€Å"Calmly. Okay. Now, what do you really want? I know you don't want to upset Jamie, but he's going to be fine regardless. So, consider-would it be better, just for you, if -â€Å" â€Å"No! I can't erase Melanie! I can't. That would be wrong! That would make me a monster, too!† â€Å"Okay, okay! Okay. Shh. So we have to find her?† I nodded urgently. He took another deep breath. â€Å"Then you need to†¦ really be overwhelmed, don't you?† â€Å"I don't know what you mean.† I was afraid I did, though. Kissing Ian was one thing-even a pleasant thing, maybe, if I wasn't so racked with worry-but anything more†¦ elaborate†¦ Could I? Mel would be furious if I used her body that way. Was that what I had to do to find her? But what about Ian? It was so grossly unfair to him. â€Å"I'll be right back,† Ian promised. â€Å"Stay here.† He pressed me against the wall for emphasis and then ducked back out into the hallway. It was hard to obey. I wanted to follow him, to see what he was doing and where he was going. We had to talk about this; I had to think it through. But I had no time. Jamie was waiting for me, with questions that I couldn't answer with lies. No, he wasn't waiting for me; he was waiting for Melanie. How could I have done this? What if she was really gone? Mel, Mel, Mel, come back! Melanie, Jamie needs you. Not me-he needs you. He's sick, Mel. Mel, can you hear that? Jamie is sick! I was talking to myself. No one heard. My hands were trembling with fear and stress. I wouldn't be able to wait here much longer. I felt like the anxiety was going to make me swell until I popped. Finally, I heard footsteps. And voices. Ian wasn't alone. Confusion swept through me. â€Å"Just think of it as†¦ an experiment,† Ian was saying. â€Å"Are you crazy?† Jared answered. â€Å"Is this some sick joke?† My stomach dropped through the floor. Overwhelmed. That's what he'd meant. Blood burned in my face, hot as Jamie's fever. What was Ian doing to me? I wanted to run, to hide somewhere better than my last hiding place, somewhere I could never, ever be found, no matter how many flashlights they used. But my legs were shaking, and I couldn't move. Ian and Jared came into view in the room where the tunnels met. Ian's face was expressionless; he had one hand on Jared's shoulder and was guiding him, almost pushing him forward. Jared was staring at Ian with anger and doubt. â€Å"Through here,† Ian encouraged, forcing Jared toward me. I flattened my back against the rock. Jared saw me, saw my mortified expression, and stopped. â€Å"Wanda, what's this about?† I threw Ian one blazing glance of reproach and then tried to meet Jared's eyes. I couldn't do it. I looked at his feet instead. â€Å"I lost Melanie,† I whispered. â€Å"You lost her!† I nodded miserably. His voice was hard and angry. â€Å"How?† â€Å"I'm not sure. I made her be quiet†¦ but she always comes back†¦ always before†¦ I can't hear her now†¦ and Jamie†¦Ã¢â‚¬  â€Å"She's gone?† Muted agony in his voice. â€Å"I don't know. I can't find her.† Deep breath. â€Å"Why does Ian think I have to kiss you?† â€Å"Not kiss me,† I said, my voice so faint I could barely hear it myself. â€Å"Kiss her. Nothing upset her more than when you kissed us†¦ before. Nothing pulled her to the surface like that. Maybe†¦ No. You don't have to. I'll try to find her myself.† I still had my eyes on his feet, so I saw him step toward me. â€Å"You think, if I kiss her†¦?† I couldn't even nod. I tried to swallow. Familiar hands brushed my neck, tracing down either side to my shoulders. My heart thudded loud enough that I wondered if he could hear it. I was so embarrassed, forcing him to touch me this way. What if he thought it was a trick-my idea, not Ian's? I wondered if Ian was still there, watching. How much would this hurt him? One hand continued, as I knew it would, down my arm to my wrist, leaving a trail of fire behind it. The other cupped beneath my jaw, as I knew it must, and pulled my face up. His cheek pressed against mine, the skin burning where we were connected, and he whispered in my ear. â€Å"Melanie. I know you're there. Come back to me.† His cheek slowly slid back, and his chin tilted to the side so that his mouth covered mine. He tried to kiss me softly. I could tell that he tried. But his intentions went up in smoke, just like before. There was fire everywhere, because he was everywhere. His hands traced my skin, burning it. His lips tasted every inch of my face. The rock wall slammed into my back, but there was no pain. I couldn't feel anything besides the burning. My hands knotted in his hair, pulling him to me as if there were any possible way for us to be closer. My legs wrapped around his waist, the wall giving me the leverage I needed. His tongue twisted with mine, and there was no part of my mind that was not invaded by the insane desire that possessed me. He pulled his mouth free and pressed his lips to my ear again. â€Å"Melanie Stryder!† It was so loud in my ear, a growl that was almost a shout. â€Å"You will not leave me. Don't you love me? Prove it! Prove it! Damn it, Mel! Get back here!† His lips attacked mine again. Ahhh, she groaned weakly in my head. I couldn't think to greet her. I was on fire. The fire burned its way to her, back to the tiny corner where she drooped, nearly lifeless. My hands fisted around the fabric of Jared's T-shirt, yanking it up. This was their idea; I didn't tell them what to do. His hands burned on the skin of my back. Jared? she whispered. She tried to orient herself, but the mind we shared was so disoriented. I felt the muscles of his stomach under my palms, my hands crushed between us. What? Where†¦ Melanie struggled. I broke away from his mouth to breathe, and his lips scorched their way down my throat. I buried my face in his hair, inhaling the scent. Jared! Jared! NO! I let her flow through my arms, knowing this was what I wanted, though I could barely pay attention now. The hands on his stomach turned hard, angry. The fingers clawed at his skin and then shoved him as hard as they could. â€Å"NO!† she shouted through my lips. Jared caught her hands, then caught me against the wall before I could fall. I sagged, my body confused by the conflicting directions it was receiving. â€Å"Mel? Mel!† â€Å"What are you doing?† He groaned in relief. â€Å"I knew you could do it! Ah, Mel!† He kissed her again, kissed the lips that she now controlled, and we could both taste the tears that ran down his face. She bit him. Jared jumped back from us, and I slid to the floor, landing in a wilted heap. He started laughing. â€Å"That's my girl. You still got her, Wanda?† â€Å"Yes,† I gasped. What the hell, Wanda? she screeched at me. Where have you been? Do you have any idea what I've been going through trying to find you? Yeah, I can see that you were really suffering. Oh, I'll suffer, I promised her. I could already feel it coming on. Just like before†¦ She was flipping through my thoughts as fast as she could. Jamie? That's what I've been trying to tell you. He needs you. Then why aren't we with him? Because he's probably a bit young to watch this kind of thing. She searched through some more. Wow, Ian, too. I'm glad I missed that part. I was so worried. I didn't know what to do†¦ Well, c'mon. Let's go. â€Å"Mel?† Jared asked. â€Å"She's here. She's furious. She wants to see Jamie.† Jared put his arm around me and helped me up. â€Å"You can be as mad as you want, Mel. Just stick around.† How long was I gone? Three days is all. Her voice was suddenly smaller. Where was I? You don't know? I can't remember†¦ anything. We shuddered. â€Å"You okay?† Jared asked. â€Å"Sort of.† â€Å"Was that her before, talking to me-talking out loud?† â€Å"Yes.† â€Å"Can she†¦ can you let her do that now?† I sighed. I was already exhausted. â€Å"I can try.† I closed my eyes. Can you get past me? I asked her. Can you talk to him? I†¦ How? Where? I tried to flatten myself against the inside of my head. â€Å"C'mon,† I murmured. â€Å"Here.† Melanie struggled, but there was no way out. Jared's lips came down on mine, hard. My eyes flew open in shock. His gold-flecked eyes were open, too, half an inch away. She jerked our head back. â€Å"Cut that out! Don't touch her!† He smiled, the little creases feathering out around his eyes. â€Å"Hey, baby.† That's not funny. I tried to breathe again. â€Å"She's not laughing.† He left his arm around me. Around us. We walked out into the tunnel junction, and there was no one there. No Ian. â€Å"I'm warning you, Mel,† Jared said, still smiling widely. Teasing. â€Å"You better stay right here. I'm not making any guarantees about what I will or won't do to get you back.† My stomach fluttered. Tell him I'll throttle him if he touches you like that again. But her threat was a joke, too. â€Å"She's threatening your life right now,† I told him. â€Å"But I think she's being facetious.† He laughed, giddy with relief. â€Å"You're so serious all the time, Wanda.† â€Å"Your jokes aren't funny,† I muttered. Not to me. Jared laughed again. Ah, Melanie said. You are suffering. I'll try not to let Jamie see. Thank you for bringing me back. I won't erase you, Melanie. I'm sorry I can't give you more than that. Thank you. â€Å"What's she saying?† â€Å"We're just†¦ making up.† â€Å"Why couldn't she talk before, when you were trying to let her?† â€Å"I don't know, Jared. There really isn't enough room for both of us. I can't seem to get myself out of the way completely. It's like†¦ not like holding your breath. Like trying to pause your heartbeats. I can't make myself not exist. I don't know how.† He didn't answer, and my chest throbbed with pain. How joyful he would be if I could figure out how to erase myself! Melanie wanted to†¦ not to contradict me, but to make me feel better; she struggled to find words to soften my agony. She couldn't come up with the right ones. But Ian would be devastated. And Jamie. Jeb would miss you. You have so many friends here. Thanks. I was glad that we were back to our room now. I needed to think about something else before I started crying. Now wasn't the time for self-pity. There were more important issues at hand than my heart, breaking yet again.

Conditions to Effectively Leverage Technology for Learning Essay

Great leaders create results, inspire others and attain goals through their shared qualities such as vision, passion, decisiveness, commitment, influence, character and cooperation. Similarly, to foster academic success, all educational stakeholders ought to have a shared vision of what the can result to be and communicate this vision among themselves. To begin with, the principal plays a multifaceted and pivotal role in setting the path that school will take. This direction should not only be positive but also productive especially to the teachers. On the side of the students, it should provide the students with a vibrant learning environment. A comprehensive program ought to be instituted to cheer up, cultivate and sustain effective leaderships of schools for the realization and speeding up the achievement of the students. So as move the student’s achievement upwards, those endowed with their academic performance that is the teachers, principals, teacher educators and even district administrators are under obligation to be accountable for the students. For instance, New York City Department of Education won the 2007 urban education Broad prize since the entire district schools had performed well. The brawny leadership by the chancellor, mayor and the teachers union contributed much to the students’ achievement. Solidarity and sharing also foster the willingness of each leadership level and even the student fraternity to share knowledge, resources and accomplishments In order to achieve the above discussed shared vision, the educational leaders ought to be adequately empowered to assure the realization of the vision. To empower them undertaking leadership trainings that will boost accountability will be essential. These leaders have also adopted implementation planning to facilitate the effectiveness of their schools and also the learning process. They incorporate digital learning resources and information and communication technologies (ICT) for the creation of multiple learning opportunities and deeper understanding and exhibition of the contents of their curriculums. Most of the New York schools have availed high speed access internets, interactive white boards, LCD projectors and improved the right of entry to rolling laptop carts. These technologies have promoted the students’ skills in communication, fostered understanding in science and math and facilitating organizational skills. Consistent and adequate funding can not be ignored since for the academic achievements of the students, money is required to training the administrators, support the ICT infrastructure, other personnel and staff development and the installation of the digital resources. Although the State’s Legislature was reluctant to allot the necessary funds so as to constitutionally provide a sound basic education to each student, a divisional appeal saw the implementation of the same. District funds have been used to mould the school administrators into instructional leaders, change agents and civic leaders. This consistent funding, of around $428 million, has led to the excellence in the public schools in the entire district. Due to the increased use of the new technology in these schools, adequate technical support and a robust technical infrastructure are important. This will ensure that these technological infrastructures support the teachers’ work in a more realistic manner. Each student should be allowed equal access to the different technologies since each of the plays a totally different role from the other. This equity should be bias-free in terms of sex, ethnicity, students with special needs and also the disadvantaged. The universal technological participation supports engaged learning thus reducing the levels of inequality. Moreover, the district schools have ensured an apparent access to electronic networks and computers for the realization of a significant change in the classrooms. On-site technical support must also be easily accessible by the teachers since the support managers are bestowed with all-time assistance troubleshooting during and after lessons. Students can hardly achieve academically or benefit from the various technologies if their teachers are not conversant with them. Support has to be availed to these educators so as to make them choose the appropriate instructional strategies and technologies appropriately. This makes sure that the teachers are very comfortable and experienced in their demonstrations of these technologies. Additionally, they can integrate the technological knowledge in their curriculum and in fostering changes in the assessment methodologies. On-going professional development assists the teachers in learning how to use the new technology. Additionally, the teachers are able to unleash to the students meaningful instructions accompanied with relevant demonstration activities in class. The on-going professional learning is vital since single workshop training can not be sufficient for the teachers to learn and understand everything about the technology. Schools-proposed learning curriculums should aim and helping the students acquire superb communication skills so as to enable them to be in their expressions. This can be achieved through pencil and paper work, audios, animations and also videos. Moreover, it should facilitate the learners’ ability to analyze and interpret data, manage and prioritize classroom tasks, develop problem solving methodologies and utilize the acquired knowledge in identifying and mitigating probable risks. So as to ensure that the learning process is student-centered, their goals, expectations, population and their learning criteria should be identified prior. This will enable the education direct their efforts in satisfying them. In gauging the understanding level of the learners, various assessment and evaluation methodologies are incorporated. This appraises both the technological applications put in place and also the achievement of the student. Furthermore, the administrators get to know the adaptability, usefulness and appropriateness of the technology. Remedial actions are then taken at a later date to streamline the students in case of deviations. This evaluation is based on the National Education Technology Standards. Besides, a community stakeholders’ committee assesses the ideas that emanate from various educational stakeholders and those committee scrutinized proposals that go through are adopted by schools in the entire district. This committee also performs equity assurance and guidance roles. Other support policies and supportive external context have been set up to further student achievement. For instance, teachers are provided with classroom computers and also have also adopted the use of electronic grade-books. This has become a requirement so as to report on the students’ attendance trends. Moreover, daily log-ins has been instituted. In other cases, students and administrators have received rewards that are based on their performances.

BUSINESS LAW PowerPoint Presentation Example | Topics and Well Written Essays - 500 words

BUSINESS LAW - PowerPoint Presentation Example There is no magic in the cooperative way that makes it completely only in the way it is owned and in certain methods of operation. But while cooperative financing is in many ways the same with financing other business, the method of capitalization, the use of capital, and the handling of finances generally in a cooperative have certain distinctive features that must reflect cooperative principles. In other words, you can distinguish a true cooperative by its financial policies as well as other ways. Good financing of a cooperative does not come by chance or accident. It has to be well-planned, completely understood and mutually accepted. The members of the cooperative have the responsibility for financing their own cooperative. This is how they acquire their ownership of the cooperative and the right to control it. Others cannot be expected to take the risk of financing an organization for them. In addition, the members have the responsibility to study very well the financial policies presented to them by the board before approving them. In this connection, they must properly choose the persons who will constitute the memberships in various committees. These are the individuals who will protect the interests of the members. Separate legal entity and Limited liability are not applicable for the ownership of cooperatives.

Organizational Theories Essay Example | Topics and Well Written Essays - 500 words

Organizational Theories - Essay Example In this case, managing organizational change entails planning and implementing change throughout the organization in order to minimize organizational costs and employee resistance in the organization (Cummings & Worley, 2009). Environmental uncertainty in the organization entails the degree to which the company is related to different environmental forces that the company has to deal with including the suppliers, customers and technology (Daft, Murphy, & Willmott, 2010). Uncertainty in the organization applies to predictable future events especially to physical measurements, which are already established in the organizational environment. Uncertainty tends to arise in stochastic or observable organizational environments or due to organizational ignorance. Dealing with uncertainty calls for managers to put in strategies that see to it that they are dealt with them when occur, and this prevents stalling of processes. Organizational design/change tends to generate uncertainties in the organizational environments. In most cases, complicated organizational framework through which the organization manages to realize its main qualities may end up creating complexities in the organizational environments. In simple terms, organizational changes and design lead to ambiguity in working environments (Daft, Murphy, & Willmott, 2010). Managing change and design in the organization perhaps remains the biggest challenge, which organizational managers face in most organizations today. Staying competitive in most markets would require that the organization remain open and adaptable to change. Therefore, organizational changes in this case would mean new processes and designs in the organization. Alternatively, it would mean keeping employees motivated, maintaining market demands and being open to organizational changes. In most cases, these aspects may create uncertainties in any working environment especially when the

Challenges of Knowledge Transfer in Organisations Literature review

Challenges of Knowledge Transfer in Organisations - Literature review Example This importance has given rise to the need of knowledge management techniques that organizations can implement, and can successfully manage the flow of knowledge in their organizations. There are various models about knowledge transfer. Two of the most famous models include Ikujiro Nonaka and Hirotaka Takeuchi’s SECI model and Boisot's I-Space model (Bratianu, 2010, p. 193). These two have many things in common. According to Nonako and Takeuchi’s SECI model, knowledge transfer in any organization takes place in four levels. This model divides knowledge into tacit knowledge or implied knowledge, and explicit or expressed knowledge. This models describes the relationship between these two types of knowledge through four stages i.e. socialization, externalisation, combination and internalization. Socialization is the first step that happens when an organization member comes under exposure to the stories or experiences through other employees. Apprenticeship proves to be a good example of this stage as the form of knowledge transfer is tacit to tacit. Next stage is of externalization, which happens when organization members convert tacit knowledge learned in the above stage into explicit knowledge. An example of this can include taking part into a project where all the team members contribute from their knowledge (Bratianu, 2010, p. 193). Combination is the third stage, which signifies the transfer of explicit to explicit knowledge. This happens when the knowledge externalised is combined with earlier knowledge and applied to a broader group or entity. Similarly, the last stage is internalization which signifies the transfer of explicit to tacit knowledge. This happens when the knowledge becomes an inseparable and integral part of an organizational member or members and they can readily transfer it onwards through socialization (Wickes, 2003, p. 5). This model suggests that these four stages happen in a cyclical form where one stage follows the other and it forms a spiral of knowledge. Moreover, this model also suggests that knowledge increases as the spirals increase and as it comes under the exposure of more and more organizational members. Another theory of knowledge management that is very similar to Nonako and Takeuchi’s model is Boisot's I-Space model. Boisot classifies knowledge present in any organization into three dimensions. First dimension is codified and un-codified knowledge. This is similar to SECI model’s tacit and explicit knowledge (Strach & Everett, 2006, p. 5). Codified knowledge is one that is easily transferred including financial data or any other thing that is properly documented. On the other hand, un-codified knowledge is one that is not properly documented and it is preserved only in the memories of organizational members or is part of an organization’s culture; therefore, it is implied. Examples of un-codified knowledge would include stories and experiences that are held with indi viduals. Another dimension of knowledge as suggested by Boisot includes abstract and concrete knowledge. This dimension is self explanatory. The third dimension of knowledge according to Boisot’s theory includes diffused and undiffused knowledge. Diffused knowledge refers to that knowledge that is open to all organizational member; whereas, undiffused knowledge is the one that is available to only a selected few e.g. to top management etc

Freud Essay Example | Topics and Well Written Essays - 500 words

Freud - Essay Example It is worthy, first, to understand the need for civilization and its importance in qualitative measures and quantitative measures. Civilizations were established to improve modes of relationships among human beings. This was because, in the prehistoric times, an action of an individual was guided more by his instincts and wishes. Apart from that, civilization was meant to improve material prosperity of individuals. This was obtainable through improvement of science and technology, which in turn increased their economic productivity. Freud argues that the objective of such changes was due to the inherent human trait of search for happiness. The search for happiness is achieved by what he describes as utility and yields of pleasure (Freud 41). However, he states that such an effort is always a futility, as an increase in happiness is never achieved. Civilization is thus not responsible for human happiness. Friedman’s main argument primarily focuses in religion. He describes religion as an imposed delusional feeling that seeks to detach individuals from reality. This feeling, however, cannot be depicted scientifically. It operates in the idea that suffering of the human community can only be alleviated by a trust to an external source of help. In trying to achieve this, individuals escape the reality of their lives. The problem of religion in this case is that it imposes only one way of attainment of happiness. In reality, ways of attaining satisfaction should be many and, thus, the individual is tied to his misery if that one way fails (Freud 32). Second, Friedman also discusses art as a source of unhappiness among individuals. Art’s affectivity relies on the imagination of creative people who release their pieces of work for consumption by these individuals. Through art, individuals try to master reality by creating images of how it

Civil Society and Global Finance Essay Example | Topics and Well Written Essays - 1250 words - 1

Civil Society and Global Finance - Essay Example This transition occurred in the running century, however, it initiated in the 1990s; the reason was increasing competition for economic sustainability and supremacy. In the running decade, the magnitude of the economic activities is considered enormous than previous decades, unfortunately, this success is the cost of ignorance or non-compliance of social and environmental obligations. The companies are more interested in improving their financial positions for obtaining credit facility. The devised financial policies are extremely converged to point of high revenue generation, such that significant environmental and social aspects have been outclass. Such practices was never exercised in 20th century, the companies considered compliance of social and environmental laws obligatory, the financial profits were curtails, production numbers were reduced only to secure the necessary non-financial interests, beneficial for the human society (Clarkson, 2002). As per critics, it was in 1980s when the international investment regime transformed significantly. The attributing factors towards such transformation included "extra-ordinary increase in the volume of global FDI flows and stocks; second, the rising levels of corporate concentration in high technology global production resulting from mergers, acquisitions and network relationships, in particular strategic business alliances; and third, the development and widespread application of information technologies to international corporate organization". During the 1980s and 1990s, the economic indicators of the world economy were negative, and severe slowdown in the foreign direct investment was witnessed, "global foreign direct investment flows declined in 1991 for the first time since 1982, falling from USD 230billion in 1990 to USD 180billion in 1991" (Jan 2002).  

K 12 Public Education Foundations Dissertation Example | Topics and Well Written Essays - 8000 words

K 12 Public Education Foundations - Dissertation Example The mushrooming public school foundations owe their unprecedented growth to several reasons. For instance, it is very difficult for schools to procure funds. In addition, accountability of schools has increased manifold. Furthermore, members of the community are provided with a convenient device to involve themselves with local schools and their enterprises (Woodworth). As such, education foundations are non – profit organizations as per the provisions of section 501(c) (3) of the Internal Revenue Code. These foundations are affiliated with public school corporations, and they facilitate the establishment of tax-deductible funds to generate grants and scholarships (Robbins, 2009). Such foundations are of immense help to teachers and students. Moreover, section 501(c) (3) of the Internal Revenue Code considers education foundations as tax-exempt organizations. In addition, the laws of the state where the foundation is to be established have to be examined, with regard to tax ex emptions. As such, fundraising activity should not commence till such time as a tax exempt status is not granted to the foundation and its donors (Else, Assisting K-12 Education through the National Center for Public and Private School Foundations, 2003). For instance, the National Center for Public and Private School Foundations at the University of Northern Iowa has objectives that take into account the phenomenal growth of school foundations. These objectives consider the requirements of local public school districts and the private schools (Else, Assisting K-12 Education through the National School Foundations Association, 2011). The principal aims of the National Center for Public and Private School Foundations are; first to correlate people and organizations with private and public schools, and to promote support and awareness, by means of school foundations. Second, to help private and public schools, via the development of school foundations, in the task of creating educatio n funds of greater flexibility, and reducing the gap between the lower and higher income districts (Else, Assisting K-12 Education through the National School Foundations Association, 2011). Third, support school personnel in the US in the design, operation and sustaining of school foundations. Fourth, help local foundations by providing expertise and guidelines in the management and development of school foundations. Some of these are fundraising strategies, procedures, policies, management, organization and legal issues (Else, Assisting K-12 Education through the National School Foundations Association, 2011). Fifth, assist the leadership of the school foundation to develop professionally, especially with regard to working meaningfully with the board and in strategic planning. Sixth, conduct research on and adapt the extant research findings with respect to school foundations and determine the crucial factors that affect their success. Seventh, enhance the fundraising capability o f K – 12 schools so that they can effectively address emerging requirements (Else, Assisting K-12 Education through the National Center for Public and Private School Foundations, 2003).

Evolution vs. Intelligent Design Essay Example | Topics and Well Written Essays - 1000 words

Evolution vs. Intelligent Design - Essay Example The teaching of creation in public schools simply fulfills the purpose of protecting specific underling religious beliefs. If creation is to be taught, it is solely the responsibility of parents and the church because teaching the religious theories of creation in schools not only violates constitutional precepts. This issue invokes intense passions from those driven by their religious faith and those who would stand up for the Constitution and those that gave the lives of their loved ones to protect it. The First Amendment begins with â€Å"Congress shall make no law respecting an establishment of religion, or prohibiting the free exercise thereof†¦Ã¢â‚¬  (â€Å"The Constitution†) The idea of creation is undeniably religious doctrine. The government, therefore, cannot promote it in classrooms as science without infringing on the First Amendment. The Supreme Court has held that instructors may not teach that humans were created by God and must present only scientific ex planations for the history of life. Creationism can not be presented as scientific fact. In addition, it is also unconstitutional to compel teachers to teach creationism and schools may not refuse to teach evolution in an effort to avoid offending religious individuals. The idea of disclaimers placed in school books such as ‘the teaching of evolution is not intended to influence or dissuade the Biblical version of Creation or any other concept’ has been lawfully established to be unconstitutional. An instructor also has the constructional right to teach evolution (â€Å"Epperson v. Arkansas†, 1968). Religious theories of creation may be incorporated into school curriculums as a comparative example of what some religious groups accept as fact.

Project 3 Assignment Example | Topics and Well Written Essays - 500 words

Project 3 - Assignment Example Make this personal (as opposed to simply providing a book answer). Will you experience the consequence(s) of this behavior anytime soon, or do you not truly see this as a threat to your well-being in the next 5 years? 2. Using your knowledge of nutrition, list 3 advantages of the target behavior you selected. Again, please don’t just provide a book answer. What might changing this behavior provide to you today as opposed to 10 years from now? Is that worth the perceived â€Å"sacrifice† of changing whatever it is you’re currently doing? Why or why not? 7. Start to recognize any successes you have had in practicing this behavior, no matter how small. Look over the records you kept and/or assessments you completed. When were you successful in following the desired behavior even a little? Why do you think you were successful? 9. Increasing your knowledge of the advantages of practicing this behavior and/or the disadvantages of failing to do so can help motivate you for change. Using what you have learned in class so far, and/or other resources as needed, write a paragraph describing how you will benefit from making your target behavior a part of your lifestyle. If you need help finding a resource to help you, contact your instructor. 4. What are some of the obstacles that you have encountered that make it difficult to consistently practice this behavior? (Common obstacles are stress, lack of time, travel, and boredom.) List each of the obstacles you encounter (or anticipate encountering) and write one or more potential solutions to keep this obstacle from getting in your way of achieving your

Third Grade Classrooms and Foldables Essay Example for Free

Third Grade Classrooms and Foldables Essay Good educators, especially in the lower levels of education, are always looking for effective ways to improve students’ learning and interest in subjects that may not be as appealing. Any activity that promotes reading and encourages critical thinking is especially valued by teachers (Angus, 1993). One of the key developments promoted by Zike is the use of Foldables in the classroom (2007). These are three-dimensional hands-on manipulative/graphic organizers. Foldables can quickly organize, display and arrange data making it easier for students to grasp concepts, theories, processes, facts, and ideas, or to sequence events as outlined in the content standards. They can result in student-made study guides that are compiled as students listen for main ideas, read for main ideas, or conduct research (Zike, 2007). This study examined the use of Foldables to promote the reading and retention of social studies information with third grade students and to enhance their attitude toward social studies (Zike, 2007). It was hypothesized that Foldables do have a positive influence on learning in the classroom, more so than using the standard lecture/worksheet technique. Specifically, comparisons on cognitive and affective assessment measures were made between those taught using Foldables and those taught using lecture with worksheets. The Experiments This study took place in an elementary school in a rural community in East Tennessee. Manufacturing and retail are the major area employers and residents are in the low to middle income level. One out of 11 elementary schools in the county was selected for this study, based on convenience (Casteel, 2006). The K-5 school where the study took place had 625 students enrolled, with over 95% being white students. Of those 625 students, 63% receiving free or reduced lunch, which gives an idea about the income status of the family (Casteel, 2006). Out of five third grade classrooms, three were randomly selected to participate in the study. The first classroom was referred to Classroom A, while the second one was referred to as Classroom B. According to Casteel’s findings, students from the third classroom were randomly divided in half with half the students joining Classroom A and half joining Classroom B for this study (2006). The resulting gender distribution for Classroom A was 15 male and 14 female, while for Classroom B it was 16 male and 11 female. A control group experimental design was used in this study. In the first two week period of instruction on history timelines, Classroom A (n=29) served as the control group while Classroom B (n=27) served as the treatment group (independent variable). In the second two week period of instruction on maps, Classroom B became the control group while Classroom A served as the treatment group. The treatment groups were taught the subject through the use of Foldables, while the control groups were taught the subject using lecture with worksheets (Casteel, 2006). At the beginning of the unit, a pretest (dependent variable) toward social studies was administered to each student, along with a cognitive measure of knowledge on history timelines. At the end of the unit, the measure toward social studies was again given, along with the knowledge on history timelines (Casteel, 2006). These were the posttest measures. The treatment and control groups were then switched and another measure of knowledge on maps was given as a pretest to each group. The posttest measure from the first instructional time period served as the pretest for the second instructional time period. At the end of the second instructional unit on maps, the measure of social studies was again administered along with the measure of knowledge on maps (Casteel, 2006). Results and Conclusions Initially the pretest scores of the two groups were compared to ensure that they had equivalent attitudes toward social studies, which they were. The changes in scores from pretest to posttest for each group (Lecture/Worksheet and Foldables) were then compared using a paired samples t-test. Casteel researched that the Lecture/Worksheet group had a . 69 point mean gain from pretest to posttest, which was not statistically significant, while the Foldables group had a 2. 67 point mean gain from pretest to posttest, which was statistically significant (2006). This study was designed to compare the effectiveness of two teaching methods (Lecture/Worksheet and Foldables). The Lecture/Worksheet and Foldables groups had equivalent pretest scores, meaning they were equivalent in attitudes toward social studies at the beginning of the units. Only those taught with Foldables had a significant increase from pretest to posttest on affective scores (Casteel, 2006). The experimental data indicated that Foldables are a promising alternative to the traditional method of Lecture/Worksheet. Using Foldables significantly improved students attitudes toward the material (Zike, 2007). Additionally, teachers who participated in the study commented about the improvement in attitudes when using the Foldables. Furthermore, several teachers indicated that students were applying the Foldables across the curriculum, for example, using them to learn fractions as a part of a math unit. One teacher commented that when using Foldables there were fewer discipline problems since the students remained more engaged with the material (Zike, 2007). This preliminary research indicated that an improvement in attitude is possible through the use of the Foldable technique.

Analysis of Honeynets and Honeypots for Security

Analysis of Honeynets and Honeypots for Security Chapter 1 Introduction Honeynet is a kind of a network security tool, most of the network security tools we have are passive in nature for example Firewalls and IDS. They have the dynamic database of available rules and signatures and they operate on these rules. That is why anomaly detection is limited only to the set of available rules. Any activity that is not in alignment with the given rules and signatures goes under the radar undetected. Honeypots by design allows you to take the initiative, and trap those bad guys (hackers). This system has no production value, with no authorized activity. Any interaction with the honeypot is considered malicious in intent. The combination of honeypots is honeynet. Basically honeypots or honeynets do not solve the security problem but provide information and knowledge that help the system administrator to enhance the overall security of his network and systems. This knowledge can act as an Intrusion detection system and used as input for any early warning systems. O ver the years researchers have successfully isolated and identified verity of worms exploits using honeypots and honeynets. Honeynets extend the concept of a single honeypot to a highly controlled network of honeypots. A honeynet is a specialized network architecture cond in a way to achieve Data Control, Data Capture Data Collection. This architecture builds a controlled network that one can control and monitor all kind of system and network activity. 1.1 Information Security Information Security is the protection of all sensitive information, electronic or otherwise, which is owned by an individual or an organization. It deals with the preservation of the confidentiality, integrity and availability of information. It protects information of organizations from all kinds of threats to ensure business continuity, minimize business damage and maximize the return on investment and business opportunities. Information stored is highly confidential and not for public viewing. Through information security we protect its availability, privacy and integrity. Information is one of most important assets of financial institutions. Fortification of information assets is essential to ascertain and maintain trust between the financial institution and its customers, maintain compliance with the law, and protect the reputation of the institution. Timely and reliable information is compulsory to process transactions and support financial institution and customer decisions. A financial institutions earnings and capital can be adversely affected, if information becomes known to unauthorized parties is distorted or is not available when it is needed [15]. 1.2 Network Security It is the protection of networks and its services from any unauthorized access. It includes the confidentiality and integrity of all data passing through the network. It also includes the security of all Network devices and all information assets connected to a network as well as protection against all kind of known and unknown attacks. The ITU-T Security Architecture for Open System Interconnection (OSI) document X.800 and RFC 2828 are the standard documentation defining security services. X.800 divides the security services into 5 categories and 14 specific services which can be summarized as Table 1.1 OSI X.800 Summary[8] â€Å"1. AUTHENTICATION The assurance that the communicating entity is the one that it claims to be. Peer Entity Authentication Used in association with a logical connection to provide confidence in the identity of the entities connected. Data Origin Authentication In a connectionless transfer, provides assurance that the source of received data is as claimed. 2. ACCESS CONTROL The prevention of unauthorized use of a resource (i.e., this service controls who can have access to a resource, under what conditions access can occur, and what those accessing the resource are allowed to do). 3. DATA CONFIDENTIALITY The protection of data from unauthorized disclosure. Connection Confidentiality The protection of all user data on a connection. Connectionless Confidentiality The protection of all user data in a single data block Selective-Field Confidentiality The confidentiality of selected fields within the user data on a connection or in a single data block. Traffic Flow Confidentiality The protection of the information that might be derived from observation of traffic flows. 4. DATA INTEGRITY The assurance that data received are exactly as sent by an authorized entity (i.e., contain no modification, insertion, deletion, or replay). Connection Integrity with Recovery Provides for the integrity of all user data on a connection and detects any modification, insertion, deletion, or replay of any data within an entire data sequence, with recovery attempted. Connection Integrity without Recovery As above, but provides only detection without recovery. Selective-Field Connection Integrity Provides for the integrity of selected fields within the user data of a data block transferred over a connection and takes the form of determination of whether the selected fields have been modified, inserted, deleted, or replayed. Connectionless Integrity Provides for the integrity of a single connectionless data block and may take the form of detection of data modification. Additionally, a limited form of replay detection may be provided. Selective-Field Connectionless Integrity Provides for the integrity of selected fields within a single connectionless data block; takes the form of determination of whether the selected fields have been modified. 5. NONREPUDIATION Provides protection against denial by one of the entities involved in a communication of having participated in all or part of the communication. Nonrepudiation, Origin Proof that the message was sent by the specified party. Nonrepudiation, Destination Proof that the message was received by the specified party.† [1] [8], [9], 1.3 The Security Problem System security personnel fighting an unending battle to secure their digital assets against the ever increasing attacks, verity of attacks and their intensity is increasing day by day. Most of the attacks are detected after the exploitations so there should be awareness of the threats and vulnerabilities that exist in the Internet today. First we have to understand that we cannot say that there exists a perfect secure machine or network because the closest we can get to an absolute secure machine is that we unplugged the network cable and power supply and put that machine in to a safe. Unfortunately it is not useful in that state. We cannot achieve perfect security and perfect access at the same time. We can only increase the no of doors but we cannot put wall instead of doors. In field of security we need to find the vulnerably and exploits before they affect us. Honeypot and honeynet provides a valuable tool to collect information about the behavior of attackers in order to design and implement better defense. In the field of security it is important to note that we cannot simply state that what is the best type of firewall? Absolute security and absolute access are the two chief points. Absolute security and absolute access are inverse to each other. If we increase the security access will be decrease. There should be balance between absolute security and absolute defense, access is given without compromising the security. If we compare it to our daily lives we observe not much difference. We are continuously making decisions regarding what risks we are ready to take. When we step out of our homes we are taking a risk. As we get into a car and drive to our work place there is a risk associated with it too. There is a possibility that something might happen on the highway which will make us a part of an accident. When we fly and sit on an airplane we are willing to undergo the level of risk which is at par with the heavy amount we are paying for this convenience. It is observed that many people think differently about what an acceptable risk would be and in majority cases they do go beyond this thinking. For instance if I am sitting upstairs in my room and have to go to work, I wont take a jump straight out of the window. It might be a faster way but the danger of doing so and the injury I would have to face is much greater than the convenience. It is vital for every organization to decide that between the two opposite poles of total security and total access where they need to place themselves. It is necessary for a policy to articulate this system and then further explain the way it will be enforced with which practices and ways. Everything that is done under the name of security must strictly agree to the policy. 1.4 Types of Hacker Hackers are generally divide into two major categories. 1.4.1 Black Hats Black hat hackers are the biggest threat both internal and external to the IT infrastructure of any organization, as they are consistently challenging the security of applications and services. They are also called crackers, These are the persons who specialize in unauthorized infiltration. There could be Varity of reasons for this type of penetration it could be for profit, for enjoyment, or for political motivations or as a part of a social cause. Such infiltration often involves modification / destruction of data. 1.4.2 White Hats White hat hackers are similar to black hat hackers but there is a important difference that is white hat hackers do it without any criminal intention. Different companies all around the world hire/contact these kinds of persons to test their systems and softwares. They check how secure these systems are and point out any fault they found. These hackers, also known as ethical hackers, These are the persons or security experts who are specialize in penetration testing. These types of people are also known as tiger teams. These experts may use different types of methods and techniques to carry out their tests, including social engineering tactics, use of hacking tools, and attempts to bypass security to gain entry into protected areas, but they do this only to find weaknesses in the system[8]. 1.5 Types of Attacks There are many types of attacks that can be categorized under 2 major categories Active Attacks Passive Attacks 1.5.1 Active Attacks Active attacks involve the attacker taking the offensive and directing malicious packets towards its victims in order to gain illegitimate access of the target machine such as by performing exhaustive user password combinations as in brute-force attacks. Or by exploiting remote local vulnerabilities in services and applications that are termed as holes. Other types of attacks include Masquerading attack when attacker pretends to be a different entity. Attacker user fake Identity of some legitimate user. Replay attack In Replay attack, attacker captures data and retransmits it to produce an unauthorized effect. It is a kind of man in middle attack. Modification attack In this type of attack integrity of the message is compromise. Message or file is modified by the attacker to achieve his malicious goals. Denial of service (DOS)attack In DOS attack an attacker attempts to prevent legitimate users from accessing information or services. By targeting your computer and its network connection, or the computers and network of the sites you are trying to use, an attacker may be able to prevent you from accessing email, websites, online accounts (banking, etc.), or other services that rely on the affected computer. TCP ICMP scanning is also a form of active attacks in which the attackers exploit the way protocols are designed to respond. e.g. ping of death, sync attacks etc. In all types of active attacks the attacker creates noise over the network and transmits packets making it possible to detect and trace the attacker. Depending on the skill level, it has been observed that the skill full attackers usually attack their victims from proxy destinations that they have victimized earlier. 1.5.2 Passive Attacks Passive attacks involve the attacker being able to intercept, collect monitor any transmission sent by their victims. Thus, eavesdropping on their victim and in the process being able to listen in to their victims or targets communications. Passive attacks are very specialized types of attacks which are aimed at obtaining information that is being transmitted over secure and insecure channels. Since the attacker does not create any noise or minimal noise on the network so it is very difficult to detect and identify them. Passive attacks can be divided into 2 main types, the release of message content and traffic analysis. Release of message content It involves protecting message content from getting in hands of unauthorized users during transmission. This can be as basic as a message delivered via a telephone conversation, instant messenger chat, email or a file. Traffic analysis It involves techniques used by attackers to retrieve the actual message from encrypted intercepted messages of their victims. Encryption provides a means to mask the contents of a message using mathematical formulas and thus make them unreadable. The original message can only be retrieved by a reverse process called decryption. This cryptographic system is often based on a key or a password as input from the user. With traffic analysis the attacker can passively observe patterns, trends, frequencies and lengths of messages to guess the key or retrieve the original message by various cryptanalysis systems. Chapter 2 Honeypot and Honeynet 2.1 Honeypot Is a system, or part of a system, deliberately made to invite an intruder or system cracker. Honeypots have additional functionality and intrusion detection systems built into them for the collection of valuable information on the intruders. The era of virtualization had its impact on security and honeypots, the community responded, marked by the fine efforts of Niels Provos (founder of honeyd) Thorsten Holz for their masterpiece book â€Å"Virtual Honeypots From Botnet Tracking to Intrusion Detection† in 2007. 2.2 Types of Honeypots Honeypots can be categorized into 2 main types based on Level of interaction Deployment. 2.2.1 Level of interaction Level of interaction determines the amount of functionality a honeypot provides. 2.2.1.1 Low-interaction Honeypot Low-interaction honey pots are limited in the extent of their interaction with the attacker. They are generally emulator of the services and operating systems. 2.2.1.2 High interaction Honeypot High-interaction honeypots are complex solution they involve with the deployment of real operating systems and applications. High interaction honeypots capture extensive amount of information by allowing attacker to interact with the real systems. 2.2.2 Deployment Based on deployment honeypot may be classified as Production Honeypots Research Honeypots 2.2.2.1 Production Honeypots Production honeypots are honeypots that are placed within the production networks for the purpose of detection. They extend the capabilities of the intrusion detection systems. These type of honeypots are developed and cond to integrate with the organizations infrastructure and scope. They are usually implemented as low-interaction honeypots but implementation may vary depending on the available funding and expertise required by the organization. Production honeypots can be placed within the application and authentication server subnets and can identify any attacks directed towards those subnets. Thus they can be used to identify both internal and external threats for an organization. These types of honeypots can also be used to detect malware propagation in the network caused by zero day exploits. Since IDSs detection is based on database signatures they fail to detect exploits that are not defined in their databases. This is where the honeypots out shine the Intrusion detection systems. They aid the system network administrators by providing network situational awareness. On basis of these results administrators can take decisions necessary to add or enhance security resources of the organization e.g. firewall, IDS and IPS etc. 2.2.2.1 Research Honeypots Research honeypots are deployed by network security researchers the whitehat hackers. Their primarily goal is to learn the tools, tactics techniques of the blackhat hackers by which they exploit computers network systems. These honeypots are deployed with the idea of allowing the attacker complete freedom and in the process learn his tactics from his movement within the system. Research honeypots help security researchers to isolate attacker tools they use to exploit systems. They are then carefully studied within a sand box environment to identify zero day exploits. Worms, Trojans and viruses propagating in the network can also be isolated and studied. The researchers then document their findings and share with system programmers, network and system administrators various system and anti-virus vendors. They provide the raw material for the rule engines of IDS, IPS and firewall system. Research Honeypots act as early warning systems. They are designed to detect and log maximum information from attackers yet being stealthy enough not to let attackers identify them. The identity of the honeypot is crucial and we can conclude that the learning curve (from the attacker) is directly proportional to the stealthiest of thehoneypot .These types of honeypots are usually deployed at universities and by the RD departments of various organizations. These types of honeypots are usually deployed as High-Interaction honeypots. 2.3 Honeynet The concept of the honeypot is sometimes extended to a network of honeypots, known as a honeynet. In honeynet we grouped different types of honeypots with different operatrating systems which increases the probability of trapping an attacker. At the same time, a setting in which the attacker explores the honeynet through network connections between the various host systems provides additional prospects for monitoring the attack and revealing information about the intruder. The honeynet operator can also use the honeynet for training purposes, gaining valuable experience with attack strategies and digital forensics without endangering production systems. The Honeynet project is a non-profit research organization that provides tools for building and managing honeynets. The tools of the Honeynet project are designed for the latest generation of high interaction honeynets that require two separate networks. The honeypots reside on the first network, and the second network holds the tools for managing the honeynet. Between these tools (and facing the Internet) is a device known as the honeywall. The honeywall, which is actually a kind of gateway device, captures controls, and analyzes all inbound and outbound traffic to the honeypots[4]. It is a high-interaction honeypot designed to capture wide-range of information on threats. High-interaction means that a honeynet provides real systems, applications, and services for attackers to interact with, as opposed to low-interaction honeypots which provide emulated services and operating systems. It is through this extensive interaction we gain information on threats, both external and internal to an organization. What makes a honeynet different from most honeypots is that it is a network of real computers for attackers to interact with. These victim systems (honeypots within the honeynet) can be any type of system, service, or information you want to provide [14]. 2.4 Honeynet Data Management Data management consist of three process Data control, data capture and data collection. 2.4.1 Data Control Data control is the containment of activity within the honeynet. It determines the means through which the attackers activity can be restricted in a way to avoid damaging/abusing other systems/resources through the honeynet. This demands a great deal of planning as we require to give the attacker freedom in order to learn from his moves and at the same time not let our resources (honeypot+bandwidth) to be used to attack, damage and abuse other hosts on the same or different subnets. Careful measures are taken by the administrators of the honeynet to study and formulate a policy on attackers freedom versus containment and implement this in a way to achieve maximum data control and yet not be discovered or identified by the attacker as a honeypot. Security is a process and is implemented in layers, various mechanisms to achieve data control are available such as firewall, counting outbound connections, intrusion detection systems,intrusion prevention systems and bandwidth restriction e tc. Depending on our requirements and risk thresholds defined we can implement data control mechanisms accordingly [4]. 2.4.2 Data Capture Data Capture involves the capturing, monitoring and logging of allthreats and attacker activities within the honeynet. Analysis of this captured data provides an insight on the tools, tactics, techniques and motives of the attackers. The concept is to achieve maximum logging capability at all nodes and hence log any kind of attackers interaction without the attacker knowing it. This type of stealthy logging is achieved by setting up tools and mechanisms on the honeypots to log all system activity and have network logging capability at the honeywall. Every bit of information is crucial in studying the attacker whether its a TCP port scan, remote and local exploit attempt, brute force attack, attack tool download by the haacker, various local commands run, any type of communication carried out over encrypted and unencrypted channels (mostly IRC) and any outbound connection attempt made by the attacker [25]. All of this should be logged successfully and sent over to a remote location to avoid any loss of data due to risk of system damage caused by attackers, such as data wipe out on disk etc. In order to avoid detection of this kind of activity from the attacker, data masking techniques such as encryption should be used. 2.4.3 Data Collection Once data is captured, it is securely sent to a centralized data collection point. Data is used for analysis and archiving which is collected from different honeynet sensors. Implementations may vary depending on the requirements of the organization, however latest implementations incorporate data collection at the honeywall gateway [19]. 2.5 Honeynet Architectures There are three honeynet architectures namely Generation I, Generation II and Generation III 2.5.1 Generation I Architecture Gen I Honeynet was developed in 1999 by the Honeynet Project. Its purpose was to capture attackers activity and give them the feeling of a real network. The architecture is simple with a firewall aided by IDS at front and honeypots placed behind it. This makes it detectable by attacker [7]. 2.5.2 Generation II III Architecture Gen II honeynets were first introduced in 2001 and Gen III honeynets was released in the end of 2004. Gen II honeynets were made in order to address the issues of Gen I honeynets. Gen II and Gen III honeynets have the same architecture. The only difference being improvements in deployment and management, in Gen III honeynets along with the addition of Sebek server built in the honeywall. Sebek is a stealthy capture tool installed on honeypots that capture and log all requests sent to the system read and write system call. This is very helpful in providing an insight on the attacker [7]. A radical change in architecture was brought about by the introduction of a single device that handles the data control and data capture mechanisms of the honeynet called the IDS Gateway or marketing-wise, the Honeywall. By making the architecture more â€Å"stealthy†, attackers are kept longer and thus more data is captured. There was also a major thrust in improving honeypot layer of data capture with the introduction of a new UNIX and Windows based data. 2.6 Virtual Honeynet Virtualization is a technology that allows running multiple virtual machines on a single physical machine. Each virtual machine can be an independent Operating system installation. This is achieved by sharing the physical machines resources such as CPU, Memory, Storage and peripherals through specialized software across multiple environments. Thus multiple virtual Operating systems can run concurrently on a single physical machine [4]. A virtual machine is specialized software that can run its own operating systems and applications as if it were a physical computer. It has its own CPU, RAM storage and peripherals managed by software that dynamically shares it with the physical hardware resources. Virtulization A virtual Honeynet is a solution that facilitates one to run a honeynet on a single computer. We use the term virtual because all the different operating systems placed in the honeynet have the appearance to be running on their own, independent computer. Network to a machine on the Honeynet may indicate a compromised enterprise system. CHAPTER 3 Design and Implementation Computer networks, connected to the Internet are vulnerable to a variety of exploits that can compromise their intended operations. Systems can be subject to Denial of Service Attacks, i-e preventing other computers to gain access for the desired service (e.g. web server) or prevent them from connecting to other computers on the Internet. They can also be subject to attacks that cause them to cease operations either temporarily or permanently. A hacker may be able to compromise a system and gain root access as if he is the system administrator. The number of exploits targeted against various platforms, operating systems, and applications increasing regularly. Most of vulnerabilities and attack methods are detected after the exploitations and cause big loses. Following are the main components of physical deployment of honeynet. First is the design of the Deployed Architecture. Then we installed SUN Virtual box as the Virtualization software. In this we virtually installed three Operating System two of them will work as honey pots and one Honeywall Roo 1.4 as Honeynet transparent Gateway. Snort and sebek are the part of honeywall roo operating system. Snort as IDS and Snort-Inline as IPS. Sebek as the Data Capture tool on the honeypot. The entire OS and honeywall functionality is installed on the system it formats all the previous data from the hard disk. The only purpose now of the CDROM is to install this functionality to the local hard drive. LiveCD could not be modified, so after installing it on the hard drive we can modify it according to our requirement. This approach help us to maintain the honeywall, allowing honeynet to use automated tools such asyumto keep packages current [31]. In the following table there is a summry of products with features installed in honeynet and hardware requirements. Current versions of the installed products are also mention in the table. Table 3.1 Project Summary Project Summary Feature Product Specifications Host Operating System Windows Server 2003 R2 HW Vendor HP Compaq DC 7700 ProcessorIntel(R) Pentium ® D CPU 3GHz RAM 2GB Storage 120GB NIC 1GB Ethernet controller (public IP ) Guest Operating System 1 Linux, Honeywall Roo 1.4 Single Processor Virtual Machine ( HONEYWALL ) RAM 512 MB Storage 10 GB NIC 1 100Mbps Bridged interface NIC 2 100Mbps host-only interface NIC 3 100Mbps Bridged interface (public IP ) Guest Operating System 2 Linux, Ubuntu 8.04 LTS (Hardy Heron) Single Processor Virtual Machine ( HONEYPOT ) RAM 256 MB Storage 10 GB NIC 100Mbps host-only vmnet (public IP ) Guest Operating System 3 Windows Server 2003 Single Processor Virtual Machine ( HONEYPOT ) RAM 256 MB Storage 10 GB NIC 100Mbps host-only vmnet (public IP ) Virtualization software SUN Virtual Box Version 3 Architecture Gen III Gen III implemented as a virtual honeynet Honeywall Roo Roo 1.4 IDS Snort Snort 2.6.x IPS Snort_inline Snort_inline 2.6.1.5 Data Capture Tool (on honeypots) Sebek Sebek 3.2.0 Honeynet Project Online Tenure November 12, 2009 TO December 12, 2009 3.1 Deployed Architecture and Design 3.2 Windows Server 2003 as Host OS Usability and performance of virtualization softwares are very good on windows server 2003. Windows Server 2003is aserveroperating system produced byMicrosoft. it is considered by Microsoft to be the cornerstone of itsWindows Server Systemline of business server products. Windows Server 2003 is more scalable and delivers better performance than its predecessor,Windows 2000. 3.3 Ubuntu as Honeypot Determined to use free and open source software for this project, Linux was the natural choice to fill as the Host Operating System for our projects server. Ubuntu 8.04 was used as a linux based honeypot for our implementation. The concept was to setup an up-to-date Ubuntu server, cond with commonly used services such as SSH, FTP, Apache, MySQL and PHP and study attacks directed towards them on the internet. Ubuntu being the most widely used Linux desktop can prove to be a good platform to study zero day exploits. It also becomes a candidate for malware collection and a source to learn hacker tools being used on the internet. Ubuntu was successfully deployed as a virtual machine and setup in our honeynet with a host-only virtual Ethernet connection. The honeypot was made sweeter i.e. an interesting target for the attacker by setting up all services with default settings, for example SSH allowed password based connectivity from any IP on default port 22, users created were given privi leges to install and run applications, Apache index.html page was made remotely accessible with default errors and banners, MySQL default port 1434 was accessible and outbound connections were allowed but limited [3]. Ubuntu is a computeroperating systembased on theDebianGNU/Linux distribution. It is named after theSouthern Africanethical ideology Ubuntu (humanity towards others)[5]and is distributed asfree and open source software. Ubuntu provides an up-to-date, stable operating system for the average user, with a strong focus onusabilityand ease of installation. Ubuntu focuses onusability andsecurity. The Ubiquity installer allows Ubuntu to be installed to the hard disk from within the Live CD environment, without the need for restarting the computer prior to installation. Ubuntu also emphasizesaccessibilityandinternationalization to reach as many people as possible [33]. Ubuntu comes installed with a wide range of software that includes OpenOffice, Firefox,Empathy (Pidgin in versions before 9.10), Transmission, GIMP, and several lightweight games (such as Sudoku and chess). Ubuntu allows networking ports to be closed using its firewall, with customized port selectio Analysis of Honeynets and Honeypots for Security Analysis of Honeynets and Honeypots for Security Chapter 1 Introduction Honeynet is a kind of a network security tool, most of the network security tools we have are passive in nature for example Firewalls and IDS. They have the dynamic database of available rules and signatures and they operate on these rules. That is why anomaly detection is limited only to the set of available rules. Any activity that is not in alignment with the given rules and signatures goes under the radar undetected. Honeypots by design allows you to take the initiative, and trap those bad guys (hackers). This system has no production value, with no authorized activity. Any interaction with the honeypot is considered malicious in intent. The combination of honeypots is honeynet. Basically honeypots or honeynets do not solve the security problem but provide information and knowledge that help the system administrator to enhance the overall security of his network and systems. This knowledge can act as an Intrusion detection system and used as input for any early warning systems. O ver the years researchers have successfully isolated and identified verity of worms exploits using honeypots and honeynets. Honeynets extend the concept of a single honeypot to a highly controlled network of honeypots. A honeynet is a specialized network architecture cond in a way to achieve Data Control, Data Capture Data Collection. This architecture builds a controlled network that one can control and monitor all kind of system and network activity. 1.1 Information Security Information Security is the protection of all sensitive information, electronic or otherwise, which is owned by an individual or an organization. It deals with the preservation of the confidentiality, integrity and availability of information. It protects information of organizations from all kinds of threats to ensure business continuity, minimize business damage and maximize the return on investment and business opportunities. Information stored is highly confidential and not for public viewing. Through information security we protect its availability, privacy and integrity. Information is one of most important assets of financial institutions. Fortification of information assets is essential to ascertain and maintain trust between the financial institution and its customers, maintain compliance with the law, and protect the reputation of the institution. Timely and reliable information is compulsory to process transactions and support financial institution and customer decisions. A financial institutions earnings and capital can be adversely affected, if information becomes known to unauthorized parties is distorted or is not available when it is needed [15]. 1.2 Network Security It is the protection of networks and its services from any unauthorized access. It includes the confidentiality and integrity of all data passing through the network. It also includes the security of all Network devices and all information assets connected to a network as well as protection against all kind of known and unknown attacks. The ITU-T Security Architecture for Open System Interconnection (OSI) document X.800 and RFC 2828 are the standard documentation defining security services. X.800 divides the security services into 5 categories and 14 specific services which can be summarized as Table 1.1 OSI X.800 Summary[8] â€Å"1. AUTHENTICATION The assurance that the communicating entity is the one that it claims to be. Peer Entity Authentication Used in association with a logical connection to provide confidence in the identity of the entities connected. Data Origin Authentication In a connectionless transfer, provides assurance that the source of received data is as claimed. 2. ACCESS CONTROL The prevention of unauthorized use of a resource (i.e., this service controls who can have access to a resource, under what conditions access can occur, and what those accessing the resource are allowed to do). 3. DATA CONFIDENTIALITY The protection of data from unauthorized disclosure. Connection Confidentiality The protection of all user data on a connection. Connectionless Confidentiality The protection of all user data in a single data block Selective-Field Confidentiality The confidentiality of selected fields within the user data on a connection or in a single data block. Traffic Flow Confidentiality The protection of the information that might be derived from observation of traffic flows. 4. DATA INTEGRITY The assurance that data received are exactly as sent by an authorized entity (i.e., contain no modification, insertion, deletion, or replay). Connection Integrity with Recovery Provides for the integrity of all user data on a connection and detects any modification, insertion, deletion, or replay of any data within an entire data sequence, with recovery attempted. Connection Integrity without Recovery As above, but provides only detection without recovery. Selective-Field Connection Integrity Provides for the integrity of selected fields within the user data of a data block transferred over a connection and takes the form of determination of whether the selected fields have been modified, inserted, deleted, or replayed. Connectionless Integrity Provides for the integrity of a single connectionless data block and may take the form of detection of data modification. Additionally, a limited form of replay detection may be provided. Selective-Field Connectionless Integrity Provides for the integrity of selected fields within a single connectionless data block; takes the form of determination of whether the selected fields have been modified. 5. NONREPUDIATION Provides protection against denial by one of the entities involved in a communication of having participated in all or part of the communication. Nonrepudiation, Origin Proof that the message was sent by the specified party. Nonrepudiation, Destination Proof that the message was received by the specified party.† [1] [8], [9], 1.3 The Security Problem System security personnel fighting an unending battle to secure their digital assets against the ever increasing attacks, verity of attacks and their intensity is increasing day by day. Most of the attacks are detected after the exploitations so there should be awareness of the threats and vulnerabilities that exist in the Internet today. First we have to understand that we cannot say that there exists a perfect secure machine or network because the closest we can get to an absolute secure machine is that we unplugged the network cable and power supply and put that machine in to a safe. Unfortunately it is not useful in that state. We cannot achieve perfect security and perfect access at the same time. We can only increase the no of doors but we cannot put wall instead of doors. In field of security we need to find the vulnerably and exploits before they affect us. Honeypot and honeynet provides a valuable tool to collect information about the behavior of attackers in order to design and implement better defense. In the field of security it is important to note that we cannot simply state that what is the best type of firewall? Absolute security and absolute access are the two chief points. Absolute security and absolute access are inverse to each other. If we increase the security access will be decrease. There should be balance between absolute security and absolute defense, access is given without compromising the security. If we compare it to our daily lives we observe not much difference. We are continuously making decisions regarding what risks we are ready to take. When we step out of our homes we are taking a risk. As we get into a car and drive to our work place there is a risk associated with it too. There is a possibility that something might happen on the highway which will make us a part of an accident. When we fly and sit on an airplane we are willing to undergo the level of risk which is at par with the heavy amount we are paying for this convenience. It is observed that many people think differently about what an acceptable risk would be and in majority cases they do go beyond this thinking. For instance if I am sitting upstairs in my room and have to go to work, I wont take a jump straight out of the window. It might be a faster way but the danger of doing so and the injury I would have to face is much greater than the convenience. It is vital for every organization to decide that between the two opposite poles of total security and total access where they need to place themselves. It is necessary for a policy to articulate this system and then further explain the way it will be enforced with which practices and ways. Everything that is done under the name of security must strictly agree to the policy. 1.4 Types of Hacker Hackers are generally divide into two major categories. 1.4.1 Black Hats Black hat hackers are the biggest threat both internal and external to the IT infrastructure of any organization, as they are consistently challenging the security of applications and services. They are also called crackers, These are the persons who specialize in unauthorized infiltration. There could be Varity of reasons for this type of penetration it could be for profit, for enjoyment, or for political motivations or as a part of a social cause. Such infiltration often involves modification / destruction of data. 1.4.2 White Hats White hat hackers are similar to black hat hackers but there is a important difference that is white hat hackers do it without any criminal intention. Different companies all around the world hire/contact these kinds of persons to test their systems and softwares. They check how secure these systems are and point out any fault they found. These hackers, also known as ethical hackers, These are the persons or security experts who are specialize in penetration testing. These types of people are also known as tiger teams. These experts may use different types of methods and techniques to carry out their tests, including social engineering tactics, use of hacking tools, and attempts to bypass security to gain entry into protected areas, but they do this only to find weaknesses in the system[8]. 1.5 Types of Attacks There are many types of attacks that can be categorized under 2 major categories Active Attacks Passive Attacks 1.5.1 Active Attacks Active attacks involve the attacker taking the offensive and directing malicious packets towards its victims in order to gain illegitimate access of the target machine such as by performing exhaustive user password combinations as in brute-force attacks. Or by exploiting remote local vulnerabilities in services and applications that are termed as holes. Other types of attacks include Masquerading attack when attacker pretends to be a different entity. Attacker user fake Identity of some legitimate user. Replay attack In Replay attack, attacker captures data and retransmits it to produce an unauthorized effect. It is a kind of man in middle attack. Modification attack In this type of attack integrity of the message is compromise. Message or file is modified by the attacker to achieve his malicious goals. Denial of service (DOS)attack In DOS attack an attacker attempts to prevent legitimate users from accessing information or services. By targeting your computer and its network connection, or the computers and network of the sites you are trying to use, an attacker may be able to prevent you from accessing email, websites, online accounts (banking, etc.), or other services that rely on the affected computer. TCP ICMP scanning is also a form of active attacks in which the attackers exploit the way protocols are designed to respond. e.g. ping of death, sync attacks etc. In all types of active attacks the attacker creates noise over the network and transmits packets making it possible to detect and trace the attacker. Depending on the skill level, it has been observed that the skill full attackers usually attack their victims from proxy destinations that they have victimized earlier. 1.5.2 Passive Attacks Passive attacks involve the attacker being able to intercept, collect monitor any transmission sent by their victims. Thus, eavesdropping on their victim and in the process being able to listen in to their victims or targets communications. Passive attacks are very specialized types of attacks which are aimed at obtaining information that is being transmitted over secure and insecure channels. Since the attacker does not create any noise or minimal noise on the network so it is very difficult to detect and identify them. Passive attacks can be divided into 2 main types, the release of message content and traffic analysis. Release of message content It involves protecting message content from getting in hands of unauthorized users during transmission. This can be as basic as a message delivered via a telephone conversation, instant messenger chat, email or a file. Traffic analysis It involves techniques used by attackers to retrieve the actual message from encrypted intercepted messages of their victims. Encryption provides a means to mask the contents of a message using mathematical formulas and thus make them unreadable. The original message can only be retrieved by a reverse process called decryption. This cryptographic system is often based on a key or a password as input from the user. With traffic analysis the attacker can passively observe patterns, trends, frequencies and lengths of messages to guess the key or retrieve the original message by various cryptanalysis systems. Chapter 2 Honeypot and Honeynet 2.1 Honeypot Is a system, or part of a system, deliberately made to invite an intruder or system cracker. Honeypots have additional functionality and intrusion detection systems built into them for the collection of valuable information on the intruders. The era of virtualization had its impact on security and honeypots, the community responded, marked by the fine efforts of Niels Provos (founder of honeyd) Thorsten Holz for their masterpiece book â€Å"Virtual Honeypots From Botnet Tracking to Intrusion Detection† in 2007. 2.2 Types of Honeypots Honeypots can be categorized into 2 main types based on Level of interaction Deployment. 2.2.1 Level of interaction Level of interaction determines the amount of functionality a honeypot provides. 2.2.1.1 Low-interaction Honeypot Low-interaction honey pots are limited in the extent of their interaction with the attacker. They are generally emulator of the services and operating systems. 2.2.1.2 High interaction Honeypot High-interaction honeypots are complex solution they involve with the deployment of real operating systems and applications. High interaction honeypots capture extensive amount of information by allowing attacker to interact with the real systems. 2.2.2 Deployment Based on deployment honeypot may be classified as Production Honeypots Research Honeypots 2.2.2.1 Production Honeypots Production honeypots are honeypots that are placed within the production networks for the purpose of detection. They extend the capabilities of the intrusion detection systems. These type of honeypots are developed and cond to integrate with the organizations infrastructure and scope. They are usually implemented as low-interaction honeypots but implementation may vary depending on the available funding and expertise required by the organization. Production honeypots can be placed within the application and authentication server subnets and can identify any attacks directed towards those subnets. Thus they can be used to identify both internal and external threats for an organization. These types of honeypots can also be used to detect malware propagation in the network caused by zero day exploits. Since IDSs detection is based on database signatures they fail to detect exploits that are not defined in their databases. This is where the honeypots out shine the Intrusion detection systems. They aid the system network administrators by providing network situational awareness. On basis of these results administrators can take decisions necessary to add or enhance security resources of the organization e.g. firewall, IDS and IPS etc. 2.2.2.1 Research Honeypots Research honeypots are deployed by network security researchers the whitehat hackers. Their primarily goal is to learn the tools, tactics techniques of the blackhat hackers by which they exploit computers network systems. These honeypots are deployed with the idea of allowing the attacker complete freedom and in the process learn his tactics from his movement within the system. Research honeypots help security researchers to isolate attacker tools they use to exploit systems. They are then carefully studied within a sand box environment to identify zero day exploits. Worms, Trojans and viruses propagating in the network can also be isolated and studied. The researchers then document their findings and share with system programmers, network and system administrators various system and anti-virus vendors. They provide the raw material for the rule engines of IDS, IPS and firewall system. Research Honeypots act as early warning systems. They are designed to detect and log maximum information from attackers yet being stealthy enough not to let attackers identify them. The identity of the honeypot is crucial and we can conclude that the learning curve (from the attacker) is directly proportional to the stealthiest of thehoneypot .These types of honeypots are usually deployed at universities and by the RD departments of various organizations. These types of honeypots are usually deployed as High-Interaction honeypots. 2.3 Honeynet The concept of the honeypot is sometimes extended to a network of honeypots, known as a honeynet. In honeynet we grouped different types of honeypots with different operatrating systems which increases the probability of trapping an attacker. At the same time, a setting in which the attacker explores the honeynet through network connections between the various host systems provides additional prospects for monitoring the attack and revealing information about the intruder. The honeynet operator can also use the honeynet for training purposes, gaining valuable experience with attack strategies and digital forensics without endangering production systems. The Honeynet project is a non-profit research organization that provides tools for building and managing honeynets. The tools of the Honeynet project are designed for the latest generation of high interaction honeynets that require two separate networks. The honeypots reside on the first network, and the second network holds the tools for managing the honeynet. Between these tools (and facing the Internet) is a device known as the honeywall. The honeywall, which is actually a kind of gateway device, captures controls, and analyzes all inbound and outbound traffic to the honeypots[4]. It is a high-interaction honeypot designed to capture wide-range of information on threats. High-interaction means that a honeynet provides real systems, applications, and services for attackers to interact with, as opposed to low-interaction honeypots which provide emulated services and operating systems. It is through this extensive interaction we gain information on threats, both external and internal to an organization. What makes a honeynet different from most honeypots is that it is a network of real computers for attackers to interact with. These victim systems (honeypots within the honeynet) can be any type of system, service, or information you want to provide [14]. 2.4 Honeynet Data Management Data management consist of three process Data control, data capture and data collection. 2.4.1 Data Control Data control is the containment of activity within the honeynet. It determines the means through which the attackers activity can be restricted in a way to avoid damaging/abusing other systems/resources through the honeynet. This demands a great deal of planning as we require to give the attacker freedom in order to learn from his moves and at the same time not let our resources (honeypot+bandwidth) to be used to attack, damage and abuse other hosts on the same or different subnets. Careful measures are taken by the administrators of the honeynet to study and formulate a policy on attackers freedom versus containment and implement this in a way to achieve maximum data control and yet not be discovered or identified by the attacker as a honeypot. Security is a process and is implemented in layers, various mechanisms to achieve data control are available such as firewall, counting outbound connections, intrusion detection systems,intrusion prevention systems and bandwidth restriction e tc. Depending on our requirements and risk thresholds defined we can implement data control mechanisms accordingly [4]. 2.4.2 Data Capture Data Capture involves the capturing, monitoring and logging of allthreats and attacker activities within the honeynet. Analysis of this captured data provides an insight on the tools, tactics, techniques and motives of the attackers. The concept is to achieve maximum logging capability at all nodes and hence log any kind of attackers interaction without the attacker knowing it. This type of stealthy logging is achieved by setting up tools and mechanisms on the honeypots to log all system activity and have network logging capability at the honeywall. Every bit of information is crucial in studying the attacker whether its a TCP port scan, remote and local exploit attempt, brute force attack, attack tool download by the haacker, various local commands run, any type of communication carried out over encrypted and unencrypted channels (mostly IRC) and any outbound connection attempt made by the attacker [25]. All of this should be logged successfully and sent over to a remote location to avoid any loss of data due to risk of system damage caused by attackers, such as data wipe out on disk etc. In order to avoid detection of this kind of activity from the attacker, data masking techniques such as encryption should be used. 2.4.3 Data Collection Once data is captured, it is securely sent to a centralized data collection point. Data is used for analysis and archiving which is collected from different honeynet sensors. Implementations may vary depending on the requirements of the organization, however latest implementations incorporate data collection at the honeywall gateway [19]. 2.5 Honeynet Architectures There are three honeynet architectures namely Generation I, Generation II and Generation III 2.5.1 Generation I Architecture Gen I Honeynet was developed in 1999 by the Honeynet Project. Its purpose was to capture attackers activity and give them the feeling of a real network. The architecture is simple with a firewall aided by IDS at front and honeypots placed behind it. This makes it detectable by attacker [7]. 2.5.2 Generation II III Architecture Gen II honeynets were first introduced in 2001 and Gen III honeynets was released in the end of 2004. Gen II honeynets were made in order to address the issues of Gen I honeynets. Gen II and Gen III honeynets have the same architecture. The only difference being improvements in deployment and management, in Gen III honeynets along with the addition of Sebek server built in the honeywall. Sebek is a stealthy capture tool installed on honeypots that capture and log all requests sent to the system read and write system call. This is very helpful in providing an insight on the attacker [7]. A radical change in architecture was brought about by the introduction of a single device that handles the data control and data capture mechanisms of the honeynet called the IDS Gateway or marketing-wise, the Honeywall. By making the architecture more â€Å"stealthy†, attackers are kept longer and thus more data is captured. There was also a major thrust in improving honeypot layer of data capture with the introduction of a new UNIX and Windows based data. 2.6 Virtual Honeynet Virtualization is a technology that allows running multiple virtual machines on a single physical machine. Each virtual machine can be an independent Operating system installation. This is achieved by sharing the physical machines resources such as CPU, Memory, Storage and peripherals through specialized software across multiple environments. Thus multiple virtual Operating systems can run concurrently on a single physical machine [4]. A virtual machine is specialized software that can run its own operating systems and applications as if it were a physical computer. It has its own CPU, RAM storage and peripherals managed by software that dynamically shares it with the physical hardware resources. Virtulization A virtual Honeynet is a solution that facilitates one to run a honeynet on a single computer. We use the term virtual because all the different operating systems placed in the honeynet have the appearance to be running on their own, independent computer. Network to a machine on the Honeynet may indicate a compromised enterprise system. CHAPTER 3 Design and Implementation Computer networks, connected to the Internet are vulnerable to a variety of exploits that can compromise their intended operations. Systems can be subject to Denial of Service Attacks, i-e preventing other computers to gain access for the desired service (e.g. web server) or prevent them from connecting to other computers on the Internet. They can also be subject to attacks that cause them to cease operations either temporarily or permanently. A hacker may be able to compromise a system and gain root access as if he is the system administrator. The number of exploits targeted against various platforms, operating systems, and applications increasing regularly. Most of vulnerabilities and attack methods are detected after the exploitations and cause big loses. Following are the main components of physical deployment of honeynet. First is the design of the Deployed Architecture. Then we installed SUN Virtual box as the Virtualization software. In this we virtually installed three Operating System two of them will work as honey pots and one Honeywall Roo 1.4 as Honeynet transparent Gateway. Snort and sebek are the part of honeywall roo operating system. Snort as IDS and Snort-Inline as IPS. Sebek as the Data Capture tool on the honeypot. The entire OS and honeywall functionality is installed on the system it formats all the previous data from the hard disk. The only purpose now of the CDROM is to install this functionality to the local hard drive. LiveCD could not be modified, so after installing it on the hard drive we can modify it according to our requirement. This approach help us to maintain the honeywall, allowing honeynet to use automated tools such asyumto keep packages current [31]. In the following table there is a summry of products with features installed in honeynet and hardware requirements. Current versions of the installed products are also mention in the table. Table 3.1 Project Summary Project Summary Feature Product Specifications Host Operating System Windows Server 2003 R2 HW Vendor HP Compaq DC 7700 ProcessorIntel(R) Pentium ® D CPU 3GHz RAM 2GB Storage 120GB NIC 1GB Ethernet controller (public IP ) Guest Operating System 1 Linux, Honeywall Roo 1.4 Single Processor Virtual Machine ( HONEYWALL ) RAM 512 MB Storage 10 GB NIC 1 100Mbps Bridged interface NIC 2 100Mbps host-only interface NIC 3 100Mbps Bridged interface (public IP ) Guest Operating System 2 Linux, Ubuntu 8.04 LTS (Hardy Heron) Single Processor Virtual Machine ( HONEYPOT ) RAM 256 MB Storage 10 GB NIC 100Mbps host-only vmnet (public IP ) Guest Operating System 3 Windows Server 2003 Single Processor Virtual Machine ( HONEYPOT ) RAM 256 MB Storage 10 GB NIC 100Mbps host-only vmnet (public IP ) Virtualization software SUN Virtual Box Version 3 Architecture Gen III Gen III implemented as a virtual honeynet Honeywall Roo Roo 1.4 IDS Snort Snort 2.6.x IPS Snort_inline Snort_inline 2.6.1.5 Data Capture Tool (on honeypots) Sebek Sebek 3.2.0 Honeynet Project Online Tenure November 12, 2009 TO December 12, 2009 3.1 Deployed Architecture and Design 3.2 Windows Server 2003 as Host OS Usability and performance of virtualization softwares are very good on windows server 2003. Windows Server 2003is aserveroperating system produced byMicrosoft. it is considered by Microsoft to be the cornerstone of itsWindows Server Systemline of business server products. Windows Server 2003 is more scalable and delivers better performance than its predecessor,Windows 2000. 3.3 Ubuntu as Honeypot Determined to use free and open source software for this project, Linux was the natural choice to fill as the Host Operating System for our projects server. Ubuntu 8.04 was used as a linux based honeypot for our implementation. The concept was to setup an up-to-date Ubuntu server, cond with commonly used services such as SSH, FTP, Apache, MySQL and PHP and study attacks directed towards them on the internet. Ubuntu being the most widely used Linux desktop can prove to be a good platform to study zero day exploits. It also becomes a candidate for malware collection and a source to learn hacker tools being used on the internet. Ubuntu was successfully deployed as a virtual machine and setup in our honeynet with a host-only virtual Ethernet connection. The honeypot was made sweeter i.e. an interesting target for the attacker by setting up all services with default settings, for example SSH allowed password based connectivity from any IP on default port 22, users created were given privi leges to install and run applications, Apache index.html page was made remotely accessible with default errors and banners, MySQL default port 1434 was accessible and outbound connections were allowed but limited [3]. Ubuntu is a computeroperating systembased on theDebianGNU/Linux distribution. It is named after theSouthern Africanethical ideology Ubuntu (humanity towards others)[5]and is distributed asfree and open source software. Ubuntu provides an up-to-date, stable operating system for the average user, with a strong focus onusabilityand ease of installation. Ubuntu focuses onusability andsecurity. The Ubiquity installer allows Ubuntu to be installed to the hard disk from within the Live CD environment, without the need for restarting the computer prior to installation. Ubuntu also emphasizesaccessibilityandinternationalization to reach as many people as possible [33]. Ubuntu comes installed with a wide range of software that includes OpenOffice, Firefox,Empathy (Pidgin in versions before 9.10), Transmission, GIMP, and several lightweight games (such as Sudoku and chess). Ubuntu allows networking ports to be closed using its firewall, with customized port selectio