Theories of Reflection in Teaching

Theories of Reflection in Teaching Understand the application of theories and models of reflection and evaluation to reviewing own practice. Analyse theories and models of reflection and evaluation. Explain ways in which theories and models of reflection and evaluation can be applied to reviewing own practice. (use SWOT analysis if possible) Introduction: Reflecting allows the teacher to mentally process, analyse and utilise an experiential knowledge in changing and replicating an outcome. The use of reflection allows the tutor to progress in their tuition. David Berliner (1992) indicates that the tutor advances in phases going from novice to expert Donald Schon in his book The Reflective Practice (1983) introduced reflective practice in which he used John Dewys learning through experience notion, based on other theories of learning and development like Jean Piaget, Kurt Lewin, William James and Carl Jung. Reflection according to Donald Schon is the ability of professionals to think what they are doing while they are doing it. He states that managing the indeterminate zones of professional practice requires the ability to think on the run and use previous experience to new conditions. This is important and needs the ability to reflect-in-action. As a teacher, I try to be student-centred, understanding, evidence-based and economical all at the same time. Schon also gives insight into how the reflective professional is formed. He describes the main ideas as: Reflective Practicum: A practicum is a setting created for the task of learning a practice D. Schon (1983). This links to learners learning by doing, with the tutors assistance. The practicum is reflective in two reasons: its intention of helping learners becoming proficient in a type of reflection-in-action, and when it functions properly, it entails a tutor learner dialogue of teacher taking the form of reciprocal reflection-in-action. (Argyris and Schon 1978) Tacit knowledge: arises from Michael Polanyis work where he describes the ability of picking out a familiar face in a crowd, without any thought, or a systematic features analysis. We cannot tell how this is done; hence the knowledge is unspoken or tacit Knowing-in-action: is also Schions idea which stems from the tacit knowledge concept. It is a type of knowledge that can be revealed in the manner we perform our duties and tackle problems. The knowing is in the action. It is shown by the skilful execution of the performance we are notably not able to make it verbally explicit. This tacit knowledge is obtained from investigations and also from the practitioners own reflections and experience. Reflection-in-action: occurs whilst a problem is being addressed, in what Schon termed the action-present. It is a response to a surprise such that the expected outcome is out of our control. This reflective process is conscious, but may not be verbalised. Reflection-in-action is about challenging our assumptions (since knowing-in-action is the basis of assumption). It is about thinking again, in a new way, about an already encountered issue. Reflection-on-action: is reflection after the event. Carefully carried out and recorded, willing suspension of disbelief. This phrase was made use of by Samuel Taylor Coleridge for describing the method of committing into an experience without judgement, in order to learn from it. Schon applies the term in association with the concept of learning by doing. One cannot will oneself to believe until one understands. But understanding often will only come from experience D. Schon (1983). Hence there is a need for the experience to occur. Operative attention: relates to the readiness to use new information. This concept is partly obtained from Wittgensteins contention that the meaning of an operation can only be learned through its performance. It prepares the student for feedback on that activity and builds understanding. The Ladder of reflection: Argyris and Schon describe a vertical dimension of analysis which occurs in the dialogue between student and tutor. In order to climb the ladder you must reflect on an activity. In order to move down the ladder you move from reflection to experimentation. This being a ladder, you can also reflect on the process of reflection. From my point of view, this process assists to modify stuck situations. Moving up or down the ladder is not essential as long as it assists tutor and learners in achieving together convergence of meaning. Kolb: Kolbs theory and model relies on the idea that the tutor and learner learn by experience and then modify collected information into knowledge. Kolb was encouraged by both Dewy and Piaget in the 1970s as were many other theories. Concrete Experience (doing/having an experience): is the doing part which arises from the content and process of the classroom tuition together with other teaching duties and practices. Concrete experience also arises from ones own experience of being a learner. Reflective Observation (reviewing/reflecting on the experience): associates with analysis and judgements of events and the discussion about the learning and teaching between tutor, mentor and colleagues. Tutors reflect on their teaching experiences specifically when they are not experienced and have seen a lesson that did not progress well. This may be called common-sense reflection. It is essential to express our reflections in some systematic way in order not to forget thoughts and develop on that experience for further reference. This might be carried out through self-reflections or evaluations after the event through keeping a log or journal. It might also include learner feedback and peer observation of teaching. Reflection in itself is not enough for promoting learning and professional development. Unless acted upon, reflection on its own without an action equals no development. Abstract Conceptualisation (concluding/learning from the experience): In order to plan what could be done differently next time, one must be informed by educational theory and advancement, for example, through CPD. Reflection is therefore a middle ground that brings together theories and analysis of past experiences. It allows a conclusion referring to practice. Active Experimentation (planning/trying out what you have learned): The conclusions formed at the Abstract Conceptualisation phase then create the basis for planned changes Active Experimentation. Active Experimentation then begins the cycle again; To implement change in teaching practice, one generates further concrete experience which in turn creates reflection and review to form conclusions referent to the effectiveness of those changes. Strengths Weaknesses Skills: Organization, interpersonal communication, problem solving, multitasking, and creative abilities. Education: Postgraduate degree, Diploma in Education Training (in view) Experience: One year teaching experience Networking: Have kept contact with teaching colleagues Character traits: Determined, hardworking, motivated, enduring, loyal, trustworthy, thrifty, and resourceful. Gaps in experience: One year teaching experience which might not be enough for senior roles in the education sector. Not yet achieved a Qualified Teacher Status Gaps in networking: Need to know a wide range of key players in the education sector. Opportunities Threats Technology: Online marketing, YouTube, mass communication Legislation: Government favours education sector Economy: May be buoyant for career growth. Demographics of Population: Large population, city, lots of job opportunities. Geographical: Schools and FE colleges are in the area. Sectors: Much growth in high-tech and hospitality sectors. Legislation: Government regulations restrict some education institution practices in pending privacy laws. Social Values: Some people may discriminate against being a democrat in a republican state. Economy: Current situations are terrible, unemployment is sky high. Demographics of Population: because I live in a crowded area there is more competition. Geographical: May have to move out of state to get a job. In analysing Kolbs theory model, I observed that it hugely depends on trying and re-trying of the complete instead of the step-by-step approach preferred by Argyris and Schon, the pitfalls are in the detection of small errors that lead to the complete inefficiency that could become enormous making smaller detail to be overlooked. The impact of the above-mentioned theories, models and principles amongst others is obvious in the reflective tutor and in my own practice, reflection is an importance aspect of my practice and Schons Ladder of reflection is an easy means of quantifying and analysing the advances and shortcomings of my practice, paving way for assessment and re-assessment of small aspects of teaching to be analysed and modified without changing the main part of the content and delivery. References: Argyris, C., Schon, D.   (1978) Organisational learning: A theory of action perspective.   Reading, Mass: Addison Wesley. Berliner, D. (Ed.). (1992). Exemplary performances: Studies of expertise in teaching. Reston, VA: The National Art Education Association. Dewy, J. (19930 How we think. A restatement of the relation of reflective thinking to the educative process. (revised edition), Boston: D. C. Heath. Kolb, D. A. (1984) Experiential Learning experience as a source of learning and development, New Jersey: Prentice Hall. Schà ¶n, D. (1983). The Reflective Practitioner: How professionals think in action. London:  Temple Smith Schon, D. (1991) The Reflective Practitioner How Professionals Think in Action, London: Avebury

Attacking Wifi Nets with Traffic Injection

I am very much thankful to him. I benefited a lot discussing with him. I am also thankful to my parents who encouraged me and provided such a motivation, so I became able to perform this. I am also thankful to all my friends and those who helped me directly or indirectly in completion of my project. CONTENTS †¢Introduction †¢Crime Definition †¢Laws that have been violated †¢Possible Punishments (IT ACT + INTERNATIONAL LAWS) †¢Unlawful Losses and Gains †¢Working of Attacks †¢Description of Tools INTRODUCTION This term paper is based on â€Å"attacking wifi nets with traffic injection† also nown as packet injection which simply means the hacking of wireless networks with different techniques to send extra amount of traffic (packets, frames, duplicate copies) on a network by which a hacker can able to access the information and identity that a client is using. Some techniques are wireless network sniffing, DOS (denial of service attack), Man in the middle attack etc. Attacks on wireless LANs (WLAN’s) and wireless-enabled laptops are a quick and easy way for hackers to steal data and enter the corporate network.Many types of tools are used to perform hacking. Some of them are named as aircrack-ng, airjack etc. thts paper will later give brief information on tools used , working of tools ,losses and gains with hacking etc. These type of attacks are known as INTEGRITY attacks. Wireless networks broadcast their packets using radio frequency or optical wavelengths. A modern laptop computer can listen in. Worse, an attacker can manufacture new packets on the fly and persuade wireless stations to accept his packets as legitimate. We already know 802. 11 networks are weak.Open networks are prone to any well-known LAN perimeter attack WEP is vulnerable. Traffic injection has changed things like †¢Increased DoS (denial of service) capabilities †¢Dramatically decreased WEP cracking achievement time †¢Allows traf fic tampering †¢Allows stations attacks CRIME DEFINITION Cyber Crime –A crime where the computer is used as a tool or target. Cyber crime encompasses any criminal act dealing with computers and networks (called hacking). Additionally, cyber crime also includes traditional crimes conducted through the Internet.For example; hate crimes, telemarketing and Internet fraud, identity theft, and credit card account thefts are considered to be cyber crimes when the illegal activities are committed through the use of a computer and the Internet. Hacking – Traffic injection attacks comes under hacking. It is defined as whomever with the intent to cause or knowing that he is likely to cause wrongful loss or damage to the public or any person destroys or deletes or alters any information residing in a computer resource or diminishes its value or utility or affects it injuriously by any means, commits hacking.Hacking may also occur when a person willfully, knowingly, and withou t authorization or without reasonable grounds to believe that he or she has such authorization, destroys data, computer programs, or supporting documentation residing or existing internal or external to a computer, computer system, or computer network. Besides the destruction of such data, hacking may also be defined to include the disclosure, use or taking of the data commits an offense against intellectual property.This paper is a survey of wireless attack tools focusing on 802. 11 and Bluetooth. It includes attack tools for three major categories: confidentiality, integrity, and availability. Confidentiality attack tools focus on the content of the data and are best known for encryption cracking. Integrity attacks tools focus on the data in transmission and include frame insertion, man in the middle, and replay attacks. Finally, availability attack tools focus on Denial of Service (DoS) attacks. Law That Have Been ViolatedThe laws that have been violated are section 43,65 and 66 of IT ACT 2000. Section 43 of IT ACT 2000, defines as If any person without permission of the owner or any other person who is in charge of a computer, computer system or computer network, — (a) Accesses or secures access to such computer, computer system or computer Network; (b) Downloads, copies or extracts any data, computer data base or information from such computer, computer system or computer network including information or data held or stored in any removable storage medium; c) Introduces or causes to be introduced any computer contaminant or computer virus into any computer, computer system or computer network; (d) Damages or causes to be damaged any computer, computer system or computer network, data, computer data base or any other programs residing in such computer, computer system or computer network; (e) Disrupts or causes disruption of any computer, computer system or computer network; (f) Denies or causes the denial of access to any person authorized to acces s any computer, computer system or computer network by any means; g) Provides any assistance to any person to facilitate access to a computer, computer system or computer network in contravention of the provisions of this Act, rules or regulations made there under; (h) Charges the services availed of by a person to the account of another person by tampering with or manipulating any computer, computer system, or computer network, Section 65 of IT ACT 2000, defines as, Tampering with computer source documentsWhoever knowingly or intentionally conceals, destroys or alters or intentionally or knowingly causes another to conceal, destroy or alter any computer source code used for a computer, computer programs, computer system or computer network, when the computer source code is required to be kept or maintained by law for the time being in force, shall be punishable with imprisonment up to three years, or with fine which may extend up to two lakh rupees, or with both. Section 66 of IT A CT 2000, defines as, (1) Whoever with the intent to cause or knowing that he is likely to cause rongful loss or damage to the public or any person destroys or deletes or alters any information residing in a computer resource or diminishes its value or utility or affects it injuriously by any means, commits hacking. (2) Whoever commits hacking shall be punished with imprisonment up to three years, or with fine which may extend up to two lakh rupees, or with both. POSSIBLE PUNISHMENTS (IT ACT + International laws) Cyber crime is a type of crime that not only destroys the security system of a country but also its financial system. One supporter of legislation against cyber crime, Rep.Lamar Smith (R-Texas), stated, â€Å"Our mouse can be just as dangerous as a bullet or a bomb. † Cyber attackers should be penalized and punished severely and most cyber crimes have penalties reflecting the severity of the crime committed. Although in the past many laws against cyber crimes were ins ufficient, law enforcement agencies and governments have recently proposed many innovative plans for fighting cyber crimes. Punishment Cybercrime must be dealt with very seriously because it causes a lot of damage to businesses and the actual punishment should depend on the type of fraud used.The penalty for illegally accessing a computer system ranges from 6 months to 5 years. The penalty for the unofficial modification on a computer ranges from 5 to 10 years. Other penalties are listed below: Telecommunication service theft: The theft of telecommunication services is a very common theft and is punished with a heavy fine and imprisonment. Communications intercept crime: This is a Class-D crime which is followed by a severe punishment of 1 to 5 years of imprisonment with a fine.Other cyber crimes like telecommunication piracy, offensive material dissemination, and other cyber frauds also belong to this category. Information Technology Act-2000: According to this act, different penal ties are available for different crimes. Some of the penalties are as follows: Computer source document tampering: The person who changes the source code on the website or any computer program will get a punishment up to 3 years of imprisonment or fine. Computer hacking: The individual who hacks the computer or computer devices will get an imprisonment up to 3 years or a fine.Government protected system: An act of trying to gain access to a system which is a protected system by the government, will result in imprisonment for 10 years and a heavy fine. The introduction of such penalties have lead to a drastic reduction in the cyber crime rates as more and more criminals are becoming aware of the penalties related to them. Spreading the word about the penalties of cyber crime can serve as a deterrent against such crime. Penalties relating to cyber crime will vary depending on the country and legislation in place. Punishments according to IT ACT 2000The person who commits the crime sha ll be liable to pay damages by way of compensation not exceeding one crore rupees to the person so affected according to section 43 of IT ACT. The person who commits the crime shall be punishable with imprisonment up to three years, or with fine which may extend up to two lakh rupees, or with both according to section 65 of IT ACT. Whoever commits hacking shall be punished with imprisonment up to three years, or with fine which may extend up to two lakh rupees, or with both according to section 66 of IT ACT 2000 INTERNATIONAL LAWS In USA section 18 U. S. C.  § 1030 A) a fine under this title or imprisonment for not more than ten years, or both, in the case of an offense under subsection (a)(1) of this section which does not occur after a conviction for another offense under this section, or an attempt to commit an offense punishable under this subparagraph; and (B) a fine under this title or imprisonment for not more than twenty years, or both, in the case of an offense under subs ection (a)(1) of this section which occurs after a conviction for another offense under this section, or an attempt to commit an offense punishable under this subparagraph; In CanadaThe person who commits the crime is guilty of an indictable offence and liable to imprisonment for a term not exceeding ten years, or is guilty of an offence punishable on summary conviction. UNLAWFUL LOSSES AND GAINS Losses due to hacking Hackers targeted major companies including Sony, RSA Security, and Citigroup, but also governmental websites and smaller firms. Many companies could have prevented the attacks. Because of their vulnerabilities, they not only lost money, but also risked losing clients, prestige and market share. Multitudes of people were affected by their security breaches Recent reports showed hackers earned $12. billion in 2011, mainly by spamming, phishing, and online frauds. Some companies have made their financial losses public, while others chose not to disclose them. Here’ s a top 5 of the declared losses caused by hackings from last year until present. Undeclared losses may even exceed these ones. 1. $171 million – Sony Hacked in April to June 2011, Sony is by far the most famous recent security attack. After its Playstation network was shut down by LulzSec, Sony reportedly lost almost $171 million. The hack affected 77 million accounts and is still considered the worst gaming community data breach ever.Attackers stole valuable information: full names, logins, passwords, e-mails, home addresses, purchase history, and credit card numbers. 2. $2. 7 million – Citigroup Hacked in June 2011, Citigroup was not a difficult target for hackers. They exploited a basic online vulnerability and stole account information from 200,000 clients. Because of the hacking, Citigroup said it lost $2. 7 million. Just a few months before the attack, the company was affected by another security breach. It started at Epsilon, an email marketing provider for 2,5 00 large companies including Citigroup.Specialists estimated that the Epsilon breach affected millions of people and produced an overall $4 billion loss. 3. $2 million – Stratfor Last Christmas wasn’t so joyful for Stratfor Global Intelligence. Anonymous members hacked the US research group and published confidential information from 4,000 clients, threatening they could also give details about 90,000 credit card accounts. The hackers stated that Stratfor was â€Å"clueless†¦when it comes to database security†. According to the criminal complaint, the hack cost Stratfor $2 million. 4. $2 million – AT&T The US carrier was hacked last year, but said no account information was exposed.They said they warned one million customers about the security breach. Money stolen from the hacked business accounts was used by a group related to Al Qaeda to fund terrorist attacks in Asia. According to reports, refunding costumers cost AT&T almost $2 million. 5 . $1 million – Fidelity Investments, Scottrade, E*Trade, Charles Schwab The most recent declared losses were in a brokerage scam. A Russian national was charged in the US with $1. 4 million in computer and hacking crimes. $1 million was stolen from stock brokerages Fidelity Investments, Scottrade, E*Trade, and Charles Schwab.The rest of the money was taken from fraudulent tax refunds, with the stolen identities of more than 300 people. Gains To Hackers * To use your computer: * as an Internet Relay Chat (IRC) server – hackers wouldn't want to discuss openly about their activities on their ‘own' servers * as Storage for Illicit Material (ex. pirated software, pirated music, pornography, hacking tools etc) * as part of a DDoS Attack – where many computers are controlled by hackers in an attempt to cause resource starvation on a victim's computers or networks * To steal services and/or valuable files For thrill and excitement * To get even – maybe an I T staff who was terminated, or other parties you've ‘wronged' * As a publicity stunt – an example of which was reported in 1998 by Jim Hu in MTV â€Å"hack† backfires * Knowledge/Experiment/Ethical – some hackers probe a computer system to find its security vulnerabilities and then inform the system administrator to help improve their security * Another possible reason is that the hackers might suffer from a disease called Asperger syndrome (AS).They are people who are very good with numbers and at focusing on a problem for a very long period of time, but are not good in social relationships. How AS can possibly be linked to hacking behavior was discussed more thoroughly by M. J. Zuckerman in his ‘USA Today' article, What fuels the mind of a hacker? * Curiosity * To spy on friends, family members or even business rivals * Prestige – bragging rights in their social circle (particularly if they've hacked high-profile sites or systems) * Intellec tual Challenge Money – although most hackers are not motivated by financial gain; many professional criminals make money by using hacking techniques either to * set up fake e-commerce sites to collect credit card details * gain entry to servers that contain credit cards details * engage in other forms of credit card fraud WORKING OF ATTACKS Before studying about how traffic injection attacks works there are some basic terms we shoud have to know WEP Wired Equivalent Privacy (WEP) is a shared-secret key encryption system used to encrypt packets transmitted between a station and an AP.The WEP algorithm is intended to protect wireless communication from eavesdropping. A secondary function of WEP is to prevent unauthorized access to a wireless network. WEP encrypts the payload of data packets. Management and control frames are always transmitted in the clear. WEP uses the RC4 encryption algorithm. The shared-secret key is either 40 or 104 bits long. The key is chosen by the syste m administrator. This key must be shared among all the stations and the AP using mechanisms that are not specified in the IEEE 802. 11. FRAMES Both the station and AP radiate and gather 802. 1 frames as needed. The format of frames is illustrated below. Most of the frames contain IP packets. The other frames are for the management and control of the wireless connection. There are three classes of frames. The management frames establish and maintain communications. These are of Association request, Association response, Reassociation request, Reassociation response, Probe request, Probe response, Beacon, Announcement traffic indication message, Disassociation, Authentication, Deauthentication types. The SSID is part of several of the management frames.Management messages are always sent in the clear, even when link encryption (WEP or WPA) is used, so the SSID is visible to anyone who can intercept these frames. Authentication Authentication is the process of proving identity of a sta tion to another station or AP. In the open system authentication, all stations are authenticated without any checking. A station A sends an Authentication management frame that contains the identity of A, to station B. Station B replies with a frame that indicates recognition, addressed to A. In the closed network architecture, the stations must know the SSID of the AP in order to connect to the AP.The shared key authentication uses a standard challenge and response along with a shared secret key. Traffic injection quick HOWTO †¢1 Insert adapter †¢2 Load driver and activate adapter †¢3 Set driver into monitor mode (real 802. 11 mode) †¢4 Set appropriate channel †¢5 Open PF PACKET/RAW socket on interface (Linux only) †¢6 Use your socket and play †¢ Still, you need a 802. 11 stack over your socket and/or good libs †¢ and tools so you can communicate WORKING – This phase of term paper describes the working of attack by using one tool calle d INJECTION WIZARDInjection Wizard is an application for injecting traffic into WEP-protected Wi-Fi networks, like aireplay-ng, but it's much more easy to use and it can work with worse conditions (for example, more interferences, weaker transmitted/received signals, more restricted access points, etc). The higher the traffic of the network, the earlier we will be able to crack a WEP key with tools like aircrack-ng, airsnort, dwepcrack, weplab, WEPAttack, WEPCrack, etc. However, injecting traffic is not easy because you must build or capture a frame that causes a response frame in any other station (that is, a wireless node).This application carries out automatically all the needed actions to build a frame that causes a response in other station. These actions can be summarized in the following sequence of steps: 1. The application scans Wi-Fi networks and shows a list of WEP-protected networks, then it allows the user to select one of them. 2. It joins the selected network and moni tors that network in order to find a data frame. 3. It tries to extract a keystream prefix from the captured frame and then it tries to extend the keystream up to 40 bytes by means of the W.A. Arbaugh's inductive chosen plaintext attack. 4. It tries to find a host (for example, a connected computer, a network device, etc), which has an IP address belonging to a predefined range, by injecting forged ARP packets. 5. After finding an active host, it injects ARP packets targeted at that host. Some of the benefits of this application are easiness of use (due to its graphical interface, automatic operation, etc) androbustness (detection/management of network disconnections, repetition of failed actions, etc).Moreover, the Arbaugh's inductive attack can be performed by any Wi-Fi interface supporting injection in monitor mode, because the interface driver doesn't need any additional patch as it's usual to happen with the Bittau's fragmentation attack. Besides its higher applicability, this attack is generally more reliable than Chop-Chop attack for recovering a keystream of a given size, because it doesn't have to inject any frame larger than needed. This application is distributed under the terms of the GNU General Public License version 2 (read the license. tm file for more details) and comes with absolutely no warranty. The author assumes no responsibility derived from the use or the distribution of this program. The copyright of this application is owned by Fernando Pablo Romero Navarro (May 2010). Injection Wizard has made use of (with convenient modifications) the following free software applications: * scapy (version 2. 0. 1), distributed under the license: GNU GPL version 2. Copyright: Philippe Biondi,2009 (http://www. secdev. org/projects/scapy). * python-wifi (version 0. 3. 1), distributed under the license: GNU LGPL version 2. 1.Copyright: Roman Joost, 2004-2008 Software Requirements For the client application (graphical interface): †¢Any system with a recent Java virtual machine: JRE version 1. 6 or later. For the server application: * A Linux box with a recent kernel, so it should support Wireless Extensions version 22 or later (since kernel version 2. 6. 21) and the mac80211 stack for Wi-Fi interfaces (since kernel version 2. 6. 24, it is supported by many Wi-Fi adapter drivers). * A Wi-Fi network interface driver supporting injection in monitor mode (sometimes it's required to patch the driver for supporting this feature). The iw system command, if it's not provided by your Linux distribution you can get it by installing the aircrack-ng package or by compiling the source code that can be downloaded from: http://wireless. kernel. org/download/iw. * A Python interpreter with version 2. 5, later versions might also work. Instructions 1. Uncompress the injwiz. zip file. 2. Copy the client directory on a system with a Java virtual machine accessible from the command path (for example, launch a shell, enter the client directory, ex ecute the command: java -version and check the command outputs the JRE version number). .Copy the server directory on a Linux box. If the client and server directories weren't copied on the same machine, you should edit the runserver. sh script (in the server directory) and replace the IP address: 127. 0. 0. 1 with the IP address of the Linux box's network interface that is attached to the same network that the client machine (i. e. the computer that hosts the clientdirectory). 4. Enter the server directory and run the script: . /runserver. sh (the Python interpreter should be accessible from the command path. You can check this by running: ython -V from the command line and verifying that the interpreter version is showed). 5. On the client machine, enter the client directory and run either the script: . /runclient. sh (for Linux or Unix-like operating systems providing a shell compatible with the Bourne shell and whose path for the executable file is: /bin/sh) orrunclient. bat (fo r Windows). DESCRIPTION OF TOOLS The tools used for packet injection purposes are divided into two categories Hardware and software 1. Software Serious hackers usually use Linux-based open source penetration test tools from which to launch their attacks.This section details some of the more popular tools that can be used to search out and hack wifi networks. †¢Aircrack-ng: This suite of tools includes 802. 11 WEP and WPA-PSK key cracking programs that can capture wireless packets and recover keys once enough information been captured. Aircrack-ng supports newer techniques that make WEP cracking much faster. This software has been downloaded over 20,000 times. †¢Airjack: An 802. 11 packet injection tool, Airjack was originally used as a development tool to capture and inject or replay packets.In particular, Airjack can be used to inject forged deauthentication packets, a fundamental technique used in many denial-of-service and Man-in-the-Middle attacks. Repeatedly injecting deauthentication packets into a network wreaks havoc on the connections between wireless clients and access points. †¢AirSnort: AirSnort is wireless LAN (CLAN) tool which recovers WEP encryption keys. AirSnort works by passively monitoring transmissions, and then computing the encryption key when enough packets have been gathered.After that point, all data sent over the network can be decrypted into plain text using the cracked WEP key. †¢Cain ;amp; Able: This is a multi-purpose tool that can intercept network traffic, using information contained in those packets to crack encrypted passwords using dictionary, brute-force and cryptanalysis attack methods, record VoIP conversations, recover wireless network keys, and analyze routing protocols. Its main purpose is the simplified recovery of passwords and credentials. This software has been downloaded over 400,000 times. CommView for WiFi: This commercial product is designed for capturing and analyzing wifi network packets. C ommView for WiFi uses a wireless adapter to capture, decode, and analyze packets sent over a single channel. It allows hackers to view the list of network connections and vital IP statistics and examine individual packets. †¢ElcomSoft Wireless Security Auditor: This is an all-in-one cracking solution that automatically locates wireless networks, intercepts data packets, and uses cryptanalysis techniques to crack WPA/WPA2 PSKs.This software displays all available wireless networks, identified by channel number, AP MAC address, SSID, speed, load, and encryption parameters. While these capabilities can be found in open source tools, ElcomSoft provides a more polished product for professional use by wireless security auditors. †¢Ettercap: Ettercap can be used to perform man-in-the-middle attacks, sniff live connections, and filter intercepted packets on the fly. It includes many features for network and host analysis. This shareware has been downloaded nearly 800,000 times. Fi resheep: This is a plug-in to the Firefox browser that allows the hacker to capture SSL session cookies sent over any unencrypted network (like an open wifi network) and use them to possibly steal their owner’s identities. It is extremely common for websites to protect user passwords by encrypting the initial login with SSL, but then never encrypt anything else sent after login, which leaves the cookie (and the user) vulnerable to â€Å"sidejacking.† When a hacker uses Firesheep to grab these cookies, he may then use the SSL-authenticated session to access the user’s account. Hotspotter: Like KARMA, Hotspotter is another wireless attack tool that mimics any access point being searched for by nearby clients, and then dupes users into connecting to it instead. †¢IKECrack: This is an open source IPsec VPN authentication cracking tool which uses brute force attack methods to analyze captured Internet Key Exchange (IKE) packets to find valid VPN user identity an d secret key combinations. Once cracked, these credentials can be used to gain unauthorized access to an IPsec VPN. KARMA: This evil twin attack listens to nearby wireless clients to determine the name of the network they are searching for and then pretends to be that access point. Once a victim connects to a KARMA evil twin, this tool can be used to redirect web, FTP, and email requests to phone sites in order to steal logins and passwords. †¢Kismet: Kismet takes an intrusion detection approach to wireless security, and can be used to detect and analyze access points within radio range of the computer on which it is installed.This software reports SSIDs (Service Set Identifiers – used to distinguish one wireless network from another) advertised by nearby access points, whether or not the access point is using WEP, and the range of IP addresses being used by connected clients. †¢NetStumbler: This tool turns any WiFi-enabled Windows laptop into an 802. 11 network det ector. NetStumbler and dozens of similar â€Å"war driving† programs can be used with other attack tools to find and hack into discovered wifi networks. †¢WireShark: WireShark is a freeware LAN analyzer that can be used to passively capture 802. 11 packets being transmitted over a wifi network.This software has been downloaded millions of times. 2. Hardware †¢For hackers that prefer a turn-key package, there are also hardware wireless hacking tools available. We’ve highlighted one called WiFi Pineapple. It’s a simple, small, portable device that can be carried into any hotspot and used to attract any laptop trying to find a wifi access point. The Pineapple uses a technique called an Evil Twin attack. Hackers have used tools like KARMA to do the same thing for years, but with Pineapple, now you can buy a piece of hardware for only $100 that allows you to become a hacker without downloading or installing any software. Here’s what their website say s: â€Å"Of course all of the Internet traffic flowing through the pineapple such as e-mail, instant messages and browser sessions are easily viewed or even modified by the pineapple holder. †REFERENCES http://www. cse. wustl. edu/~jain//cse571-07/ftp/wireless_hacking/index. html http://www. cs. wright. edu/~pmateti/InternetSecurity/Lectures/WirelessHacks/Mateti-WirelessHacks. htm#_Toc77524642 http://www. webopedia. com/TERM/C/cyber_crime. html http://www. wi-fiplanet. com/tutorials/article. php/3568066 file:///C:/Users/jsk/Desktop/Wireless%20Hackers%20101. htm

All Primary and Secondary Education Should Be Free Essay

Education is an important asset to any one’s life and should be available to every one of all ages. Certain levels of education should be available to people of different levels and should be easily accessible. We need a basic form of education in our everyday lives. If we did not learn simple arithmetic such as how to count or if we did not learn how to read, we would suffer in the real word. If we bought something, people could rob us of our change simply because we cannot count. We would not be able to learn if we cannot read. We would rely on pictures to describe things for us and to convey the message to us. We would lose the thrill of reading. All these basic skills are taught in primary school and everyone should have access to primary school education. It is essential that everyone goes to school and if money is what is stopping them, then the government needs to make a plan to help correct that. Primary education should be made free as it allows people to develop their brains and gain a basic knowledge of the world. The government should provide institutions which learners can attend to be educated which they currently do and they are called government schools. These schools should be subsidised by the government for people who really can’t afford school fees. If people have enough money and choose to attend a private learning institution and have to pay school fees, they should do that at their own will. School should be made compulsory from age six when children are able to understand and grasp concepts more easily until about the age of sixteen where they will have a broad knowledge of the world and can decide whether they want to further their studies in a more specialised way. The quality of learning should be of a good quality at all levels of education. Secondary education expands on the knowledge that learners have received from primary school. It is still a broad range of knowledge but more important knowledge is given to learners especially in terms of career choice paths. It should be free or subsidised by the government for people who are really underprivileged or who really can’t afford school fees. School gives children a basic knowledge in problem solving skills that they may need in their everyday lives. Secondary education is compulsory up until grade 9 since grade 10 is when learners choose specific subjects which they feel may help them later on in life or in the career they are interested in. School should be compulsory till the end of matric. It would keep young people off the street and they would be doing something constructive such as improving their education. Nobody wants to hire a sixteen-year-old which is the age you are allowed to leave school at. Those sixteen-year-olds end up jobless, sitting at home or can become involved in gangs or drugs. Instead of wasting their time, they should rather attend school. They choose not to go to school because they are lazy and need that push to make them do something. They stand a much better chance of getting a job with a matric certificate. Finishing school up until matric level also allows you to explore new areas in your life and so that you can help find yourself, your talents and your interests.

Qualitative and Quantitative Research Essay - 1660 Words

Introduction This essay aims to cover two main focus points. The first section of this essay will take an in depth look at the major differences between two research methods – Qualitative and Quantitative. I will explore when and why they are used for specific types of research and how they apply to some types of work more effectively. The second area for this essay will be based around the research question- what factors contribute to you feeling anxious during sport or exercise? I will then go on to show that the best method to use to analyse this will be by using qualitative research, and then how it can be applied to it to extract all relevant information from it. Qualitative and Quantitative Research Methods The qualitative and†¦show more content†¦Quantitative research is likely to be used when analysing large amounts of numerical data as it converts the data into statistics, in contrast, qualitative research will be used in data that cannot be summarised with numbers and instead has to be categorised. For instance, it would be more beneficial to either use interviews or a focus group to gather information (Kerr and Grange, 2010) to conduct research into reasons behind a football team’s aggression. Kerr and Granges argue that qualitative research method allows them to gain a greater understanding of the reasons that the footballers gave for their aggression, because aggression is a personal issue, it cannot easily be quantified, for example one players’ â€Å"level 10† might be another’s â€Å"level 5†. In the last two paragraphs I have touched upon a few of the basic methods of data collection in the two different methodologies. A more in depth look shows how the data collection methods of the two transpose themselves into qualitative or quantitative. Qualitative research relies on the researcher being interactive with the athlete so they often use collection methods such as observations, interviews and diaries (Birley and Moreland, 1998). A qualitative researcher will also be more involved with any participants due to the field based nature of the work. Whereas a quantitative researcher will use questionnaires and test data as these correlate themselves to number related data which can be used toShow MoreRelatedQualitative And Quantitative And Qualitative Research1972 Words   |  8 Pagesworld of research, there are two general approaches to gathering and reporting information qualitative and quantitative approaches. The qualitative approach to research is focused on understandi ng a phenomenon from a closer perspective. The quantitative approach tends to approximate phenomena from a large number of individuals using survey methods. There has been widespread debate in recent years within many of the social sciences regarding the relative merits of quantitative and qualitative strategiesRead MoreQualitative Research : Qualitative And Quantitative Research854 Words   |  4 Pageswhat come to mind when thinking about qualitative and quantitative research. In other words, quantitative research utilizes numbers while qualitative research does not. Another noteworthy distinction between the two methods lies in data collection. Unlike qualitative research which is employed to transform data into statistics, qualitative research is utilized to gain a deeper understanding or underlying opinions, reasons and motivations. Quantitative research is exploratory in the sense that it attemptsRead MoreQuantitative and Qualitative Research1006 Words   |  5 PagesQuantitative and Qualitative Research Sheri Doubleday May 16, 2011 Research procedures depends on the analyzing data and questions on the topic being researched. All research can be differentiated on the basis of whether its methodology produces mostly numerical data (e.g., scores and measurements) or mostly narrative data (e.g., verbal descriptions and opinions) (Mertler, C. amp; Charles, C. 2011, p 24). Qualitative research and quantitative research are two types of research methods. Read MoreQualitative Research And Quantitative Research917 Words   |  4 PagesIn order to carry out my research, there were two feasible arguments to using qualitative research and quantitative methods. Qualitative research is recording information that express information about feelings, values and attitudes using words, whereas quantitative research uses data that is expressed in numerical form using descriptive and inferential statistics (Lindlof Taylor, 2002). Quantitative research is useful when measuring facts and is structured using characterised surveys and statisticalRead MoreQuantitative Research : Qualitative Research825 Words   |  4 PagesPoints of Consideration for this Qualitative Research Skinner, Tagg, and Holloway (2000) stressed that engaging in qualitative research demands an understanding of some of the drawbacks associated with doing this type of research. A number of common concerns related to qualitative research are found in the literature. The time and resources involved in collecting and analyzing qualitative data are mentioned frequently (e.g., Creswell, 1998; Skinner, Tagg, Holloway, 2000). A related concern involvesRead MoreQualitative Research : Quantitative Research Essay814 Words   |  4 PagesQualitative research is a kind of of scientific research which consists of an analysis that look for answers to a question, systematically uses a specific procedures to answer the question, gathers evidence, generate findings that are legit farther the limits of the study. Qualitative research has these characteristics. As an addition, it looks for to analyze the research problem or motif from the aspect of the local people who involves the study. Qualitati ve research is particularly effectiveRead MoreQualitative Research On Quantitative Research1496 Words   |  6 PagesThe qualitative research method involves analysing data, such as words, pictures or objects. It is more subjective, and requires the researcher to interpret data in order to form thematic ideas. Quantitative research can gather a large amount of data that can be easily organised and manipulated into reports for analysis. It often includes one to one interview. It utilises open- ended questions. This means that the researcher has to interpret their findings. Moreover, in qualitative research isRead MoreQualitative Research And Quantitative Research1675 Words   |  7 Pages Qualitative research and Quantitative research Qualitative research Defilation Qualitative research is a method used in different academic disciplines, generally in social science, but also in research and further contexts. Qualitative researchers aim to attain detailed understanding of human behavior rand the reasons that govern such behavior. The qualitative method investigates the why and how of decision making, not just what, where, when. Hence, smallerRead MoreQualitative Research : Quantitative Research1442 Words   |  6 Pageslevel, qualitative research involves an interpretive, naturalistic approach to the world. This means that qualitative researchers study things in their natural settings, attempting to make sense of, or interpret, phenomena in terms of the meanings people bring to them. (Denzin Lincoln, 2005, p. 3) Different from quantitative research that collects and analyzes numerical data, qualitative research deals with non-numerical data such as interviews, participant observations, audio and visual imagesRead MoreQualitative Research : Quantitative Research Essay1320 Words   |  6 PagesQualitative research is scientific research based on something that cannot be correctly and precisely measured (University of Wisconsin-Madison-Health Services Ebling Library, 2016). Qualitative research is biased and uses preliminary reasoning to combine data (University of Wisconsin-Madison-Health Services Ebling Library, 2016). Qualitative research establishes theories to help explain the phenomena while focusing on the experiences and opinions of all study subjects (Verhoef Casebeer, 1997)