Tell Tale Heart Study Packet

â€Å"The Tell-Tale Heart† by Edgar Allan Poe Activity Packet [pic] [pic] Name ____________________________________________ L. A. Period ________ Your score ___________out of 30 points possible ( Covers plot elements, comprehension, figurative language, mood, character traits, , and setting ) Pre-Reading Guide for â€Å"Tell-Tale Heart† Name _________________________________________ Period ___________ (5 pts. ) Describe five things that you usually find in a scary/horror story: 1. ______________________________________________________________ 2. ______________________________________________________________ . _______________________________________________________________ 4. _______________________________________________________________ 5. ________________________________________________________________ Read the following statements. If you agree with them, put a check in the YOU column. Then, AFTER we read the story, go back and put a check in the AUTHOR column if you feel the author agrees with that statement. YOUAUTHORSTATEMENT ____________1. People who are insane know that they are insane. ____________2. Sane people sometimes imagine that they hear things. ___________3. If you commit a crime, the worst punishment is the guilt afterward. ____________4. Often it’s the small annoying things about people that can be the most irritating and infuriating. ____________5. All people are basically afraid of the same things. ____________6. When you’ve done something wrong, wondering if you’ll be caught can cause great stress and anxiety. â€Å"Tell-Tale Heart†comprehension QuestionsName__________________ (20 pts. ) After reading â€Å"Tell-Tale Heart† by Poe, answer the following questions using short answers.They do not need to be complete sentences, but answer each part of the question thoroughly. 1. Who is telling this story (narrating)? Is it first, second, or third person? 2. What is your first impression of the n arrator? What does he try convincing the reader of? 3. How does the narrator feel about the old man in general? What, then, specifically, is it about the old man that troubles/bothers the narrator? Why? How often does the narrator mention this â€Å"thing† in the story? 4. What does the narrator tell us he does every night? Why? 5. How does the narrator feel immediately after he commits the murder?Do his feelings change? If so, how and why? â€Å"Tell-Tale Heart† Comprehension Questions continued†¦Name__________________ 6. What sound drives the narrator to confess to the crime? What do you think causes his paranoia? 7. Give two direct and specific examples from the story that the author uses to create an atmosphere of horror or suspense. These are sentences that set or enhance the MOOD of the story. Give the page number. 8. Give one example where the author uses punctuation or repeated words or phrases in a sentence to show the mood of horror or suspense. . Find o ne example of each of the following: a. Alliteration – Pg. ___ ___________________________________________________________ _______________________________________________________________________________ b. Simile – Pg. ________________________________________________________________ __________________________________________________________________________________ 10. c. Personification – Pg. _________________________________________________________ _______________________________________________________________________________

What is the value of people management to project management?

Abstract People skills and their value to project management have become a substantial topic of debate as the international community develops business strategies. This essay examines the project management field with a focus of evaluating the importance of the human element. The evidence presented demonstrates that developing strategies are relying more often on an adaptive framework that incorporates heavy human resources and relations efforts with positive results. This work will be of interest to any person studying the field of project management. 1 Introduction The question of how important people skills are in project management efforts has become a growing topic of debate (Morgeson et al, 2013). Seemingly once overlooked, the elements of human resources and the potential to encourage a higher rate of performance suggest an emerging innovative nature among the leaders of the business community. Beginning with a base overview of project management efforts, this essay works to illustrate the importance that the ability to effectively manage people can have on any form of project. 2 Project Management The commonly held definition of project management is the entire creation and control of a specific aim made up of several interlocking elements including planning, acquisition, motivation and resolution of day to day issues (Lock et al, 2013). This definition outlines the expectation that the project manager is the person in control of any individual effort, making each of the decisions that this persons makes critical to the nature of the underlying project. There are a wide range of management choices to be made from the very first, withincluding incremental, iterative, phased and lean making each element fragile (Lock et al, 2013). With each separate method of implementation there is a real focus on creating a strategy that is effective at managing resources as well as successfully reaching deadlines and achieving goals. In order to achieve this first step and reach a positive conclusion, the skill of efficiently utilising resources, including employees and human resources, must be a cornerstone of strategy (Larsen et al, 2013). This revelation suggests a tacit support for the inclusion of the human element at every level of emerging project planning theory. Yet, with this rising recognition of value and potential in the human resources element, the question of why previous generations did not associate such potential becomes a question. Two central approaches to project management have come to encompass the field; Traditional and Agile (Kerzner, 2003). With the names signifying the defining parameters of each avenue the traditional has been the most used and recognised process with the Agile form coming to represent the need to remain flexible, or adaptable in the face of modern competition and circumstances (Kerzner, 2003). The Agile method is based on the traditional approach with an increased emphasis on the associated human elements that contribute to the trait of adaptability (Kerzner, 2003). As the case study of ITNET in the UK in 2003 suggested that the addition of soft skills or increased human resources capacity adds a great deal in area of motivation to any on-going project (Cowie, 2003). This is suggestive that t at the turn of the century there was a building recognition of human resources skill value as well as the need to maintain this level of skill in the developing systems in order to enhance succe ss opportunities. Of the several approaches offered, the traditional method has been commonly associated with a general project management application (Pandey, 2008). This avenue consists of five well recognised principles that are expected to be met, with each area directly associated with employee, or human, oversight. Initiation, design, execution, monitoring and completion make up the most common stages of any project (Pandey, 2008). In every area this argument suggests that there is a basic need for human resources, and therefore there rests the potential for streamlining and improving performance. This is highly suggestive of the condition that there is a valid supposition for the inclusion of human resources in a progressive strategy.2.1 ProcessesCreating a starting point for any project, the initiation process marks the moment that the base nature and effectiveness of the effort is determined (White et al, 2002). This requires a thorough understanding of the complexities of the task at hand a s well as complete knowledge of the associated timetable and available resources. The placement of a quality person adds to the potential for a project to succeed from the moment this evaluation and determination takes place (Hiriyappa, 2009). This stage outlines the needs of the project as associated with the operating elements, which in turn is directly impacted by the choices of the person in charge (Hiriyappa, 2009), suggesting that this initial decision to put a person in place could be among the most critical of project management accomplishments. The planning and design stage of any project is directly responsible for developing the underlying strategy that takes into account every element (Kerzner, 2003). This suggests that again, effective decision-making qualities and the capacity to identify positive properties in the associated employees allows for a smoother execution of strategy. Further, the human element of estimation and risk planning is directly associated with the personnel in place, which in turn can determine the success or failure of any project (Larsen et al, 2013). The evidence is suggestive of the demonstration that human resource decisions at this level reflect the needs of the project and assist in determining how well the effort is undertaken. The stage of execution follows planning, which in turn, requires an effective human resource effort in order to ensure that the standards of the developing project (Karjewski et al, 1999). This is an indication that components, such as direct management, quality control and long term planning, must be efficiently addressed at this stage, requiring human skills. This stage cannot be effectively concluded without testing the implementation efforts, which in turn demands the presence of leadership (Morgeson et al, 2013). Closely tied to the final stages of the traditional approach to project management, the execution stage leads to the control and monitoring of any project (Morgenson et al, 2013). This process of measurement and assessment require knowledge, experience and skill in order to properly operate, which requires a well-placed person, or team, with the inherent capacity to meet these standards (Greenbert et al, 2005). Lacking an effective human resource placement, there is the real potential for a project to be diminished or halted all together, making this area once again one of pivotal importance. The final stage of the commonly held process is closing, or the true ending of the effort, with final closing and contract closure (Andersson et al, 2013). As each area of the project is judged complete and the terms of the contracts have been acknowledged, the leadership to efficiently tie up every remaining task is vital (Lock et al, 2013). This suggests that effective human resource skills at this juncture enable a far better understanding and capacity to complete and close out a project. As the evidence in the argrument demonstrates, there is a need for human resource considerations at every stage of the project management process. At each level the critical decisions needed require thoughtful and well-rounded people skills that has the inherent capacity to add a tremendous amount of positivity to any project.2.2 MethodologiesWith the science of project management continuing to develop over the course of time, thereare several different approaches used in the effort to attain success (Lock et al, 2013). Clear differences in needs and goals make the choice of methodological tool essential to the project .Since its creation in the mid 1990’s the Prince2 has provided an output-oriented project management framework that has been used by many in the business world (Andersson et al, 2013). The Prince2 concept of management has been utilised by the Cheshire Constabulary in a positive manner dating from the year 2010 (Day, 2010). This system is credited with allowing the project to succeed and improve focus and overall results, yet at the same moment the case study acknowledges the support and human resources that were innate to the success of effort (Day, 2010). This is suggestive of the fact that human skills were needed during the effort. This perception that the framework allowed the leadership to remain on course and succeed in Cheshire, supports the need for an effective system. Yet, as Larsen et al (2013) argues in his project management work, the developing field of business requires new skills, which in turn continues to make the area of human resources essential to operations such as the Cheshire Constabulary. The Agile project management method employs an enhanced human component in order to attain goals and reach success (Larsen et al, 2013). Used more often in the world of technology and creativity, the Agile approach is different from the traditional planning method in that it is made up of many smaller elements combined, making it nearly impossible to plan beforehand (Larsen et al, 2013). The Agile project management process has been utilised at several high level projects that required creative and adaptive thinking with the inherent ability to find solutions outside of the norm. The United States Federal Bureau of Investigation, or FBI, uses the Agile method in their Sentinel Project to a notable success, demonstrating the effectiveness of the process (Wernham, 2012). During the course of this effort, the Agile system was credited with recognising the potential in the employee’s and providing the means for leadership to make the most of it (Wernham, 2012). This evidence sugge sts that the incorporation of increased human relations ability increases the capacity of the effort to succeed, even in a very high stress environment. A second example of the Agile project management system finding traction in the modern world is found in the company Mastak (Somal, 2013). The need for an adaptable platform that with the ability to incorporate international opportunities, led to the decision to use the Agile approach. With the development and conclusion of the initial project, the Agile system was credited with providing the company the knowledge to produce what their clients needed through a better appreciation of the human element (Somal, 2013). This application of enhanced human resources to aid in the communication and day to day interaction with consumers to increase use, suggests that the area there potential in this area to a low cost method of enhancing production. With each method, the utilisation of human resources and leadership is vital to the success of the project. This is suggestive that the developing methods such as Agile will become more prominent as the need for adaptability continues to grow.2.3 Human Resources Skill SetNew and developing skill sets are necessary in order to accommodate the evolving area of project management and human resources (Miller, 2013). New skills, including sharing the vision and making workshops available, begin to play a role in developing communication (Miller, 2013). Further, the opportunity to assess needed change allows for the leadership to anticipate the needs of their employees, which in turn must be carried out in planning for these needs to be met (Miller, 2013). This requirement for adaptability is best demonstrated by the leadership, which in turn provides impetus for others to be influenced, thereby creating the needed environment (Miller, 2013). Finally, there should be a continual effort o f communication education aimed at making the most of every personnel opportunity, thereby enriching the entire effort. At every step of these suggested enhancements rests the base requirement of increased psychological engagement with the employee’s in order to make the project possible 3. Conclusion The question of how much importance people skills are in the project management effort has been assessed in the body of this essay with several interesting results. Efforts from the turn of the century illustrate a growing awareness of the need for increased employee outreach and communication. This trend is further supported by the additional case studies presented throughout the first decade of the century highlighting the success of project management methods using increased human resource outreach. The developing world of international business, with software, internet concerns and banking leading the way, are demanding a more adaptable method of project management, which in turn requires managers and employees that have the capacity to change on a moment’s notice. As this essay has shown, the importance of people management to the overall project is as essential as the presence of resources and funding. In the end, the evidence presented in this essay clearly suggests th at lacking a primary component, such as people management skills, creates the potential for a diminished project. 4. References Andersson, L., Jackson, S. and Russell, S. (2013). Greening organizational behaviour: An introduction to the special issue. Journal of Organizational Behaviour, 34(2), pp.151–155. Cowie, G. (2003). The importance of people skills for project managers. Industrial and Commercial Training, 35(6), pp.256–258. Day, M. (2011). A Case Study: The Cheshire Constabulary Case Study. APM Group, 1(1), pp.1-15. Greenberg, J. and Colquitt, J. (2005). Handbook of organizational justice. 1st ed. Mahwah, N.J.: Lawrence Erlbaum Associates. Hiriyappa, B. (2009). Organizational behavior. 1st ed. New Delhi: New Age International. Kerzner, H. (2003). Project management workbook to accompany Project management – a systems approach to planning, scheduling and controlling, eighth edition. 1st ed. New York: Wiley. Krajewski, L. and Ritzman, L. (1999). Operations management. Reading, MA ua: Addison Wesley. Larsen, T. and Olaisen, J. (2013). Innovating strategically in information and knowledge management: Applications of organizational behavior theory. International Journal of Information Management, 33(5), pp.764–774. Ling, K. (2009). prInCE2Â ® 2009 pilot Case Study. Prince2, 1(1), pp.1-5. Lock, D. and Scott, L. (2013). Gower handbook of people in project management. 1st ed. Farnham, Surrey: Gower Publishing. Miller, D. (2013). Putting a people focus into project management. Project Manager Today, 1(1), p.1. Morgeson, F., Aguinis, H., Waldman, D. and Siegel, D. (2013). Extending corporate social responsibility research to the human resource management and organizational behavior domains: A look to the future. Personnel Psychology, 66(4), pp.805–824. Pandey, D. (2008). Rural project management. 1st ed. New Delhi: New Age International (P) Ltd., Publishers. Scott, N. (2010). Case Study: Using ITILÂ ® and PRINCE2Â ® Together. Axelos, 1(1), pp.1-10. Somal, V. (2013). Agile Project Management empowers teams at Mastek. APMG International, 1(1), pp.1-3. Wernham, B. (2012). Agile Project Management for Government Case study: Case study: The Success of the FBI Sentinel Project The Success of the F. Agile Business Conference, 1(1), pp.1-5. White, D. and Fortune, J. (2002). Current practice in project management—An empirical study.International Journal of Project Management, 20(1), pp.1–11.

Biblical Concept of Sin Article Example | Topics and Well Written Essays - 750 words

Biblical Concept of Sin - Article Example The present research has identified that the bible is the Christian’s guide to live a spiritually healthy life. The bible has many authors in the different books, who were inspired by God. The Bible teaches Christians to live a pure life with no sin; however, it does not provide a precise definition of sin. Instead, the Bible elaborates on remedies to sin. Like other doctrines, Kinghorn acknowledges the need to apply the concept of progressive revelation. In his attempt to reveal the biblical view of sin, Kinghorn studies the doctrine of sin in both the old and new testaments. He uses this approach in order to follow the revelation of the doctrine of sin throughout the centuries, from the creation of man, as God manifests himself in the human families setting. Kinghorn identifies numerous terms that look into the concept of sin in the Old Testament, which makes it an ideal study in order to understand the doctrine of sin. Mentions of sin in the Old Testament are in Hebrew, who se translations may distort the precise definition of the terms. In this article, we see sin as having an inward concept and an outside concept. The inward concept is best seen in the case of the tenth commandment, while the outside concept of sin is seen in cold-blooded murder. There are many concepts of sin including an act of wrongdoing with regard to ethics, breaking the law due to ill motive, and breaking the covenant of God as a deflection from the lawgiver.   giver. We also look at the doctrine of sin according to the new testament, as portrayed by Jesus through parables and Paul in his letters. The author concludes by relating the doctrine of sin to the opinions of Wesleyans. Critical interaction In defining sin according to the New Testament, Kinghorn looks at human family and the relation it had with God. The family setting in the Old Testament defined sin as an inward act, owing to the sins of our first parents, before it became an outward act. In this regard sin was seen as breaking the law, which made it punishable. According to the Hebrews, there was a clear distinction between sin, which was defined as an act of wrong doing, and what did not constitute sin. According to the book of Leviticus, sin was any act that was contrary to the command, whether it was done knowingly or unknowingly, due to ignorance. Kinghorn supports this claim by quoting the book of Leviticus 5: 17, which says "And if any one sin, and do any of the things wh ich Jehovah hath commanded not to be done, though he knew it not, yet is he guilty, and shall bear his iniquity." The Old Testament looks at both the ethical and legal concepts of sin. In the former, sin involves an act, while in the latter, it is about breaking a law, regardless of knowledge of its existence. Another kind of sin in the Old Testament is one that is not portrayed on the outside, like in the case of condemning murder only if it’s done willingly. Analysis of the sin according to the Old Testament is fouuunded on the idea of progression, whereby the concept of sin is revealed in various people and prophets as we move towards Christianity. Kinghorn identifies some bible characters that had greater vision than others, like in the case of Enoch. He also reveals another concept of sin that involves breaking the covenant of God that is built on human obedience. In such cases, sin is seen as a rebellion against God since the covenant forms the basis of the relationship between God and man. In the Old Testament, sin was seen as not only breaking the law, but also a deflection from the law giver. The analysis of sin according

Week13 Essay Example | Topics and Well Written Essays - 250 words - 1

Week13 - Essay Example A patent is a protection granted to an inventor that limits other people from using or selling an invention (Andersen, 2006). Patents protect the ideas of a person and limit anybody from using them without authorization from the patent holder. A grey market is created when people sell genuine trademarked goods without the permission of local trademark owner (Andersen, 2006). Such products are authorized and trademarked in a foreign nation and are of similar quality to those in the local market. It is a market where the products being bought or sold are not within the authorized trading channels of the manufacturer. Local businesses that have trademarks in the USA are highly affected by the grey market. Products in the grey market are of similar quality but come at lower prices. Due to this, a growing gray market reduces the profitability of the trademark owner in the USA. A grey market makes owning the trademark unworthy since the protection created by the trademark has no full

Improving Team Performance Article Example | Topics and Well Written Essays - 750 words

Improving Team Performance - Article Example e personality indicators, the objectives being given to the teams, the leadership and most commonly the organizational culture that helps in developing competent and effective teams. A person who is professionally well developed might not have the ability to work in collectivist society and might prefer to work alone. Moreover, few of the individuals prefer to act as passive partner regardless of their professional development point of view and this emancipates problems like social loafing. Keeping in view this, personnel selection and development is of critical importance Suman (2009). This is true to an extent because the organizations in an attempt to achieve the competitive advantage and to develop individuals in a way that they can work effectively in teams and can adapt to the changing environment work towards developing such strategies or hiring such agencies that can hunt the talent desired by the organization. This gives rise to the introduction of such training and development modules that aim to develop personnel professionally. Different models have been introduced to highlight the usefulness of personality and behavioral assessment instruments. DISC model is the one that relates that individuals and situations are related in a way that their behavior cannot be predicted and understood without proper understanding of environment Suman (2009). Critically analyzing this one can conclude that employees develop themselves at strategic level only when they understand their organizations’ culture and environment. Employees can work in teams effectively only when there are clear communication channels, the decentralization that enables employees to have their say in organizations’ decision making process and the ability to adapt to the changing organizations’ environment. In addition to this, the MBTI personality type is another assessment instrument that talks about the personality types. They argued that there are 16 types of personalities and all

Flag Burning Essay Example | Topics and Well Written Essays - 500 words

Flag Burning - Essay Example Indeed, the symbolism of the flag is so deeply embedded in national consciousness that Bourne (qtd in Schatz and Lavine, 2007: 329) was prompted to declare that "We reverence not our country but the flag. We may criticize ever so severely our country, but we are disrespectful to the flag at our peril." The difference lies in that the flag is a symbolic representation of all that which the nation is; the flag represents the past, present and future and is not associated with particular policies and governments, as may be the nation at any given time. It is within the context of that which the flag stands for that intolerance towards flag burning should be understood. Americans are intolerant of flag burning because it expresses disregard for those who lost their lives battling under the flag, disrespect for the institutions of the nation and, a symbolic attempt to deny national memories. The 1960s were the heyday of flag burning in the United States and even though many Americans sympathized with the politics which incited the said act, few were tolerant of it. As Boime (1990) notes, countless Americans opposed the Vietnam War and supported the Civil Rights but were enraged by the expression of the aforementioned through flag-burning.

Privatization of State Owned Enterprises Research Proposal

Privatization of State Owned Enterprises - Research Proposal Example Governments in developed countries (e.g. Britain and Japan) started privatizing SOEs in the early 1980s; by the late 1980s it had become apparent that a privatization revolution would sweep the world (Young, 1987). While the bulk of privatizations during the past decade occurred in developed countries, in recent years the emphasis has shifted to developing countries (The Economist, 1993). In these countries, capital markets can hardly absorb the large amounts of privatized equity, and governments are offering to sell SOEs to western multinationals as strategic owners (The Economist, 1993; Ramamurti, 1992). In addition, these countries look to western multinational enterprises for managerial and technical know-how. This trend creates possibilities for growth and entry into countries whose economies are currently expanding faster than most developed economies. While privatization in the 1980s created opportunities for portfolio investments, the 1990s also promise the control of privati zed firms through mergers and acquisitions (Freudenberg and Bird, 1991; Nankani, 1990; Ramamurti, 1992). For these reasons, privatization is considered here to be an international management concern. Empirical research and theory on direct investment into former SOEs, unfortunately, is scant. Economists generally agree that reducing government ownership of companies improves the macro-performance of an economy, and they also expect that a competitive environment and market discipline should increase the efficiency of the privatized firm (Donahue, 1989; Hutchinson, 1991; Ramamurti, 1992; Vickers and Yarrow, 1988). Empirical research on this latter point, however, has yielded conflicting results (Cook and Kirkpatrick, 1988; Hutchinson, 1991; Parker and Hartley, 1991). Strategic management research considering the performance of the SOE after it is acquired by a private firm is missing entirely. No mergers and acquisitions work has yet considered the purchase of SOEs, nor have researchers examined the conceptual relationship between traditional mergers and the acquisition of an enterprise from the government. On the one hand, the public/private shift inherent in privatization might imply that acquisition processes work differently for privately and publicly owned firms. The strategy, structure, and culture of the public organization can be expected to differ significantly from those of private firms because of the often special missions of SOEs and distinct environments in which they may be operating (Aharoni, 1986). Since post-acquisition integration processes are determined by the historic conditions of the merging firms (Nahavandi and Malekzadeh, 1988; Shrivastava, 1986), these differences may crucially influence the success of a merger between a private firm and a newly privatized SOE. The pre-acquisition conditions of the target also influence performance (Datta et al., 1992), and thus the distinctive contingencies of the SOE can be expected to affect post-acquisition performance as well. Furthermore, the objectives of a government selling an SOE are as much political -- that is, cat ering to specific stakeholder groups, for instance current employees of the SOE -- as economic, a fact that should significantly affect the negotiations and may also determine the post-privatization performance of the former SOE. Only recently has the strategic management literature begun to examine the implications of government policy for

Response book Essay Example | Topics and Well Written Essays - 500 words

Response book - Essay Example yzed by a car accident at an age of 19 years, but regardless of the physical limitation, he has led a very successful and remarkable life as a world-travelling journalist traversing through the hills or Iran and Afghanistan as well as navigating through the Middle Eastern terrain stretches of sand in his wheelchair. Despite his disability, he has achieved what many able-bodied journalists have only imagined. The depiction of the disabled in this book goes contrary to the contemporary social expectations and attitudes. This is because the disabled people are not given the same opportunities as other people and therefore, they are not expected to amount to something as big as John Hockenberry. Reading this book helped me appreciate the role of wisdom and perseverance in overcoming even the greatest of obstacles. I derive a sense of peace in knowing that even if the humanity is greatly flawed with many disappointments, we can always fulfil our dreams and purpose in life and enjoy it. This book has changed my perception about people with disability. The author portrays a picture of a person who does not give excuses for his disability in order to evade tasks and therefore, the aspects of disability does not form part of his identity. Instead, he is in the front line when covering the refugee stories in war torn Kurdish, Iran and Afghanistan. The most inspiring part is the story he covered in the Gulf war is a steep mountain while clinging to the back of a donkey. His story is that of an extraordinary journalist exceeding the bounds of expectations by venturing into scary situations. Even in the midst of humor, his stories draw the readers’ sympathy. By being a member of the minority group in the society based on his disability, he deeply connects with the dying people in Afghanistan and the dying children in Somalia which looks like his motivation. Despite the major achievement of people with disability, the book presents a society that still holds reservations

(Critical Analysis) Essay Example | Topics and Well Written Essays - 750 words

(Critical Analysis) - Essay Example She goes to the extent of looting to ensure that her sick brother gets daily medicine for his survival. The film shows some religious institutions, such as church, and they way they help suffering neighbors and members. Good neighbors, like Madea and Pastor Brian, take the responsibility of taking care of these young children by giving them food and ensuring they find their relatives in town. One of the relatives is the woman named April, who is the children’s aunty. She is a nightclub singer and an alcohol addict living with a married man who has ran away from the responsibility of taking care of his family. At the end of the film, she transforms from her past lifestyle into a loving and caring aunty and later gets married to Sandino; an immigrant who she accommodated in her basement. According to IMBd website, the film, cast actors and actress have been nominated and won several awards. Some of the awards include Bet Awards, Black Reel Awards and Image Awards in 2010. For ex ample, in 2010, Adams Rodriguez (Sandino in the film) won the Image Awards under â€Å"the Outstanding Character in a Motion Picture.† The film can be classified into three theories of communication namely inclusion, need for control and need for affection. The theory of inclusion applies in this film where Sandino a middle aged immigrant in search of work and a place to settle in a foreign country approaches church leaders for help. The church leader requests April to accommodate him, she allows her to stay in the basement. Sandino fits well in this theory as he seeks to be liked and loved by Jennifer and her little brothers. He goes to the extent of buying them the syringes and medicine for Jennifer’s younger brother. Jennifer wonders why he is concerned and good to them; according to her the world is unfair and presents a tough face to all the people in it. Sandino fights to be loved by all; April included, as he repairs one of the rooms and ensures that everything is in place for the comfort of the young ones. At the end, he comes out to defend Jennifer as he was about of be raped by April’s boy friend. Sandino makes April to transform her past behavior of mistreating her niece and nephews and addiction to alcohol. Sandino ends up to be loved by all in April’s family and church members, who end up organizing a nice wedding between him and April. The theory of need for control is also found in this film. One of the funny characters in this film is Madea, who is firm, in control and wants to be recognized as one in charge of the activities going on in her house and that of anyone she comes in contact with. The film introduces Madea from on set. She wakes up after Jennifer and her brothers try to loot her house. She firmly disrupts her husband’s sleep, she show her power of control when she invites Jennifer and her brothers to have a meal with them. She wants them to refer to her as ‘madam’ whenever they answer her questions. She shows the control in her by driving the children to April’s house. She orders one of them to knock the door as loud as he can until April wakes up. Madea commands April to take her niece and nephews, which she accepts without further argument. Although Madea may be seen as controlling freak, Jennifer goes to her to figure out how to pray. Though she did not understand the Biblical stories, she agreed to teach Jennifer. She extended her generosity by advising her how she could manage all her

The Impact of the War on Drugs on Puerto Ricans Essay

The Impact of the War on Drugs on Puerto Ricans - Essay Example The majority of Puerto Rican immigrants live in New York City, a circumstance that can be traced to post-World War II economic development programs, which ensured Puerto Rico's economic and political dependence on the U.S. It has and continues to have a colonial status with the United States. Crime in the Latino community, and specifically in Puerto Rico, has created a legacy of poverty, unemployment, and lack of education for the population, accelerated by drug prohibition. In 1994, the murder rate in Puerto Rico was the highest in the western hemisphere, with 73 percent classified by the police as "drug related." The article states the tendency among Latinos to follow overall trends throughout the U.S. with alcohol and cigarettes consumed far more than all illegal drugs combined. Nevertheless, the treatment of Latinos is unequal with a greater number of arrests in Latino neighborhoods. The high number of young people incarcerated has a negative effect on the lives of families and neighborhoods. In addition, the war on drugs focuses on Latino gangs in New York City and Puerto Rico, with the Kings and Queens and the Netas of particular interest to law enforcement. The article further states that the war on drugs has acted as a catalyst to the AIDS epidemic. AIDS is the leading cause of death among young adult Latinos in the United States and more than half are injection-related. In addition, people who live both on the island of Puerto Rico and in the United States have a much higher incidence of injection-related AIDS than do other Latino groups living in the United States.The relationship of the United States to Latin America and the Caribbean has been characterized as neocolonialism and is often considered a humanitarian gesture. However, rather than help them gain self-sufficiency, it becomes a means by which the United States government has exerted economic and political control. This is a long-term situation. By the 1960s, a period of great experimentation with drugs, the war on drugs shifted from federal to state and local bodies. However, when the Knapp Commission of 1968 convened and police corruption made headlines across the nation, the police took a hands-off policy and looked to the cartel lords. This policy allowed drug distribution organizations to build empires in neighborhoods no longer the focus of police. In Puerto Rico, the war on drugs followed in U.S. footsteps due to its continuing colonial status. Summary Barrios and Curtis (1998) make it very clear that only with legalization of all personality-enhancing drugs, along with alcohol and cigarettes, can a solution to the drug problem be found. By focusing on Puerto Rican immigrants in the United States, specifically in New York City, as well as those on the island of Puerto Rico, and continuing with a case study of a specific family, showing the way in which desperate needs bring about desperate means, these two authors show how the present system of laws against drugs accelerate rather than resolve the problem. In describing the Santuree family, the authors offered a microcosm of the drug problem within the experiences of one dysfunctional family, which shows clearly how the problems were escalated by poverty, unemployment, lack of medical care, lack of suitable housing, and ultimately following the apparent economic promise of drug dealing and the resulting

Exogenous Auditory Spatial Attention Essay Example for Free

Exogenous Auditory Spatial Attention Essay Experiment one and two investigated exogenous covert auditory spatial attention. Experiment two used a white noise cue while experiment one used a 1000 Hz pure tone. Replacing the 1000 Hz with the white noise was deemed necessary due to a majority of the subjects in experiment one who reported high height discrimination with the pure tone. In both experiments a significant response time advantage was found for valid cues at the short SOA of 200ms. While there was no statistical advantage found for valid cues at the longer SOA’s of both 500ms and 1100ms. The results obtained mirror those found by Spence Driver (1994) for exogenous processing in that valid cues produced a response time advantage for short cue-target SOA’s. Exogenous processing of attention according to Posner (1980) refers to events controlling the orienting of attention outside the mechanisms or more specifically stimulus driven responses. The presence of the cue even if it is uninformative have led attention to focus on it albeit in a very short time and hence improved response time but for the short SOA only, it seems that when the SOA increases it takes more time to respond to the stimuli. Endogenous orienting is said to be a cognitive process wherein attention is â€Å"pushed† to the location where the target is expected (Spence Driver, 1994). Experiments 3, 4 and 5 tested endogenous auditory attention as opposed to the first two experiments which tested exogenous processing. Experiment 3 was similar to one of Spence and Driver’s experiment (4, 1994) with a slight variation in that informative cues were generated from a 3-dimensional sound apparatus. The informative cues used differed from the uninformative spatial cues of experiment 1 and 2. It was found that for this experiment (3) response time was faster for all SOA levels. The results differed from the first experiment where response time was found for the short term SOA (200ms) only. This tells us that in exogenous â€Å"stimulus driven† cueing, response time advantage is faster for the short term SOA because the attention is reacting only to the stimulus and it is for the short SOA only (100-500ms) when reaction to stimulus is immediate, as demonstrated in the first two experiments there is a drop-off in response time with longer SOA (600ms+). This drop-off in response time is referred to as inhibition of return and is a cost to the attentional system. In other words, when the subject knows that the cue is not helpful in determining the location of the target, the cue would be ignored, but right immediately the cue, attention is drawn to it even if unintentionally and for a very short time. Thus, when no other useful information is presented in that area of space the attentional focus wanders to other possible target locations. The faster response time for all SOA levels in experiment 3 says that the use of informative cues pushes attention towards the target. It was predicted that significant response time advantage would occur at the middle and long SOA levels (500ms and 1100ms) for valid cues as opposed to the invalid cues. It is clear that when subjects are cued as to the likely location of the target they attend to and use this information in looking for the location of the target. On acquisition of the cue information, the subject can shift spatial attention to the likely location of the subsequent target location. Due to the cognitive nature of the allocation of spatial attention to the cued location, believed to be a longer process than that of a stimulus driven attention capture, a strong response time advantage may not be found at short SOA (100-300ms). A cognitive based search for the target location would necessarily entail neural processes and this are indicative of covert orienting and is indicative that there is covert auditory attention as claimed by Spence and Driver (1994). In experiment 3 a significant response time advantage was found at all SOA’s for valid cues. Despite the significant response time advantage found for valid cues at the short SOA (200ms), these results were expected. Theory suggests that with a cognitive based search an informative cue will aid the detection and discrimination of a subsequent target at the cued location. This was observed in the results obtained with all SOA conditions showing a significant response time advantage. While the significant response time advantage found for the short SOA condition (200ms) is not necessary expected with a cognitive based cue, the cue used in experiment 3 (and in subsequent experiment 5) was both informative and spatial based. Therefore theory would suggest that both exogenous and endogenous processing would occur. The initial capture of attention to the spatial location of the cue would aid response time advantage at the short SOA condition (200ms), while the knowledge that the cue is informative would keep attention focused on the spatial location of the cue for longer aiding response time advantage for the other SOA conditions (500ms 1100ms). The results of experiment 3 however led to the question of whether spatial component of the informative cues affected the response time of the subjects, since like Spence and Driver (1994) the experimental conditions for experiment three was a combination of endogenous and exogenous factors. To test for a purely endogenous orientation, experiment four was carried out with this objective.

Film Studies Essays Goodfellas

Film Studies Essays Goodfellas Critical analysis of American crime film Goodfellas. Focusing on the attitudes towards criminality and law suggested in this film. American cinema seems to have always had a preoccupation with crime and criminals, which is a testament not just to the proliferation of the crime genre, but to the quality of its luminaries.   Of course it helps that James Cagney and the gangster flicks of the thirties and forties were drawing in crowds at the same time as one of America’s greatest crime writers, Raymond Chandler, was creating private eye masterpieces such as The Big Sleep, and adapting other works such as Double Indemnity (Billy Wilder, 1944) for the screen.   One of the largest audience drawing genre types of the forties behind melodrama and musical, it’s not hard to see how Bogart Bacall, Chandler, Wilder, Cagney, Spillane and Aldrich could go on to influence both mainstream an alternative cinema for over half a century. Of course this is not to diminish the overseas influence on the crime genre (and of course its many sub-genres), and in particular of Godard and Truffaut and Melville’s French new wave, the nouvelle vague, and its flagship text A Bout De Souffle (Godard, 1960), whose acknowledgement of cinematic technique tied up in the very act of telling a cinematic tall tale can be seen as a direct precursor to Tarantino’s post-modern technique of actively referencing other films in his own work (see the glowing briefcase in Pulp Fiction [1994] which references the uranium filled briefcase in Kiss Me, Deadly [Aldrich, 1955]). So we can see that cinema has had an active preoccupation with criminality for the best part of seventy years.   Whilst film noir and the gangster films of the thirties tend to focus on the structure of good versus bad and the devolution of the good, Tarantino’s earlier works fuse together conventional cinematic notions of crime and criminality with the comic-realistic spanner-in-the-works of occupational mishaps (e.g. killing of a victim and the ensuing difficulty in covering up the mess, or a consideration of how long it actually takes an abdominal gun-shot wound to kill a man).   In this essay I shall be considering how Martin Scorsese’s Goodfellas (1990) presents ideas of crime and its relation to violence. One of the few Scorsese films post-Raging Bull (1980) to receive much critical acclaim (along with most recent outing The Aviator, 2004), Goodfellas maintains the ambivalent attitude toward violence that we can also see in Raging Bull and Taxi Driver (1976), although it is a far less visually brutal film.   Instead the brutality comes through the constant underlying pressure of impending violence, which exists throughout like a drum track pounding out the rhythm in every scene.   Similar also to these two other films, and to Mean Streets, there is a tension that exists is his work between the repellent nature of his characters’ violent outbursts, and our sympathy with, for instance, Travis’ loneliness and isolation, Jake’s feelings of betrayal and the cultural limitations laid upon his masculinity, or Henry’s drive for success and his relative restraint compared to his associates.   Steve Neale and Murray Smith state that: â€Å"This ambivalent attitude to its protagonist is what makes Taxi Driver a great film. It is a film fuelled by the tension of sympathising with Travis’ loneliness while being repelled by his violent, anti-social behaviour. This is echoed in the tension between the reality of the street scenes and the lavish and seductive cinematography (by Michael Chapman) and music (by Bernard Herrmann).† There is a similar relationship between the visual and aural aesthetics in Goodfellas and the constant simmering presence of violence.   Far more than these previous dealings with violence, crime and masculinity, Goodfellas is a visually pleasing film, all bright colours and smooth camera work, and even the scenes of violence are not nearly as vividly potent as Travis’ shoot-out in the finale to Taxi Driver.   Whereas in Mean Streets the aural gleefulness of the soul soundtrack was tempered and contrasted by the verite starkness and of its imagery (the proliferation of hand-held camera work, the red-light tainted nightclub scene, the natural light in Harvey Keitel’s apartment), in Goodfellas the up-tempo soundtrack is accompanied by a camera which prowls smoothly on cranes and dollies, and lighting which brings out the colours of his characters’ expensive and brash clothing and houses.   More than his earlier works, the aesthetic of Goodfellas is typically cinematic – there is none of the gritty, subversive, nouveau vague inspired imagery. The relevance of this is in Scorsese’s sympathetic response to Henry’s preoccupation with the trappings of power and prestige that his violent ways have afforded him.   Even at the climax of the film, when Henry is released into the safe anonymity of the witness protection programme, and surrounded by suburban comfort, he can’t help but miss the privileges and excitement of ‘the life’.   When Henry asks Karen to hide his gun for him, having witnessed him viciously beat a young man who came on too strong, she was not repelled by his violent masculinity, but admits that â€Å"it turned me on†.   In a film of such explosive violence and derogatory machismo, perhaps the most shocking violent outburst comes in the first act when the young Henry is struck by his father for skipping school.   What is most shocking is the casual manner in which Henry as narrator recalls this domestic abuse – he recalls he had to â€Å"take a few beatin gs†, but in the long run he stills feels it was well worth it.   Henry, like Karen, is intoxicated by the power, money and lavish material gains that ‘the life’ can afford him and his family.   The constant presence of violence made erratic by ego, and the need to carry out vile deeds such as burying a foul smelling corpse, or to go through violent domestic abuse, are merely the downsides of the job – like back pain to a construction worker, or knee damage to a sportsman, and it is this tension, this acceptance of violence as an everyday occurrence, which Scorsese explores.   Like Henry, who is more sensitive than Tommy and Jimmy, the audience experience the pleasurable excesses and comforts alongside the brutal and repellent nature of the work, and neither is solely celebrated or derided in isolation.   Neale and Smith state: â€Å"Scorsese [does not want] to completely distance himself from Travis in order to make an explicitly polemical film against vigilantism and everything else unpleasant about the character. This is the type of film perhaps Robert Altman or Stanley Kubrick would have made. But Scorsese rarely wants this kind of distance from his characters, and his films contain a dynamism few others achieve because of this.† The film is famous for the manner in which its violence explodes out of seemingly innocuous situations, and we can see this reflected in the way Tommy lashes out at the poor young waiter who can’t keep a tight enough hold on his mouth, shooting him in the foot and then later killing him.   In this instance, it is the unavoidable flaws in the characteristics of these men that escalate into bloody violence, and this is a theme which is continued throughout – more often that not, it is the characters inability to avoid their own greed or their own machismo which leads to their downfall.   The young waiter thinks Tommy is too big for his boots, and can’t help but keep adding a little smart line under his breath, even though he knows he is pushing it with a dangerous man.   In the same way as Tommy, he refuses to let someone steal whatever level of dominance and respect he may have, however little, even if it increases the threat of injury, or even death.   Li kewise Tommy’s downfall comes in his inability to get comfortable in his station, to tone down his tough-little-guy, bull-in-a-china-shop persona, until he finally realises his mistake with a quiet â€Å"Oh no† as he heads off not to become a made-man, but to be shot in the head.   It is this terminal ambition, this tendency to always want more – more power, more money, more cocaine, more respect – which instigates the violence.   So then we can see not just in Goodfellas but throughout Scorsese’s work, there exists tempered a consideration of the repellent nature of violent crime tangled up in a close study of character, and the forces that drive these criminals to their acts of criminality.   For all its set pieces and murders, the most memorable aspect of Goodfellas is the way in which the flaws in these characters personalities and the overtly masculine posturing nature of their world always instigate and escalate the violence, and ultimately bring about their own downfall – Tommy’s slaying of a made man is brought on by the man’s big mouth and his desire to have the last word, as well as Tommy’s indignation at someone trying to confirm his seniority over him.   Like many of the scenes in the film, it starts off banal and escalates through both characters’ inability to calm the situation until one of them is dead.   At the heart of this is Tommy’s diss atisfaction with his status – he has some respect, but he wants more.   Likewise Jimmy has some power and a big share of their Lufthansa cash, but he wants more.   Henry and Karen want more cocaine, more time, a more casual lifestyle.   Scorsese seems to be suggesting that crime does pay, just not enough. BIBLIOGRAPHY: John Belton, American Cinema/American Culture, McGraw/Hill, 1994 John Belton, Movies and Mass Culture, Athlone Press, 1996 Steven Cohan and Ina Rae Hark, Screening The Male, Routledge, 1993 Steve Neale and Murray Smith, Contemporary Hollywood Cinema, Routledge, 1998 Robert Warshow, The gangster as tragic hero in The Immediate Experience, Harvard Press, 1962 Robin Wood, Hollywood from Vietnam to Reagan, Columbia, 1986 Justin Wyatt, High Concept, University of Texas, 1994

Technology for Network Security

Technology for Network Security 2.0 CHAPTER TWO 2.1 INTRODUCTION The ever increasing need for information technology as a result of globalisation has brought about the need for an application of a better network security system. It is without a doubt that the rate at which computer networks are expanding in this modern time to accommodate higher bandwidth, unique storage demand, and increase number of users can not be over emphasised. As this demand grows on daily bases, so also, are the threats associated with it. Some of which are, virus attacks, worm attacks, denial of services or distributed denial of service attack etc. Having this in mind then call for swift security measures to address these threats in order to protect data reliability, integrity, availability and other needed network resources across the network. Generally, network security can simply be described as a way of protecting the integrity of a network by making sure authorised access or threats of any form are restricted from accessing valuable information. As network architecture begins to expand, tackling the issue of security is becomes more and more complex to handle, therefore keeping network administrators on their toes to guard against any possible attacks that occurs on daily basis. Some of the malicious attacks are viruses and worm attacks, denial of service attacks, IP spoofing, cracking password, Domain Name Server (DNS) poisoning etc. As an effort to combat these threats, many security elements have been designed to tackle these attacks on the network. Some of which includes, firewall, Virtual Private Network (VPN), Encryption and Decryption, Cryptography, Internet Protocol Security (IPSec), Data Encryption Standard (3DES), Demilitarised Zone, (DMZ), Secure Shell Layer (SSL) etc. This chapter starts by briefly discussi ng Internet Protocol (IP), Transmission Control Protocol (TCP), User datagram Protocol (UDP), Internet Control Message Protocol (ICMP), then discussed the Open system interconnection (OSI) model and the protocols that operate at each layer of the model, network security elements, followed by the background of firewall, types and features of firewalls and lastly, network security tools. 2.2 A BRIEF DESCRIPTION OF TCP, IP, UDP AND ICMP 2.2.1 DEFINITION Going by the tremendous achievement of the World Wide Web (internet), a global communication standard with the aim of building interconnection of networks over heterogeneous network is known as the TCP/IP protocol suite was designed (Dunkels 2003; Global Knowledge 2007; Parziale et al 2006). The TCP/IP protocol suite is the core rule used for applications transfer such as File transfers, E-Mail traffics, web pages transfer between hosts across the heterogeneous networks (Dunkels 2003; Parziale et al 2006). Therefore, it becomes necessary for a network administrator to have a good understanding of TCP/IP when configuring firewalls, as most of the policies are set to protect the internal network from possible attacks that uses the TCP/IP protocols for communication (Noonan and Dobrawsky 2006). Many incidents of network attacks are as a result of improper configuration and poor implementation TCP/IP protocols, services and applications. TCP/IP make use of protocols such as TCP, UDP, IP, ICMP etc to define rules of how communication over the network takes place (Noonan and Dobrawsky 2006). Before these protocols are discussed, this thesis briefly looks into the theoretical Open Systems Interconnection (OSI) model (Simoneau 2006). 2.2.2 THE OSI MODEL The OSI model is a standardised layered model defined by International Organization for Standardization (ISO) for network communication which simplifies network communication to seven separate layers, with each individual layer having it own unique functions that support immediate layer above it and at same time offering services to its immediate layer below it (Parziale et al 2006; Simoneau 2006). The seven layers are Application, Presentation, Session Transport, Network, Data, Link and Physical layer. The first three lower layers (Network, Data, Link and Physical layer) are basically hardware implementations while the last four upper layers (Application, Presentation, Session and Transport) are software implementations. Application Layer This is the end user operating interface that support file transfer, web browsing, electronic mail etc. This layer allows user interaction with the system. Presentation Layer This layer is responsible for formatting the data to be sent across the network which enables the application to understand the message been sent and in addition it is responsible for message encryption and decryption for security purposes. Session Layer This layer is responsible for dialog and session control functions between systems. Transport layer This layer provides end-to-end communication which could be reliable or unreliable between end devices across the network. The two mostly used protocols in this layer are TCP and UDP. Network Layer This layer is also known as logical layer and is responsible for logical addressing for packet delivery services. The protocol used in this layer is the IP. Data Link Layer This layer is responsible for framing of units of information, error checking and physical addressing. Physical Layer This layer defines transmission medium requirements, connectors and responsible for the transmission of bits on the physical hardware (Parziale et al 2006; Simoneau 2006). 2.2.3 INTERNET PROTOCOL (IP) IP is a connectionless protocol designed to deliver data hosts across the network. IP data delivery is unreliable therefore depend on upper layer protocol such as TCP or lower layer protocols like IEEE 802.2 and IEEE802.3 for reliable data delivery between hosts on the network.(Noonan and Dobrawsky 2006) 2.2.4 TRANSMISSION CONTROL PROTOCOL (TCP) TCP is a standard protocol which is connection-oriented transport mechanism that operates at the transport layer of OSI model. It is described by the Request for Comment (RFC) 793. TCP solves the unreliability problem of the network layer protocol (IP) by making sure packets are reliably and accurately transmitted, errors are recovered and efficiently monitors flow control between hosts across the network. (Abie 2000; Noonan and Dobrawsky 2006; Simoneau 2006). The primary objective of TCP is to create session between hosts on the network and this process is carried out by what is called TCP three-way handshake. When using TCP for data transmission between hosts, the sending host will first of all send a synchronise (SYN) segment to the receiving host which is first step in the handshake. The receiving host on receiving the SYN segment reply with an acknowledgement (ACK) and with its own SYN segment and this form the second part of the handshake. The final step of the handshake is the n completed by the sending host responding with its own ACK segment to acknowledge the acceptance of the SYN/ACK. Once this process is completed, the hosts then established a virtual circuit between themselves through which the data will be transferred (Noonan and Dobrawsky 2006). As good as the three ways handshake of the TCP is, it also has its short comings. The most common one being the SYN flood attack. This form of attack occurs when the destination host such as the Server is flooded with a SYN session request without receiving any ACK reply from the source host (malicious host) that initiated a SYN session. The result of this action causes DOS attack as destination host buffer will get to a point it can no longer take any request from legitimate hosts but have no other choice than to drop such session request (Noonan and Dobrawsky 2006). 2.2.5 USER DATAGRAM PROTOCOL (UDP) UDP unlike the TCP is a standard connectionless transport mechanism that operates at the transport layer of OSI model. It is described by the Request for Comment (RFC) 768 (Noonan and Dobrawsky 2006; Simoneau 2006). When using UDP to transfer packets between hosts, session initiation, retransmission of lost or damaged packets and acknowledgement are omitted therefore, 100 percent packet delivery is not guaranteed (Sundararajan et al 2006; Postel 1980). UDP is designed with low over head as it does not involve initiation of session between hosts before data transmission starts. This protocol is best suite for small data transmission (Noonan and Dobrawsky 2006). 2.2.6 INTERNET CONTROL MESSAGE PROTOCOL (ICMP). ICMP is primarily designed to identify and report routing error, delivery failures and delays on the network. This protocol can only be used to report errors and can not be used to make any correction on the identified errors but depend on routing protocols or reliable protocols like the TCP to handle the error detected (Noonan and Dobrawsky 2006; Dunkels 2003). ICMP makes use of the echo mechanism called Ping command. This command is used to check if the host is replying to network traffic or not (Noonan and Dobrawsky 2006; Dunkels 2003). 2.3 OTHER NETWORK SECURITY ELEMENTS. 2.3.1 VIRTUAL PRIVATE NETWORK (VPN) VPN is one of the network security elements that make use of the public network infrastructure to securely maintain confidentiality of information transfer between hosts over the public network (Bou 2007). VPN provides this security features by making use of encryption and Tunneling technique to protect such information and it can be configured to support at least three models which are Remote- access connection. Site-to-site ( branch offices to the headquarters) Local area network internetworking (Extranet connection of companies with their business partners) (Bou 2007). 2.3.2 VPN TECHNOLOGY VPN make use of many standard protocols to implement the data authentication (identification of trusted parties) and encryption (scrambling of data) when making use of the public network to transfer data. These protocols include: Point-to-Point Tunneling Protocol PPTP [RFC2637] Secure Shell Layer Protocol (SSL) [RFC 2246] Internet Protocol Security (IPSec) [RFC 2401] Layer 2 Tunneling Protocol (L2TP) [RFC2661] 2.3.2.1 POINT-TO-POINT TUNNELING PROTOCOL [PPTP] The design of PPTP provides a secure means of transferring data over the public infrastructure with authentication and encryption support between hosts on the network. This protocol operates at the data link layer of the OSI model and it basically relies on user identification (ID) and password authentication for its security. PPTP did not eliminate Point-to-Point Protocol, but rather describes better way of Tunneling PPP traffic by using Generic Routing Encapsulation (GRE) (Bou 2007; Microsoft 1999; Schneier and Mudge 1998). 2.3.2.2 LAYER 2 TUNNELING PROTOCOL [L2TP] The L2TP is a connection-oriented protocol standard defined by the RFC 2661which merged the best features of PPTP and Layer 2 forwarding (L2F) protocol to create the new standard (L2TP) (Bou 2007; Townsley et al 1999). Just like the PPTP, the L2TP operates at the layer 2 of the OSI model. Tunneling in L2TP is achieved through series of data encapsulation of the different levels layer protocols. Examples are UDP, IPSec, IP, and Data-Link layer protocol but the data encryption for the tunnel is provided by the IPSec (Bou 2007; Townsley et al 1999). 2.3.2.3 INTERNET PROTOCOL SECURITY (IPSEC) [RFC 2401] IPSec is a standard protocol defined by the RFC 2401 which is designed to protect the payload of an IP packet and the paths between hosts, security gateways (routers and firewalls), or between security gateway and host over the unprotected network (Bou 2007; Kent and Atkinson 1998). IPSec operate at network layer of the OSI model. Some of the security services it provides are, authentication, connectionless integrity, encryption, access control, data origin, rejection of replayed packets, etc (Kent and Atkinson 1998). 2.3.3.4 SECURE SOCKET LAYER (SSL) [RFC 2246] SSL is a standard protocol defined by the RFC 2246 which is designed to provide secure communication tunnel between hosts by encrypting hosts communication over the network, to ensure packets confidentiality, integrity and proper hosts authentication, in order to eliminate eavesdropping attacks on the network (Homin et al 2007; Oppliger et al 2008). SSL makes use of security elements such as digital certificate, cryptography and certificates to enforce security measures over the network. SSL is a transport layer security protocol that runs on top of the TCP/IP which manage transport and routing of packets across the network. Also SSL is deployed at the application layer OSI model to ensure hosts authentication (Homin et al 2007; Oppliger et al 2008; Dierks and Allen 1999). 2.4 FIREWALL BACKGROUND The concept of network firewall is to prevent unauthorised packets from gaining entry into a network by filtering all packets that are coming into such network. The word firewall was not originally a computer security vocabulary, but was initially used to illustrate a wall which could be brick or mortar built to restrain fire from spreading from one part of a building to the other or to reduce the spread of the fire in the building giving some time for remedial actions to be taken (Komar et al 2003). 2.4.1BRIEF HISTORY OF FIREWALL Firewall as used in computing is dated as far back as the late 1980s, but the first set of firewalls came into light sometime in 1985, which was produced by a Ciscos Internet work Operating System (IOS) division called packet filter firewall (Cisco System 2004). In 1988, Jeff Mogul from DEC (Digital Equipment Corporation) published the first paper on firewall. Between 1989 and 1990, two workers of the ATT Bell laboratories Howard Trickey and Dave Persotto initiated the second generation firewall technology with their study in circuit relays called Circuit level firewall. Also, the two scientists implemented the first working model of the third generation firewall design called Application layer firewalls. Sadly enough, there was no published documents explaining their work and no product was released to support their work. Around the same year (1990-1991), different papers on the third generation firewalls were published by researchers. But among them, Marcus Ranums work received the most attention in 1991 and took the form of bastion hosts running proxy services. Ranums work quickly evolved into the first commercial product—Digital Equipment Corporations SEAL product (Cisco System 2004). About the same year, work started on the fourth generation firewall called Dynamic packet filtering and was not operational until 1994 when Check Point Software rolled out a complete working model of the fourth generation firewall architecture. In 1996, plans began on the fifth generation firewall design called the Kernel Proxy architecture and became reality in 1997 when Cisco released the Cisco Centri Firewall which was the first Proxy firewall produced for commercial use (Cisco System 2004). Since then many vendor have designed and implemented various forms of firewall both in hardware and software and till date, research works is on going in improving firewalls architecture to meet up with ever increasing challenges of network security. 2.5 DEFINITION According to the British computer society (2008), Firewalls are defence mechanisms that can be implemented in either hardware or software, and serve to prevent unauthorized access to computers and networks. Similarly, Subrata, et al (2006) defined firewall as a combination of hardware and software used to implement a security policy governing the flow of network traffic between two or more networks. The concept of firewall in computer systems security is similar to firewall built within a building but differ in their functions. While the latter is purposely designed for only one task which is fire prevention in a building, computer system firewall is designed to prevent more than one threat (Komar et al 2003).This includes the following Denial Of Service Attacks (DoS) Virus attacks Worm attack. Hacking attacks etc 2.5.1 DENIAL OF SERVICE ATTACKS (DOS) â€Å"Countering DoS attacks on web servers has become a very challenging problem† (Srivatsa et al 2006). This is an attack that is aimed at denying legitimate packets to access network resources. The attacker achieved this by running a program that floods the network, making network resources such as main memory, network bandwidth, hard disk space, unavailable for legitimate packets. SYN attack is a good example of DOS attacks, but can be prevented by implementing good firewall polices for the secured network. A detailed firewall policy (iptables) is presented in chapter three of this thesis. 2.5.2 VIRUS AND WORM ATTACKS Viruses and worms attacks are big security problem which can become pandemic in a twinkle of an eye resulting to possible huge loss of information or system damage (Ford et al 2005; Cisco System 2004). These two forms of attacks can be programs designed to open up systems to allow information theft or programs that regenerate themselves once they gets into the system until they crashes the system and some could be programmed to generate programs that floods the network leading to DOS attacks. Therefore, security tools that can proactively detect possible attacks are required to secure the network. One of such tools is a firewall with good security policy configuration (Cisco System 2004). Generally speaking, any kind of firewall implementation will basically perform the following task. Manage and control network traffic. Authenticate access Act as an intermediary Make internal recourses available Record and report event 2.5.3 MANAGE AND CONTROL NETWORK TRAFFIC. The first process undertaken by firewalls is to secure a computer networks by checking all the traffic coming into and leaving the networks. This is achieved by stopping and analysing packet Source IP address, Source port, Destination IP address, Destination port, IP protocol Packet header information etc. in order decide on what action to take on such packets either to accept or reject the packet. This action is called packet filtering and it depends on the firewall configuration. Likewise the firewall can also make use of the connections between TCP/IP hosts to establish communication between them for identification and to state the way they will communicate with each other to decide which connection should be permitted or discarded. This is achieved by maintaining the state table used to check the state of all the packets passing through the firewall. This is called stateful inspection (Noonan and Dobrawsky 2006). 2.5.4 AUTHENTICATE ACCESS When firewalls inspects and analyses packets Source IP address, Source port, Destination IP address, Destination port, IP protocol Packet header information etc, and probably filters it based on the specified security procedure defined, it does not guarantee that the communication between the source host and destination host will be authorised in that, hackers can manage to spoof IP address and port action which defeats the inspection and analysis based on IP and port screening. To tackle this pit fall over the network, an authentication rule is implemented in firewall using a number of means such as, the use of username and password (xauth), certificate and public keys and pre-shared keys (PSKs).In using the xauth authentication method, the firewall will request for the source host that is trying to initiate a connection with the host on the protected network for its username and password before it will allow connection between the protected network and the source host to be establi shed. Once the connection is been confirmed and authorised by the security procedure defined, the source host need not to authenticate itself to make connection again (Noonan and Dobrawsky 2006). The second method is using certificates and public keys. The advantage of this method over xauth is that verification can take place without source host intervention having to supply its username and password for authentication. Implementation of Certificates and public keys requires proper hosts (protected network and the source host) configuration with certificates and firewall and making sure that protected network and the source host use a public key infrastructure that is properly configured. This security method is best for big network design (Noonan and Dobrawsky 2006). Another good way of dealing with authentication issues with firewalls is by using pre-shared keys (PSKs). The implementation of PSKs is easy compare to the certificates and public keys although, authentication still occur without the source host intervention its make use of an additional feature which is providing the host with a predetermined key that is used for the verification procedure (Noonan and Dobrawsky 2006). 2.5.5 ACT AS AN INTERMEDIARY When firewalls are configured to serve as an intermediary between a protected host and external host, they simply function as application proxy. The firewalls in this setup are configured to impersonate the protected host such that all packets destined for the protected host from the external host are delivered to the firewall which appears to the external host as the protected host. Once the firewalls receive the packets, they inspect the packet to determine if the packet is valid (e.g. genuine HTTT packet) or not before forwarding to the protected host. This firewall design totally blocks direct communication between the hosts. 2.5.6 RECORD AND REPORT EVENTS While it is good practise to put strong security policies in place to secure network, it is equally important to record firewalls events. Using firewalls to record and report events is a technique that can help to investigate what kind of attack took place in situations where firewalls are unable to stop malicious packets that violate the access control policy of the protected network. Recording this event gives the network administrator a clear understanding of the attack and at the same time, to make use of the recorded events to troubleshoot the problem that as taken place. To record these events, network administrators makes use of different methods but syslog or proprietary logging format are mostly used for firewalls. However, some malicious events need to be reported quickly so that immediate action can be taken before serious damage is done to the protected network. Therefore firewalls also need an alarming mechanism in addition to the syslog or proprietary logging format whe n ever access control policy of the protected network is violated. Some types of alarm supported by firewalls include Console notification, Simple Network Management Protocol (SNMP), Paging notification, E-mail notification etc (Noonan and Dobrawsky 2006). Console notification is a warning massage that is presented to the firewall console. The problem with this method of alarm is that, the console needs to be monitored by the network administrator at all times so that necessary action can be taken when an alarm is generated. Simple Network Management Protocol (SNMP) notification is implemented to create traps which are transferred to the network management system (NMS) monitoring the firewall. Paging notification is setup on the firewall to deliver a page to the network administrator whenever the firewall encounters any event. The message could be an alphanumeric or numeric depending on how the firewall is setup. E-mail notification is similar to paging notification, but in this case, the firewall send an email instead to proper address. 2.6 TYPES OF FIREWALLS Going by firewall definition, firewalls are expected to perform some key functions like, Application Proxy, Network Translation Address, and Packet filtering. 2.6.1 APPLICATION PROXY This is also known as Application Gateway, and it acts as a connection agent between protected network and the external network. Basically, the application proxy is a host on the protected network that is setup as proxy server. Just as the name implies, application proxy function at the application layer of the Open System Interconnection (OSI) model and makes sure that all application requests from the secured network is communicated to the external network through the proxy server and no packets passes through from to external network to the secured network until the proxy checks and confirms inbound packets. This firewall support different types of protocols such as a Hypertext Transfer Protocol (HTTP), File Transfer Protocol (FTP) and Simple Mail Transport Protocol (SMTP) (Noonan and Dobrawsky 2006; NetContinuum 2006). 2.6.2 NETWORK ADDRESS (NAT) NAT alter the IP addresses of hosts packets by hiding the genuine IP addresses of secured network hosts and dynamically replacing them with a different IP addresses (Cisco System 2008; Walberg 2007). When request packets are sent from the secured host through the gateway to an external host, the source host address is modified to a different IP address by NAT.  When the reply packets arrives at the gateway, the NAT then replaces the modified address with genuine host address before forwarding it to the host (Walberg 2007).The role played by NAT in a secured network system makes it uneasy for unauthorized access to know: The number of hosts available in the protected network The topology of the network The operating systems the host is running The type of host machine (Cisco System 2008). 2.6.3 PACKET FILTERING. â€Å"Firewalls and IPSec gateways have become major components in the current high speed Internet infrastructure to filter out undesired traffic and protect the integrity and confidentiality of critical traffic† (Hamed and Al-Shaer 2006). Packet filtering is based on the lay down security rule defined for any network or system. Filtering traffic over the network is big task that involves comprehensive understanding of the network on which it will be setup. This defined policy must always be updated in order to handle the possible network attacks (Hamed and Al-Shaer 2006). 2.6.4 INSTRUCTION DETECTION SYSTEMS. Network penetration attacks are now on the increase as valuable information is being stolen or damaged by the attacker. Many security products have been developed to combat these attacks. Two of such products are Intrusion Prevention systems (IPS) and Intrusion Detection Systems (IDS). IDS are software designed to purposely monitor and analysed all the activities (network traffic) on the network for any suspicious threats that may violate the defined network security policies (Scarfone and Mell 2007; Vignam et al 2003). There are varieties of methods IDS uses to detect threats on the network, two of them are, anomaly based IDS, and signature based IDS. 2.6.4.1 ANOMALY BASED IDS Anomaly based IDS is setup to monitor and compare network events against what is defined to be normal network activities which is represented by a profile, in order to detect any deviation from the defined normal events. Some of the events are, comparing the type of bandwidth used, the type of protocols etc and once the IDS identifies any deviation in any of this events, it notifies the network administrator who then take necessary action to stop the intended attack (Scarfone and Mell 2007). 2.6.4.2 SIGNATURE BASED IDS Signature based IDS are designed to monitor and compare packets on the network against the signature database of known malicious attacks or threats. This type of IDS is efficient at identifying already known threats but ineffective at identifying new threats which are not currently defined in the signature database, therefore giving way to network attacks (Scarfone and Mell 2007). 2.6.5 INTRUSION PREVENTION SYSTEMS (IPS). IPS are proactive security products which can be software or hardware used to identify malicious packets and also to prevent such packets from gaining entry in the networks (Ierace et al 2005, Botwicz et al 2006). IPS is another form of firewall which is basically designed to detect irregularity in regular network traffic and likewise to stop possible network attacks such as Denial of service attacks. They are capable of dropping malicious packets and disconnecting any connection suspected to be illegal before such traffic get to the protected host. Just like a typical firewall, IPS makes use of define rules in the system setup to determine the action to take on any traffic and this could be to allow or block the traffic. IPS makes use of stateful packet analysis to protect the network. Similarly, IPS is capable of performing signature matching, application protocol validation etc as a means of detecting attacks on the network (Ierace et al 2005). As good as IPS are, they also have t heir downsides as well. One of it is the problem of false positive and false negative. False positive is a situation where legitimate traffic is been identified to be malicious and thereby resulting to the IPS blocking such traffic on the network. False negative on the other hand is when malicious traffic is be identified by the IPS as legitimate traffic thereby allowing such traffic to pass through the IPS to the protected network (Ierace N et al 2005). 2.7 SOFTWARE AND HARDWARE FIREWALLS 2.7.1 SOFTWARE FIREWALLS Software-based firewalls are computers installed software for filtering packets (Permpootanalarp and Rujimethabhas 2001). These are programs setup either on personal computers or on network servers (Web servers and Email severs) operating system. Once the software is installed and proper security polices are defined, the systems (personal computers or servers) assume the role of a firewall. Software firewalls are second line of defence after hardware firewalls in situations where both are used for network security. Also software firewalls can be installed on different operating system such as, Windows Operating Systems, Mac operating system, Novel Netware, Linux Kernel, and UNIX Kernel etc. The function of these firewalls is, filtering distorted network traffic. There are several software firewall some of which include, Online Armor firewall, McAfee Personal Firewall, Zone Alarm, Norton Personal Firewall, Black Ice Defender, Sygate Personal Firewall, Panda Firewall, The DoorStop X Fi rewall etc (Lugo Parker 2005). When designing a software firewall two keys things are considered. These are, per-packet filtering and a per-process filtering. The pre-packet filter is design to search for distorted packets, port scan detection and checking if the packets are accepted into the protocol stack. In the same vein, pre-process filter is the designed to check if a process is allowed to begin a connection to the secured network or not (Lugo and Parker 2005). It should be noted that there are different implantations of all Firewalls. While some are built into the operating system others are add-ons. Examples of built-in firewalls are windows based firewall and Linux based. 2.7.2 WINDOWS OPERATING SYSTEM BASED FIREWALL. In operating system design, security features is one important aspect that is greatly considered. This is a challenge the software giant (Microsoft) as always made sure they implement is their products. In the software industry, Mi Technology for Network Security Technology for Network Security 2.0 CHAPTER TWO 2.1 INTRODUCTION The ever increasing need for information technology as a result of globalisation has brought about the need for an application of a better network security system. It is without a doubt that the rate at which computer networks are expanding in this modern time to accommodate higher bandwidth, unique storage demand, and increase number of users can not be over emphasised. As this demand grows on daily bases, so also, are the threats associated with it. Some of which are, virus attacks, worm attacks, denial of services or distributed denial of service attack etc. Having this in mind then call for swift security measures to address these threats in order to protect data reliability, integrity, availability and other needed network resources across the network. Generally, network security can simply be described as a way of protecting the integrity of a network by making sure authorised access or threats of any form are restricted from accessing valuable information. As network architecture begins to expand, tackling the issue of security is becomes more and more complex to handle, therefore keeping network administrators on their toes to guard against any possible attacks that occurs on daily basis. Some of the malicious attacks are viruses and worm attacks, denial of service attacks, IP spoofing, cracking password, Domain Name Server (DNS) poisoning etc. As an effort to combat these threats, many security elements have been designed to tackle these attacks on the network. Some of which includes, firewall, Virtual Private Network (VPN), Encryption and Decryption, Cryptography, Internet Protocol Security (IPSec), Data Encryption Standard (3DES), Demilitarised Zone, (DMZ), Secure Shell Layer (SSL) etc. This chapter starts by briefly discussi ng Internet Protocol (IP), Transmission Control Protocol (TCP), User datagram Protocol (UDP), Internet Control Message Protocol (ICMP), then discussed the Open system interconnection (OSI) model and the protocols that operate at each layer of the model, network security elements, followed by the background of firewall, types and features of firewalls and lastly, network security tools. 2.2 A BRIEF DESCRIPTION OF TCP, IP, UDP AND ICMP 2.2.1 DEFINITION Going by the tremendous achievement of the World Wide Web (internet), a global communication standard with the aim of building interconnection of networks over heterogeneous network is known as the TCP/IP protocol suite was designed (Dunkels 2003; Global Knowledge 2007; Parziale et al 2006). The TCP/IP protocol suite is the core rule used for applications transfer such as File transfers, E-Mail traffics, web pages transfer between hosts across the heterogeneous networks (Dunkels 2003; Parziale et al 2006). Therefore, it becomes necessary for a network administrator to have a good understanding of TCP/IP when configuring firewalls, as most of the policies are set to protect the internal network from possible attacks that uses the TCP/IP protocols for communication (Noonan and Dobrawsky 2006). Many incidents of network attacks are as a result of improper configuration and poor implementation TCP/IP protocols, services and applications. TCP/IP make use of protocols such as TCP, UDP, IP, ICMP etc to define rules of how communication over the network takes place (Noonan and Dobrawsky 2006). Before these protocols are discussed, this thesis briefly looks into the theoretical Open Systems Interconnection (OSI) model (Simoneau 2006). 2.2.2 THE OSI MODEL The OSI model is a standardised layered model defined by International Organization for Standardization (ISO) for network communication which simplifies network communication to seven separate layers, with each individual layer having it own unique functions that support immediate layer above it and at same time offering services to its immediate layer below it (Parziale et al 2006; Simoneau 2006). The seven layers are Application, Presentation, Session Transport, Network, Data, Link and Physical layer. The first three lower layers (Network, Data, Link and Physical layer) are basically hardware implementations while the last four upper layers (Application, Presentation, Session and Transport) are software implementations. Application Layer This is the end user operating interface that support file transfer, web browsing, electronic mail etc. This layer allows user interaction with the system. Presentation Layer This layer is responsible for formatting the data to be sent across the network which enables the application to understand the message been sent and in addition it is responsible for message encryption and decryption for security purposes. Session Layer This layer is responsible for dialog and session control functions between systems. Transport layer This layer provides end-to-end communication which could be reliable or unreliable between end devices across the network. The two mostly used protocols in this layer are TCP and UDP. Network Layer This layer is also known as logical layer and is responsible for logical addressing for packet delivery services. The protocol used in this layer is the IP. Data Link Layer This layer is responsible for framing of units of information, error checking and physical addressing. Physical Layer This layer defines transmission medium requirements, connectors and responsible for the transmission of bits on the physical hardware (Parziale et al 2006; Simoneau 2006). 2.2.3 INTERNET PROTOCOL (IP) IP is a connectionless protocol designed to deliver data hosts across the network. IP data delivery is unreliable therefore depend on upper layer protocol such as TCP or lower layer protocols like IEEE 802.2 and IEEE802.3 for reliable data delivery between hosts on the network.(Noonan and Dobrawsky 2006) 2.2.4 TRANSMISSION CONTROL PROTOCOL (TCP) TCP is a standard protocol which is connection-oriented transport mechanism that operates at the transport layer of OSI model. It is described by the Request for Comment (RFC) 793. TCP solves the unreliability problem of the network layer protocol (IP) by making sure packets are reliably and accurately transmitted, errors are recovered and efficiently monitors flow control between hosts across the network. (Abie 2000; Noonan and Dobrawsky 2006; Simoneau 2006). The primary objective of TCP is to create session between hosts on the network and this process is carried out by what is called TCP three-way handshake. When using TCP for data transmission between hosts, the sending host will first of all send a synchronise (SYN) segment to the receiving host which is first step in the handshake. The receiving host on receiving the SYN segment reply with an acknowledgement (ACK) and with its own SYN segment and this form the second part of the handshake. The final step of the handshake is the n completed by the sending host responding with its own ACK segment to acknowledge the acceptance of the SYN/ACK. Once this process is completed, the hosts then established a virtual circuit between themselves through which the data will be transferred (Noonan and Dobrawsky 2006). As good as the three ways handshake of the TCP is, it also has its short comings. The most common one being the SYN flood attack. This form of attack occurs when the destination host such as the Server is flooded with a SYN session request without receiving any ACK reply from the source host (malicious host) that initiated a SYN session. The result of this action causes DOS attack as destination host buffer will get to a point it can no longer take any request from legitimate hosts but have no other choice than to drop such session request (Noonan and Dobrawsky 2006). 2.2.5 USER DATAGRAM PROTOCOL (UDP) UDP unlike the TCP is a standard connectionless transport mechanism that operates at the transport layer of OSI model. It is described by the Request for Comment (RFC) 768 (Noonan and Dobrawsky 2006; Simoneau 2006). When using UDP to transfer packets between hosts, session initiation, retransmission of lost or damaged packets and acknowledgement are omitted therefore, 100 percent packet delivery is not guaranteed (Sundararajan et al 2006; Postel 1980). UDP is designed with low over head as it does not involve initiation of session between hosts before data transmission starts. This protocol is best suite for small data transmission (Noonan and Dobrawsky 2006). 2.2.6 INTERNET CONTROL MESSAGE PROTOCOL (ICMP). ICMP is primarily designed to identify and report routing error, delivery failures and delays on the network. This protocol can only be used to report errors and can not be used to make any correction on the identified errors but depend on routing protocols or reliable protocols like the TCP to handle the error detected (Noonan and Dobrawsky 2006; Dunkels 2003). ICMP makes use of the echo mechanism called Ping command. This command is used to check if the host is replying to network traffic or not (Noonan and Dobrawsky 2006; Dunkels 2003). 2.3 OTHER NETWORK SECURITY ELEMENTS. 2.3.1 VIRTUAL PRIVATE NETWORK (VPN) VPN is one of the network security elements that make use of the public network infrastructure to securely maintain confidentiality of information transfer between hosts over the public network (Bou 2007). VPN provides this security features by making use of encryption and Tunneling technique to protect such information and it can be configured to support at least three models which are Remote- access connection. Site-to-site ( branch offices to the headquarters) Local area network internetworking (Extranet connection of companies with their business partners) (Bou 2007). 2.3.2 VPN TECHNOLOGY VPN make use of many standard protocols to implement the data authentication (identification of trusted parties) and encryption (scrambling of data) when making use of the public network to transfer data. These protocols include: Point-to-Point Tunneling Protocol PPTP [RFC2637] Secure Shell Layer Protocol (SSL) [RFC 2246] Internet Protocol Security (IPSec) [RFC 2401] Layer 2 Tunneling Protocol (L2TP) [RFC2661] 2.3.2.1 POINT-TO-POINT TUNNELING PROTOCOL [PPTP] The design of PPTP provides a secure means of transferring data over the public infrastructure with authentication and encryption support between hosts on the network. This protocol operates at the data link layer of the OSI model and it basically relies on user identification (ID) and password authentication for its security. PPTP did not eliminate Point-to-Point Protocol, but rather describes better way of Tunneling PPP traffic by using Generic Routing Encapsulation (GRE) (Bou 2007; Microsoft 1999; Schneier and Mudge 1998). 2.3.2.2 LAYER 2 TUNNELING PROTOCOL [L2TP] The L2TP is a connection-oriented protocol standard defined by the RFC 2661which merged the best features of PPTP and Layer 2 forwarding (L2F) protocol to create the new standard (L2TP) (Bou 2007; Townsley et al 1999). Just like the PPTP, the L2TP operates at the layer 2 of the OSI model. Tunneling in L2TP is achieved through series of data encapsulation of the different levels layer protocols. Examples are UDP, IPSec, IP, and Data-Link layer protocol but the data encryption for the tunnel is provided by the IPSec (Bou 2007; Townsley et al 1999). 2.3.2.3 INTERNET PROTOCOL SECURITY (IPSEC) [RFC 2401] IPSec is a standard protocol defined by the RFC 2401 which is designed to protect the payload of an IP packet and the paths between hosts, security gateways (routers and firewalls), or between security gateway and host over the unprotected network (Bou 2007; Kent and Atkinson 1998). IPSec operate at network layer of the OSI model. Some of the security services it provides are, authentication, connectionless integrity, encryption, access control, data origin, rejection of replayed packets, etc (Kent and Atkinson 1998). 2.3.3.4 SECURE SOCKET LAYER (SSL) [RFC 2246] SSL is a standard protocol defined by the RFC 2246 which is designed to provide secure communication tunnel between hosts by encrypting hosts communication over the network, to ensure packets confidentiality, integrity and proper hosts authentication, in order to eliminate eavesdropping attacks on the network (Homin et al 2007; Oppliger et al 2008). SSL makes use of security elements such as digital certificate, cryptography and certificates to enforce security measures over the network. SSL is a transport layer security protocol that runs on top of the TCP/IP which manage transport and routing of packets across the network. Also SSL is deployed at the application layer OSI model to ensure hosts authentication (Homin et al 2007; Oppliger et al 2008; Dierks and Allen 1999). 2.4 FIREWALL BACKGROUND The concept of network firewall is to prevent unauthorised packets from gaining entry into a network by filtering all packets that are coming into such network. The word firewall was not originally a computer security vocabulary, but was initially used to illustrate a wall which could be brick or mortar built to restrain fire from spreading from one part of a building to the other or to reduce the spread of the fire in the building giving some time for remedial actions to be taken (Komar et al 2003). 2.4.1BRIEF HISTORY OF FIREWALL Firewall as used in computing is dated as far back as the late 1980s, but the first set of firewalls came into light sometime in 1985, which was produced by a Ciscos Internet work Operating System (IOS) division called packet filter firewall (Cisco System 2004). In 1988, Jeff Mogul from DEC (Digital Equipment Corporation) published the first paper on firewall. Between 1989 and 1990, two workers of the ATT Bell laboratories Howard Trickey and Dave Persotto initiated the second generation firewall technology with their study in circuit relays called Circuit level firewall. Also, the two scientists implemented the first working model of the third generation firewall design called Application layer firewalls. Sadly enough, there was no published documents explaining their work and no product was released to support their work. Around the same year (1990-1991), different papers on the third generation firewalls were published by researchers. But among them, Marcus Ranums work received the most attention in 1991 and took the form of bastion hosts running proxy services. Ranums work quickly evolved into the first commercial product—Digital Equipment Corporations SEAL product (Cisco System 2004). About the same year, work started on the fourth generation firewall called Dynamic packet filtering and was not operational until 1994 when Check Point Software rolled out a complete working model of the fourth generation firewall architecture. In 1996, plans began on the fifth generation firewall design called the Kernel Proxy architecture and became reality in 1997 when Cisco released the Cisco Centri Firewall which was the first Proxy firewall produced for commercial use (Cisco System 2004). Since then many vendor have designed and implemented various forms of firewall both in hardware and software and till date, research works is on going in improving firewalls architecture to meet up with ever increasing challenges of network security. 2.5 DEFINITION According to the British computer society (2008), Firewalls are defence mechanisms that can be implemented in either hardware or software, and serve to prevent unauthorized access to computers and networks. Similarly, Subrata, et al (2006) defined firewall as a combination of hardware and software used to implement a security policy governing the flow of network traffic between two or more networks. The concept of firewall in computer systems security is similar to firewall built within a building but differ in their functions. While the latter is purposely designed for only one task which is fire prevention in a building, computer system firewall is designed to prevent more than one threat (Komar et al 2003).This includes the following Denial Of Service Attacks (DoS) Virus attacks Worm attack. Hacking attacks etc 2.5.1 DENIAL OF SERVICE ATTACKS (DOS) â€Å"Countering DoS attacks on web servers has become a very challenging problem† (Srivatsa et al 2006). This is an attack that is aimed at denying legitimate packets to access network resources. The attacker achieved this by running a program that floods the network, making network resources such as main memory, network bandwidth, hard disk space, unavailable for legitimate packets. SYN attack is a good example of DOS attacks, but can be prevented by implementing good firewall polices for the secured network. A detailed firewall policy (iptables) is presented in chapter three of this thesis. 2.5.2 VIRUS AND WORM ATTACKS Viruses and worms attacks are big security problem which can become pandemic in a twinkle of an eye resulting to possible huge loss of information or system damage (Ford et al 2005; Cisco System 2004). These two forms of attacks can be programs designed to open up systems to allow information theft or programs that regenerate themselves once they gets into the system until they crashes the system and some could be programmed to generate programs that floods the network leading to DOS attacks. Therefore, security tools that can proactively detect possible attacks are required to secure the network. One of such tools is a firewall with good security policy configuration (Cisco System 2004). Generally speaking, any kind of firewall implementation will basically perform the following task. Manage and control network traffic. Authenticate access Act as an intermediary Make internal recourses available Record and report event 2.5.3 MANAGE AND CONTROL NETWORK TRAFFIC. The first process undertaken by firewalls is to secure a computer networks by checking all the traffic coming into and leaving the networks. This is achieved by stopping and analysing packet Source IP address, Source port, Destination IP address, Destination port, IP protocol Packet header information etc. in order decide on what action to take on such packets either to accept or reject the packet. This action is called packet filtering and it depends on the firewall configuration. Likewise the firewall can also make use of the connections between TCP/IP hosts to establish communication between them for identification and to state the way they will communicate with each other to decide which connection should be permitted or discarded. This is achieved by maintaining the state table used to check the state of all the packets passing through the firewall. This is called stateful inspection (Noonan and Dobrawsky 2006). 2.5.4 AUTHENTICATE ACCESS When firewalls inspects and analyses packets Source IP address, Source port, Destination IP address, Destination port, IP protocol Packet header information etc, and probably filters it based on the specified security procedure defined, it does not guarantee that the communication between the source host and destination host will be authorised in that, hackers can manage to spoof IP address and port action which defeats the inspection and analysis based on IP and port screening. To tackle this pit fall over the network, an authentication rule is implemented in firewall using a number of means such as, the use of username and password (xauth), certificate and public keys and pre-shared keys (PSKs).In using the xauth authentication method, the firewall will request for the source host that is trying to initiate a connection with the host on the protected network for its username and password before it will allow connection between the protected network and the source host to be establi shed. Once the connection is been confirmed and authorised by the security procedure defined, the source host need not to authenticate itself to make connection again (Noonan and Dobrawsky 2006). The second method is using certificates and public keys. The advantage of this method over xauth is that verification can take place without source host intervention having to supply its username and password for authentication. Implementation of Certificates and public keys requires proper hosts (protected network and the source host) configuration with certificates and firewall and making sure that protected network and the source host use a public key infrastructure that is properly configured. This security method is best for big network design (Noonan and Dobrawsky 2006). Another good way of dealing with authentication issues with firewalls is by using pre-shared keys (PSKs). The implementation of PSKs is easy compare to the certificates and public keys although, authentication still occur without the source host intervention its make use of an additional feature which is providing the host with a predetermined key that is used for the verification procedure (Noonan and Dobrawsky 2006). 2.5.5 ACT AS AN INTERMEDIARY When firewalls are configured to serve as an intermediary between a protected host and external host, they simply function as application proxy. The firewalls in this setup are configured to impersonate the protected host such that all packets destined for the protected host from the external host are delivered to the firewall which appears to the external host as the protected host. Once the firewalls receive the packets, they inspect the packet to determine if the packet is valid (e.g. genuine HTTT packet) or not before forwarding to the protected host. This firewall design totally blocks direct communication between the hosts. 2.5.6 RECORD AND REPORT EVENTS While it is good practise to put strong security policies in place to secure network, it is equally important to record firewalls events. Using firewalls to record and report events is a technique that can help to investigate what kind of attack took place in situations where firewalls are unable to stop malicious packets that violate the access control policy of the protected network. Recording this event gives the network administrator a clear understanding of the attack and at the same time, to make use of the recorded events to troubleshoot the problem that as taken place. To record these events, network administrators makes use of different methods but syslog or proprietary logging format are mostly used for firewalls. However, some malicious events need to be reported quickly so that immediate action can be taken before serious damage is done to the protected network. Therefore firewalls also need an alarming mechanism in addition to the syslog or proprietary logging format whe n ever access control policy of the protected network is violated. Some types of alarm supported by firewalls include Console notification, Simple Network Management Protocol (SNMP), Paging notification, E-mail notification etc (Noonan and Dobrawsky 2006). Console notification is a warning massage that is presented to the firewall console. The problem with this method of alarm is that, the console needs to be monitored by the network administrator at all times so that necessary action can be taken when an alarm is generated. Simple Network Management Protocol (SNMP) notification is implemented to create traps which are transferred to the network management system (NMS) monitoring the firewall. Paging notification is setup on the firewall to deliver a page to the network administrator whenever the firewall encounters any event. The message could be an alphanumeric or numeric depending on how the firewall is setup. E-mail notification is similar to paging notification, but in this case, the firewall send an email instead to proper address. 2.6 TYPES OF FIREWALLS Going by firewall definition, firewalls are expected to perform some key functions like, Application Proxy, Network Translation Address, and Packet filtering. 2.6.1 APPLICATION PROXY This is also known as Application Gateway, and it acts as a connection agent between protected network and the external network. Basically, the application proxy is a host on the protected network that is setup as proxy server. Just as the name implies, application proxy function at the application layer of the Open System Interconnection (OSI) model and makes sure that all application requests from the secured network is communicated to the external network through the proxy server and no packets passes through from to external network to the secured network until the proxy checks and confirms inbound packets. This firewall support different types of protocols such as a Hypertext Transfer Protocol (HTTP), File Transfer Protocol (FTP) and Simple Mail Transport Protocol (SMTP) (Noonan and Dobrawsky 2006; NetContinuum 2006). 2.6.2 NETWORK ADDRESS (NAT) NAT alter the IP addresses of hosts packets by hiding the genuine IP addresses of secured network hosts and dynamically replacing them with a different IP addresses (Cisco System 2008; Walberg 2007). When request packets are sent from the secured host through the gateway to an external host, the source host address is modified to a different IP address by NAT.  When the reply packets arrives at the gateway, the NAT then replaces the modified address with genuine host address before forwarding it to the host (Walberg 2007).The role played by NAT in a secured network system makes it uneasy for unauthorized access to know: The number of hosts available in the protected network The topology of the network The operating systems the host is running The type of host machine (Cisco System 2008). 2.6.3 PACKET FILTERING. â€Å"Firewalls and IPSec gateways have become major components in the current high speed Internet infrastructure to filter out undesired traffic and protect the integrity and confidentiality of critical traffic† (Hamed and Al-Shaer 2006). Packet filtering is based on the lay down security rule defined for any network or system. Filtering traffic over the network is big task that involves comprehensive understanding of the network on which it will be setup. This defined policy must always be updated in order to handle the possible network attacks (Hamed and Al-Shaer 2006). 2.6.4 INSTRUCTION DETECTION SYSTEMS. Network penetration attacks are now on the increase as valuable information is being stolen or damaged by the attacker. Many security products have been developed to combat these attacks. Two of such products are Intrusion Prevention systems (IPS) and Intrusion Detection Systems (IDS). IDS are software designed to purposely monitor and analysed all the activities (network traffic) on the network for any suspicious threats that may violate the defined network security policies (Scarfone and Mell 2007; Vignam et al 2003). There are varieties of methods IDS uses to detect threats on the network, two of them are, anomaly based IDS, and signature based IDS. 2.6.4.1 ANOMALY BASED IDS Anomaly based IDS is setup to monitor and compare network events against what is defined to be normal network activities which is represented by a profile, in order to detect any deviation from the defined normal events. Some of the events are, comparing the type of bandwidth used, the type of protocols etc and once the IDS identifies any deviation in any of this events, it notifies the network administrator who then take necessary action to stop the intended attack (Scarfone and Mell 2007). 2.6.4.2 SIGNATURE BASED IDS Signature based IDS are designed to monitor and compare packets on the network against the signature database of known malicious attacks or threats. This type of IDS is efficient at identifying already known threats but ineffective at identifying new threats which are not currently defined in the signature database, therefore giving way to network attacks (Scarfone and Mell 2007). 2.6.5 INTRUSION PREVENTION SYSTEMS (IPS). IPS are proactive security products which can be software or hardware used to identify malicious packets and also to prevent such packets from gaining entry in the networks (Ierace et al 2005, Botwicz et al 2006). IPS is another form of firewall which is basically designed to detect irregularity in regular network traffic and likewise to stop possible network attacks such as Denial of service attacks. They are capable of dropping malicious packets and disconnecting any connection suspected to be illegal before such traffic get to the protected host. Just like a typical firewall, IPS makes use of define rules in the system setup to determine the action to take on any traffic and this could be to allow or block the traffic. IPS makes use of stateful packet analysis to protect the network. Similarly, IPS is capable of performing signature matching, application protocol validation etc as a means of detecting attacks on the network (Ierace et al 2005). As good as IPS are, they also have t heir downsides as well. One of it is the problem of false positive and false negative. False positive is a situation where legitimate traffic is been identified to be malicious and thereby resulting to the IPS blocking such traffic on the network. False negative on the other hand is when malicious traffic is be identified by the IPS as legitimate traffic thereby allowing such traffic to pass through the IPS to the protected network (Ierace N et al 2005). 2.7 SOFTWARE AND HARDWARE FIREWALLS 2.7.1 SOFTWARE FIREWALLS Software-based firewalls are computers installed software for filtering packets (Permpootanalarp and Rujimethabhas 2001). These are programs setup either on personal computers or on network servers (Web servers and Email severs) operating system. Once the software is installed and proper security polices are defined, the systems (personal computers or servers) assume the role of a firewall. Software firewalls are second line of defence after hardware firewalls in situations where both are used for network security. Also software firewalls can be installed on different operating system such as, Windows Operating Systems, Mac operating system, Novel Netware, Linux Kernel, and UNIX Kernel etc. The function of these firewalls is, filtering distorted network traffic. There are several software firewall some of which include, Online Armor firewall, McAfee Personal Firewall, Zone Alarm, Norton Personal Firewall, Black Ice Defender, Sygate Personal Firewall, Panda Firewall, The DoorStop X Fi rewall etc (Lugo Parker 2005). When designing a software firewall two keys things are considered. These are, per-packet filtering and a per-process filtering. The pre-packet filter is design to search for distorted packets, port scan detection and checking if the packets are accepted into the protocol stack. In the same vein, pre-process filter is the designed to check if a process is allowed to begin a connection to the secured network or not (Lugo and Parker 2005). It should be noted that there are different implantations of all Firewalls. While some are built into the operating system others are add-ons. Examples of built-in firewalls are windows based firewall and Linux based. 2.7.2 WINDOWS OPERATING SYSTEM BASED FIREWALL. In operating system design, security features is one important aspect that is greatly considered. This is a challenge the software giant (Microsoft) as always made sure they implement is their products. In the software industry, Mi