Children of Men

Children of Men â€Å"Children of Men† is set in the year of 2027, when the world is in chaos with the multitude of political and social issues including immigration and fascism. The movie could be classified as science fiction because it consists of two common elements of the genre: a futuristic setting and a dystopian society. There is, however, no advanced technology or artificial intelligence. The cities look just like today, except they are shabby and grimy. Everything is awash in grim to reinforce the theme of a dystopian society. The gloomy setting makes London look like it did in the 19th century with its criminal world of the time.The color palette is stark, favoring grays over other hues. The movie vividly paints a bleak and horrific future that none of us would want to live in. In 2027, the world has become sterile. Britain, where the story is set, has become a somber place with a climate of nationalistic violence. Everywhere there are signs, warnings, and surveilla nce cameras. Immigrants are being purged and penned in cages. Heavily armed police fill the streets â€Å"only Britain soldiers on. †Ã‚   And above all, there are no children. No child has been born for eighteen years. The human race has become infertile; it is facing the likelihood of its own extinction. Children of Men† offers a possible beginning of the collapse – a world without children. And that collapse does not come through war, famine, or disease, but from the human race's infertility. The situation of the 2027 setting is built around contemporary issues such as immigration and terrorism. The lack of children and the possibility of children are the cause for all the action. The movie, however, is not really concerned about the reasons for the situation or how infertility will end the collective human race. Instead, it focuses on the reaction of individuals and societies to the unexpected reproductive crisis.It examines how one ray of hope becomes a tool used for politics and power. â€Å"Children of Men† is not really about children; it is about human civilization. Science-fiction films concerning dystopian societies commonly use confident and well – skilled heroes, but not â€Å"Children of Men. † Theo Faron is at the center of the conflict between government forces and an organized group of terrorists, the Fishes. Theo's rugged appearance and lack of motivation makes him a reluctant hero. In the beginning, Theo is indifferent to the death of eighteen year old Baby Diego. However, his perspective on life hanges when he meets Kee, a pregnant woman. Theo, an ex-activist, then is forced to face his own demons and protect the world's last remaining hope. Despite his average profession, he becomes Kee’s protector. This shows that men continue to be the dominant figures in society. Theo represents masculinity, bravery, and courage. Throughout â€Å"Children of Men,† viewers might feel conflicted betwee n the theory of good and evil as they are challenged which side they should take. At the beginning of the film, the audience sees themselves identify with the government, and thus sees the terrorists as evil.As the film progresses, however, the audience learns that the terrorists in the film are actually fighting for a good cause. When the film continues to be unfolded, the audience finds out that the terrorists want to use the child as a tool to gain power. Julian's goal is to help Kee escape to a safe place of safety run by a mysterious group called â€Å"The Human Project. Other Fishes have different ideas, viewing Kee's baby as a crucial device for their politics ambitions. The Fishes are no longer seen as being good in the audience’s view. It would be incomplete not to mention about the sound effects of the film.A variety of music follows Theo’s journey throughout the film. The sounds of traffic, barking dogs, screaming, and exploded bomb all add vital results to the dystopian world depicted in the film. Most remarkable, however, is the sound at the opening and ending of the film. â€Å"Children of Men† begins and ends with darkness, with only sounds heard, but those sounds tell the story. â€Å"Children of Men†Ã‚  highlights on the same problems society is facing today: crises involving racism, terrorism, pollution, and more. It is a dark but vivid story of hope and humanity. Children of Men Children of Men â€Å"Children of Men† is set in the year of 2027, when the world is in chaos with the multitude of political and social issues including immigration and fascism. The movie could be classified as science fiction because it consists of two common elements of the genre: a futuristic setting and a dystopian society. There is, however, no advanced technology or artificial intelligence. The cities look just like today, except they are shabby and grimy. Everything is awash in grim to reinforce the theme of a dystopian society. The gloomy setting makes London look like it did in the 19th century with its criminal world of the time.The color palette is stark, favoring grays over other hues. The movie vividly paints a bleak and horrific future that none of us would want to live in. In 2027, the world has become sterile. Britain, where the story is set, has become a somber place with a climate of nationalistic violence. Everywhere there are signs, warnings, and surveilla nce cameras. Immigrants are being purged and penned in cages. Heavily armed police fill the streets â€Å"only Britain soldiers on. †Ã‚   And above all, there are no children. No child has been born for eighteen years. The human race has become infertile; it is facing the likelihood of its own extinction. Children of Men† offers a possible beginning of the collapse – a world without children. And that collapse does not come through war, famine, or disease, but from the human race's infertility. The situation of the 2027 setting is built around contemporary issues such as immigration and terrorism. The lack of children and the possibility of children are the cause for all the action. The movie, however, is not really concerned about the reasons for the situation or how infertility will end the collective human race. Instead, it focuses on the reaction of individuals and societies to the unexpected reproductive crisis.It examines how one ray of hope becomes a tool used for politics and power. â€Å"Children of Men† is not really about children; it is about human civilization. Science-fiction films concerning dystopian societies commonly use confident and well – skilled heroes, but not â€Å"Children of Men. † Theo Faron is at the center of the conflict between government forces and an organized group of terrorists, the Fishes. Theo's rugged appearance and lack of motivation makes him a reluctant hero. In the beginning, Theo is indifferent to the death of eighteen year old Baby Diego. However, his perspective on life hanges when he meets Kee, a pregnant woman. Theo, an ex-activist, then is forced to face his own demons and protect the world's last remaining hope. Despite his average profession, he becomes Kee’s protector. This shows that men continue to be the dominant figures in society. Theo represents masculinity, bravery, and courage. Throughout â€Å"Children of Men,† viewers might feel conflicted betwee n the theory of good and evil as they are challenged which side they should take. At the beginning of the film, the audience sees themselves identify with the government, and thus sees the terrorists as evil.As the film progresses, however, the audience learns that the terrorists in the film are actually fighting for a good cause. When the film continues to be unfolded, the audience finds out that the terrorists want to use the child as a tool to gain power. Julian's goal is to help Kee escape to a safe place of safety run by a mysterious group called â€Å"The Human Project. Other Fishes have different ideas, viewing Kee's baby as a crucial device for their politics ambitions. The Fishes are no longer seen as being good in the audience’s view. It would be incomplete not to mention about the sound effects of the film.A variety of music follows Theo’s journey throughout the film. The sounds of traffic, barking dogs, screaming, and exploded bomb all add vital results to the dystopian world depicted in the film. Most remarkable, however, is the sound at the opening and ending of the film. â€Å"Children of Men† begins and ends with darkness, with only sounds heard, but those sounds tell the story. â€Å"Children of Men†Ã‚  highlights on the same problems society is facing today: crises involving racism, terrorism, pollution, and more. It is a dark but vivid story of hope and humanity.

Service Request Sr-rm-022

Hugh McCauley, COO of Riordan Manufacturing has submitted service request SR-rm-022. The service request is to integrate existing variety of human resource (HR) tools into a single integrated application (Apollo Group, Inc. 2011). The new system will provide the organization with a more sophisticated, state-of-the art, information systems technology than what they currently have to better assist the HR department. Before the approval of the project funding, Hugh McCauley will need a detailed project plan that provides some guidance. Completion of the project will complete in six months so utilization of the new system can begin in the second quarter of next year (Apollo Group, Inc. 2011). BackgroundInstalled in 1992, Riordan Manufacturing’s current HRIS system is part of the financial systems package. It keeps track of employee’s personal information; pay rates, personal exemptions for tax purposes, hire date, seniority date, organizational information, and vacation hou rs. Changes to an employee’s information is done through a written change and submitted (on special forms) by the employee’s manager and entered by the payroll clerk. Training and development records are kept in an Excel worksheet by training and development specialist (Apollo Group, Inc. 2011). Applicant information for open positions is maintained by each recruiter. Resumes get stored in a central storage area. An excel spread sheet is used to track the status of applicants.A third party provider manages worker’s compensation. They keep their own records. Individual managers keep employee files because there is no central employee file area. Managers are also responsible for tracking FMLA absences and any requests for accommodation under the ADA. The results of job analyses, salary surveys, and personnel compensation decisions are kept in an excel spreadsheet by the compensation manager. Complaints, grievances, harassment complaints, etc. are tracked by the em ployee relations specialists and are in locked files in their offices.Information GatheringThe information gathering techniques used to development the requirements of the new system will be done through interviews and joint application design  (JAD). Interviews will be conducted on individuals informed about the operation and issues of the current system and needs for systems in future organizational activities (Valacich, George, & Hoffer, 2012). In order for the interviews to be effective certain guidelines must be met. The guidelines that will be included in the interview process are as follows: Plan the interview- Prepare interviewee by making an appointment and explaining the purpose of the interview. Prepare a checklist, an agenda, and questions. Be neutral- Avoid asking leading questions.Listen and take notes- Give your undivided attention to the interviewee and take notes or tape-record the interview (if permission is granted).  Review notes – Review your notes wi thin forty-eight hours of the meeting. If you discover follow-up questions or need additional information, contact the interviewee. Seek diverse views- Interview a wide range of people, including potential users and Managers.  (Valacich, George, & Hoffer, 2012).Interviews will be conducted on employee managers, the training and development specialists, recruiters, and the third-party provider that handles the worker’s compensation, compensation manager, and employee relation specialists. The questions that will be asked during the interview process are as follows:1. What is your name, job title and the department you work?2. What do you need and why do you need it, what system functionality do you need (18 Steps to Selecting a Human Resource Information System, 2002)?3. What results do you wish to accomplish with this effort (18 Steps to Selecting a Human Resource Information System, 2002)?4. What work processes do you wish to change through this selection and what should t he new processes look like (18 Steps to Selecting a Human Resource Information System, 2002)?5. What are the business drivers for the new system, how does this system support the overall needs of the business (18 Steps to Selecting a Human Resource Information System, 2002)?Once the interviews are completed by the analyst team, the interviews will be asked to participate in a joint application design (JAD). The joint application design team will consist of the analyst team, employee managers, the training and development specialists, recruiters, and the third-party provider that handles the worker’s compensation, compensation manager, and employee relation specialists.The primary purpose of using JAD in the analysis phase is to collect systems requirements simultaneously from the key people involved with the system (Valacich, George, & Hoffer, 2012). The JAD will be held at an off-site location in Atlanta, Georgia. Once the team is settled in, the discussion can begin. The in formation that needs to be discussed and agreed on is as follows:1. What type of application are you looking for, standalone PC, networked client/server, or mainframe (18 Steps to Selecting a Human Resource Information System, 2002)?2. What operating system does it need to run on — Windows NT, UNIX, etc. (18 Steps to Selecting a Human Resource Information System, 2002)?3. If it's a database application, what database does your company support, SQL, Oracle, DB2 (18 Steps to Selecting a Human Resource Information System, 2002)?4. How will it connect to remote offices? Does it need to be web deployable (18 Steps to Selecting a Human Resource Information System, 2002)?5. Does it make a difference what language the application is programmed in such as C++ or Visual Basic (18 Steps to Selecting a Human Resource Information System, 2002)?6. Is your IT department planning a major change in technology platforms in the next year (18 Steps to Selecting a Human Resource Information Syste m, 2002)?Project scope is a project management term for the combined objectives and  requirementsnecessary to complete a project (Project Scope, 2013). Project scope is important because it allows the system analyst team to estimate costs and the time required to finish the project. A plan is created for the proposed project for the team to follow. This baseline project plan customizes the standardized SDLC and specifies the time and resources needed for its execution (Valacich, George, & Hoffer, 2012).The team analyst believes that it is in the best interest of Riordan Manufacturing to discontinue the use of their old HRIS system and implement a new one. The old system requires paperwork to be filed and stored in unprotected areas. There are several managers responsible for the safety and protection of pertinent employee information that should be kept in a locked and secure area. ConclusionRiordan Manufacturing has taken the correct steps in implementing a new HRIS system. The g uidelines have been set and a team has been formed to discuss what the new system should include. The next step is to decide on what system to use and how the design should be. What security controls should be set and the tools that will be applied in the terms of data, processes, interfaces, and network.

How Dretske responds to Chisholm's claim that intentionality cannot be Essay

How Dretske responds to Chisholm's claim that intentionality cannot be naturalized - Essay Example Chisholm argued that intentionality cannot be naturalized because of the numerous influencing factors that surround us. According to Locke Chisholm argued that for every decision we make there must be a factor that influences or alters a person’s needs or will. He further argued that every decision we make is based on the fact that we must take the path to be comfortable. According to Chisholm factors affecting a person’s intent may also be psychological. This also denies the possibility that intentionality can be natural. To naturalize intentionality Chisholm argued that there must be absolutely free will in an action. In his argument need and wants of the people does not allow what individuals do to be natural. For instance, a person’s need for food, shelter and clothing makes ones intention to acquire the commodities an artificial intent. In this scenario, the intent can only be natural if one could survive without food and still have the intent and urge to ac quire the commodity. ... For instance, one can refer it to natural intentionality when a person takes an alternative option when tackling an issue but as artificial intentionality when the individual chooses another option based on threats or any other influencing factor. Chisholm argued that intentionality cannot be naturalized because of the numerous influencing factors that surround us. According to Locke Chisholm argued that for every decision we make there must be a factor that influences or alters a person’s needs or will (87). He further argued that every decision we make is based on the fact that we must take the path to be comfortable. According to Chisholm factors affecting a person’s intent may also be psychological (Locke 102). This also denies the possibility that intentionality can be natural. To naturalize intentionality Chisholm argued that there must be absolutely free will in an action. In his argument need and wants of the people does not allow what individuals do to be natur al. For instance, a person’s need for food, shelter and clothing makes ones intention to acquire the commodities an artificial intent (Locke 92). In this scenario, the intent can only be natural if one could survive without food and still have the intent and urge to acquire the commodity. According to Chisholm intentionality is built on artificial factors that man cannot evade. The only possibility to have naturalized intentionality is whereby an individual s considered free spirit in his environment. Locke defines a free spirit by arguing that a free spirit is a form of an individual who does not require influence from any environmental factor to make their decision (112). According to the author this scenario is practically impossible. From this perspective,

Summary of TWA Flight 800 Accident Essay Example | Topics and Well Written Essays - 500 words

Summary of TWA Flight 800 Accident - Essay Example The plane exploded approximately 10 minutes after takeoff , and all 230 were killed, with the plane considered to be ‘destroyed’, breaking up into pieces and crashing into the Atlantic Ocean. The ‘why’ of the accident is harder to determine, as many conspiracy theories have come to life in the almost 15 years since the accident. The official cause listed by the National Transportation Safety Board (NTSB) was one of â€Å"fuel tank failure†, stating that the center wing fuel tank exploded. Though no concrete cause was determined for the explosion, most speculate that it was a short circuit of the wiring outside the fuel tank, which then led to a chain reaction and breaking up of the airplane when the fuel ignited. After the TWA Flight 800 accident, measures were taken to prevent another accident from occurring like this one. The post-accident report of the NTSB focused on safety issues, stating that a contributing factor was the fact that there was a h eat source beneath the fuel tank with no way to cool that source, as well as no way to prevent the vapors that were given off by the fuel tank from igniting. In 1997, extensive tests were done to measure fuel output in conditions similar to Flight 800, as well as measure the temperature of the fuel and determine if it was flammable at those temperatures.

Philosophy of Teaching Essay Example | Topics and Well Written Essays - 500 words

Philosophy of Teaching - Essay Example Progressive education, the philosophy that education needs to reflect the fact that humans are social animals and learn best through social activities, contradicts student self-directedness. This thought leads one to conclude that interactivity between student and learning material is necessary for a proper education. Rather than lecture with displays, children learn best by using their five senses, motor skill coordination, and spatial refinement. This can only happen when the children feel that they are in control of their classroom environment. Children learn best through trial and error; therefore, giving them tasks to complete and learn from their errors is vastly superior to simply giving them the right answer at finish. In many ways, the most effective way of teaching children is to give the student hands-on experience with the lesson. Getting the children active and engaged is a matter of doing activities that hold the student’s attention. By doing these specialized ac tivities, students develop the will and ability to have their own thoughts: thinking and doing independently and apart from an obtrusive teacher. This philosophy of learning accompanies a complementary philosophy of pedagogy. Because students and children in general are capable of self-directed learning, the ideal teacher is not so much a lecturer or an interferer, but rather she is a guide or a director of learning. The teacher does not give facts for rote memorization or lead students into social learning, but rather into the autonomous completing of activities. The teacher simply introduces the materials and lets students teach themselves and others, and helping when necessary. When the teacher feels that the student has mastered the current material, demonstrating this with new skills and knowledge, he or she can introduce new materials and exercises. The proper approach to pedagogy views testing and grades as antithetical to the proper purpose of education as a means of teaching

Eating Habits of Students Essay Example | Topics and Well Written Essays - 1750 words

Eating Habits of Students - Essay Example The importance of a healthy lifestyle is inevitable. A good and healthy lifestyle starts with the diet one takes (Bailey, 2007 ). A blend of calorie intake together with fruit and vegetable consumption, as part of the diet, is advisable in ensuring a balanced diet. It helps prevent lifestyle-related disorders and diseases (MacClanccy, Henry, & Macbeth, 2009). Strict dietary guidelines help maintain a healthy diet and avoid the big gap in dietary divide experienced today by many people. The prevalent short lifespan emanates from the wrong choice of diet that end up affecting our health (Shepherd & Raats 2006). The young generation seems to pay little attention to the crucial topic of diet and health. Their choice of diet remains a secondary consideration in their responsibility for their health (Gullotta, Adams & Ramos 2005). Dietary disorders among young people are on the rise at an alarming rate. Instances of obesity in young people are increasing more than ever experienced. Accordi ng to Richards, 2007, guiding the young generation on issues of diet and health become essential. Topics such as the choice of food, awareness of a well balanced diet and the need to create attention to nutrition among by young people need further elaboration. Teaching the youth about diet and health, therefore, is indispensable an issue most governments must consider engaging (Berg 2002). Statistics in the United Kingdom show that several schools going students have poor knowledge of diet and health (McGinnis & Gootman 2006). Several students express low attention to nutrition. The choice of a better diet by students is poorly in several students (Glass 2009). In what areas many students pay less attention to, as far as diet and health are concerned, this report sorts to find out. The report discusses the important dietary areas overlooked by students and their extent of caution to their health. 2. Method In order to find out the eating habits of students, a survey was conducted wi th the help of an oral questionnaire. Total 30 randomly selected students in the UK took the interview in different learning institutions for the purpose of representing the student population. The group of respondents composed of students from different learning institutions at different stages of studies. The respondents consisted of fifteen boys and fifteen girls. The questionnaire (attached in the appendix) consists of different kinds of questions which chiefly build upon each other. The question types used is, for example, â€Å"yes/no†, multiple choice and ranking questions. In addition, some questions require the respondents stating their own opinion or telling more about their own experiences. While the questionnaire is not plainly segmented, it focuses on one major topic of health and diet. The questionnaire consists of seventeen (17) questions. The first question asks about the respondent’s gender. The second question asks about the frequency of meals taken b y students per day. The number of meals ranges from one (1) to four (4) per day. The third asks the opinion of the responder, whether he or she gets a balanced diet. It offers five options of response to the question. The fourth question inquires the respondent’s knowledge of a balanced diet. The fifth question asks the respondent about his or her preferred meal.

Political Campaigns and elections Essay Example | Topics and Well Written Essays - 500 words

Political Campaigns and elections - Essay Example When we think about the ways in which systems for campaigns and elections--including finance and media--seems to work best and ways in which they fall short of an expected level, we are actually thinking about the socio-political fiber of the country and analyze the system in the light of its political history and values. The system for campaigns and elections including finance and media will differ drastically in societies where democracy is newly introduced as a political system and the societies where it has deep rooted political values and mature democratic culture. However, societies that have mature political culture and have a profound democratic history feed for the system wide changes of political campaigns, elections, finance and media that can be adapted with appropriate changes to suit the socio-political environment of a society. Therefore, the best way to think about the political campaigns and election including finance and media is to study the system in grown-up demo cratic societies that have a known and appreciable democratic system in place for decades. With these thoughts in mind, the system for campaigns and elections—including finance and media I would like to prevail is simple in nature.

Multivariate Analysis Essay Example | Topics and Well Written Essays - 3000 words

Multivariate Analysis - Essay Example The huge capacity of research in the field of modeling of the real world processes along with handling of several input and output variables is obvious. All these situations can be considered as multivariate due to the presence of multiple variables. Multivariate Analysis: Multivariate analysis techniques identify the relationship patterns among a number of variables at one time. Multivariate analysis techniques are generally used for, Development of classification systems. Enquiring ways to group and use data items. Generation and testing of hypothesis. Selected Papers The research papers selected for the study are listed as follows, 1. A Study of Diversification in banking sector with special reference to Finance, by Yaseen Ahmed Meenai, IBA, Karachi, Pakistan. 2. Performance measurement by Data Envelopment Analysis (DEA): A study of banking sector in Pakistan by Sultan Jahanzaib, Bilal Muhammad, Zaheer Abbas. International Islamic University, Islamabad, Pakistan. 3. The Comparison of Principal Component Analysis and Data Envelopment Analysis in Ranking of Decision, by Filiz KARDYEN and H.Hasan ORKCU, Turkey. The sources of these research papers are indicated in the references. The rationale of selection: Keeping in mind the major field of study as ‘finance’, these papers are selected to study the application of multiple multivariate analysis techniques in the field. Following paper wise description clarifies the selection criteria to a better extent. Research paper 1, discusses the growth of consumer financing in Pakistan during the early years of the first decade of this century. The purpose is served through the selection and study of the data generated by ten financial institutions in this era. To support the hypothetical claim of a boom in performance during this period, two multivariate analysis techniques namely Profile Analysis and Correspondence Analysis are used. The second research paper is also related to the banking sector in Pakista n. The relevance with the field of finance becomes the main reason for the selection of this paper as well. The added reasons are that the paper exhibits the application of a unique non statistical multivariate technique namely Data Envelopment Analysis. This technique is used to comment on the efficiency and effectiveness of the DMUs (banks). The hypothesis presented claims no correlation between efficiency and effectiveness. The result of analysis supports the hypothesis. Research paper 3 is selected mainly to enhance the knowledge of multivariate techniques studied and learnt in this research so far. This paper is taken as an extension to the previous one as it compares the Data Envelopment Analysis with a purely statistical multivariate analysis technique namely Principle Component Analysis. The case study (a bit financial) and data selected for the comparison is related to the ranking of multiple European Union Countries in terms of economy. The paper stands out as it proves th at PCA could be used instead of DEA for ranking the DMUs (counties in this case) as effectively as DEA. The paper highlights the procedural differences of both the techniques as well. The Techniques: Profile Analysis This technique takes the data in tabular manner to consider the row wise or column wise profiles. The visualization of data through profile analysis enhances the understanding of data. The factors like relative inclination or decline and percentage

Assignment Example | Topics and Well Written Essays - 500 words - 74

Assignment Example concept that was created in the Twentieth Century, and it stresses on the decentralization of government powers, but not equal sharing of government responsibilities between local, state and federal institution and agencies (Grant 257). This implies that both federal and state governments are concurrently independent and interdependent with a common region of financial resources and functions. Therefore, it is difficult for a single government to accumulate all the powers. The courts affect the sovereignty of the state particularly when the laws are unconstitutional (Grant 257). However, the most significant question is who determines what is unconstitutional. The state authority usually has the power to declare any Congress’ law unconstitutional by using the right reasoning method. Additionally, the primary function of a state government is to protect its citizens and their common good. State Court judges usually swear to uphold the constitution while federal court judges do not. Poor states cannot offer benefits that rich states can provide, yet state citizens whether poor or rich are equally considered as American citizens. National citizenship is responsible for addressing these inequalities. Another example is that cooperative federalism blurs the thin line between national and state responsibility (Grant 261). This encourages people to express their interest at the government level that offer the best opportunity of success. Yes. This is because early supporters of Washington Administration were known as Federalists because they advocated for a strong national government that outweighed state governments (Grant 261). Those who were in the opposition became Republicans since they felt that a strong national government would undermine the functions of states’ governments, which forms the United States of America. Federalists then became what is presently known as democrats. Even in the current U.S. government, the democrats are in the government while

Traditional Strategic Planning Essay Example | Topics and Well Written Essays - 2500 words

Traditional Strategic Planning - Essay Example This school was administered and spread by professional managers, people with MBA's staff experts (especially in finance and management) consultants & government controllers. Their intended message was to formalize. The message received by their intended listeners was to make a program and administer one. They belonged to the Prescriptive school category. Their theory states that a stitch in time saves time. Their failure was caused by their not supporting real time strategy making nor encourages creative accidents. c) Positioning school - This was founded by Sun Tzu in his literary work The Art of War. This school concentrated on economics or the industrial organization and the military history. This school was championed by consulting boutiques type of business and United States writers. They espouse the theory of analyzing things. The message that was received by their listeners was that they should calculate their every move and not concentrate on creating or committing. This the ory belonged also to the Prescriptive management school of thought. Their theory was to consider only the facts of in management decision making. Their shortfall was due to their strategy being reduced to generic positions that were selected thru formalized analysis of industry. d) The Entrepreneurial school was established by J A Schump and A H Cole with collaboration from other economics faculty. Their writings were based on economics. Their intended message was to envision the future but the listeners interpreted their teachings as to centralize and hope for the best. They belonged to the second type of school called the descriptive. Their theory was to take themselves to the leader. Their failure was due to the unclear vision and they depended too much on the leader to for decision making purpose. e) The Cognitive school was established by H A Simon and J March. Their base discipline was Psychology (cognitive). This school was preached by pessimists who are psychologically bent. Their intended message was to cope with any situation or create a solution. The message that got thru to the listeners was that worry was evident in all their actions. This school was described as Descriptive. Its saying goes I will see if when I believe it. Their failure was due to the too subjective approach to strategy formulation. f) The learning school was established by LIndbio, Cyert, March, Weick, Quinn, Prahlad & Hamel. There seems to be no base discipline in this school. Chaos theory in mathematics had started here. The movers of this school were people who loved to experiment, ambiguous and adaptable to many situations like in Japan and Scandinavia They are espousing that the prefer learning but the message that reaches the listeners seems to be the movers just want a play atmosphere to abound. Their school falls under Descriptive type. Their very famous line goes if at first you don't succeed, try and try again. Their failure seems to be that their strategic management process seems to be chaotic or in trouble. Their teachings seem chaotic.g) The power school was established by Alison, Pfeffer, Salancik & Astley. Their base discipline is political science. They are moved by people who love power, politics and conspiracy. Their intended m

Putting Members First Essay Example for Free

Putting Members First Essay At Nationwide we want to work with people who share our values. In 200 300 words what do Nationwide’s values mean to you? And how do you exhibit these when you work with others? Nationwide’s values are clear and concise, arranged in a 5 letter acronym, PRIDE. Each letter holds impact, and the values are very clear to what Nationwide believes in. Firstly, they believe in putting members first. This reflects that it is the customers who take priority. I believe that this should be the forefront of any organisation in that there should be a good quality service in place solely based on satisfying the customer. I would regard the customer in every decision I make/input in teams. Rewarding memberships is also important to Nationwide’s culture. There has to be an incentive in place to make members feel they are seeking benefits by choosing Nationwide. I would ensure that this is done by being hardworking, and helping others achieve their targets, so the members will receive their reward. Members of Nationwide also have to have trust in the work that they do. I believe in working with integrity and exert professionalism so that the members know that their information is safe, and that they feel they are priority so they can trust that they are receiving the best reward. This links into the next value at Nationwide of doing the right thing. I understand that it is important to own up to mistakes and try to amend these rather than trying to cover them up. Pride in the company should always be ahead of my own pride. Excelling at service is what gives Nationwide its prestigious place as the largest building society in the world. I would ensure that I keep up to Nationwide’s high standards.

Developing Self-Assessment Skills in Nursing

Developing Self-Assessment Skills in Nursing Self-assessment is the way in which individuals reflect on past experiences and events in order to facilitate learning, and to develop and maintain skills and knowledge, in order to evaluate whether individual competencies are compliant with relevant codes of conduct by profession. Models within the literature on the process of self-assessment also use the term ‘reflection’ to describe such activity, whereby self-assessment / reflection method is seen to involve ‘returning to an experience, describing it and attending to thoughts and feelings.’ (Platzer, Blake Snelling, 1997;193) For nursing and other healthcare professionals (HCPs) in particular, self-assessment is a medium in which theory can be assessed during practice, and to tap into the personal knowledge resource of HCP’s ‘embedded in the practices and know how of expert clinicians. (Brenner, 1984;4) The cognitive processes involved within self-assessment activity are described within the literature as complex, involving high order cognitive capacities; making influences, generalizations; memory, analogies; emotional evaluation and problem solving (Moore, 1998). Analysing ones performance is thus described in terms of a professional development tool, whereby gaps in knowledge as well as areas of expertise may be identified, and form the focus of further training, and/or activities at work in line with Department of Health initiatives for continuing professional development. Self-assessment within clinical practice for nurses thus needs to be taught and coached, and may occur in a number of ways. Models of reflection and self-assessment documented describe the need for use of written records of practice within self-assessment, such as through reflective diaries (Platzer, Blake Snelling, 1997) which can be used as the basis for discussion during group-working projects and in one-to-one coaching sessions between mentors and student nurses for example. The use of reflection through self-assessment has been suggested as particularly relevant to nurses due to the nature of their work – the need to respond to individual requirements and needs of patients, and to avoid rigid routines of caring acts that can lead to performing duties on ‘autopilot’ (Cox, 1994) Self-assessment is thus suggested to prevent complacency or caring through pattern / ritual from occurring, by reflecting on ones practices to allow nurses to provide individualized patient care. Self-assessment practices may be taken by nurses during a number of reflection opportunties; critical incident techniques (Clamp, 1980; Flannagan, 1954) reviews of case studies and personal experiences or practice reviews (Wilshaw Bohannan, 2003) The reflection process thus enables learning for nurses through initiating discussion and thought in regards to comparing actions taken against suggested best practice. Self-assessment is becoming increasingly incorporated learning programmes for nurses, as well as receiving focus throughout careers in order to enable continuing professional development. Self-assessment of ones own competencies are thus predominantly portrayed in a positive light and emphasis given to associated advantages. One of the major benefits of incorporating self-assessment into both education and professional development, is the way in which theory and learning can be translated into more applied methods, and by increasing the relevance of taught theory, help students and new nurses to apply what they have learnt in the classroom into their patient care through evaluating learning in the context of their own experiences. Reflection and self-assessment throughout a career can also allow nurses to develop this initial knowledge base by incorporating future experiences to widen personal knowledge resource to continue to grow professionally. Benefits of the use of self-assessments can also be seen in the way in which they can allow more accurate evaluation of the training programmes used to educate nurses. Research indicates that the commonly used questionnaire technique to investigate students perceptions and evaluations of training can be influenced by a range of external factors that often make such ratings highly unreliable; like / dislike of the tutor, and the aesthetics of the learning environment are two such factors (Hicks Henessey, 2001), and are thus likely to contribute little to analyzing the true efficacy of the training undergone. Considerations should however be taken when using self-assessment for a number of reasons. Firstly the depth of evaluation and use of reflections will depend on the level of importance that an individual will place on their own knowledge and assessment abilities. It has been reported that many HCPs place little value on their own personal knowledge favoring only research based knowledge – thus underutilizing their own resource (Platzer, Blake Snelling, 1997) and so may subsequently place little value or effort into the process of self-assessment meaning learning outcome will be limited. The reliability of the cognitions underlying self-assessment techniques can also put into question the usefulness of the results for learning – memory for recounting events can be affected by anxiety (Newell, 1992), whilst others may feel under scrutiny and look to justify or rationalise actions (Wilshaw Bohannan, 2003) rather than reflect and learn from outcomes. This highlights the w ay in which self-assessment is only truly useable in environments that are not operating within a blame culture where personal evaluation would otherwise be inhibited. Lastly it is also reported that the coaching experience and ability of mentors to teach self-assessment techniques exerts a strong influence on the outcome in ability to complete self-assessment tasks for their students, and therefore the ability of coaches will have a positive or negative impact for students (Arvidsson,2005) The Nursing and Midwifery Council(NMC) openly supports the use of a self-assessment system as a means for nurses to identify ‘shortfalls’ in their skills, by rating their own performance. Self-assessment should be thus used to identify gaps in nurse’s abilities and so highlight key training needs, acting in what the NMC call an ‘early warning system’ capacity against poor standards (Duffin, 2004). Although not compulsory, self-assessment is seen as a way for nurses to contemplate critical areas within their clinical environment (information for clients on treatment, nurse/client relationships professional accountability: Duffin, 2004) that staff shortages and time pressures may otherwise push to the sideline, with the assessment of these factors proposed to help nurses to work within the NMC Code of Professional Conduct, and protect staff against misconduct charges, by providing a practical route of translating codes of contact guidelines into action s and evaluating the effectiveness of these actions. The use of self-assessment procedures with nurses is already covered in some detail within learning and training courses for those new to the profession of nursing. In early training, mentors are used to facilitate the start of a journey of growth from knowledge (Price, 2005), through the ability to reflect on ones own actions, and feelings towards those experiences individually or in group work during nursing education (Platzer, Blake Snelling 1997) Self-assessment as a tool for learning is also actively encouraged within the continuing professional development initiatives set by the Department of Health which now stipulates the need for post-basic education for all HCP’s, and from the NMC’s own code of conduct which places great importance on the identification of skill-shortfalls through self-assessment alongside other identification means, in order to ensure patients are receiving the best care possible, from skilled and well trained nursing professionals. REFERENCES Arvidsson, B (2005) ‘Factors influencing nurse supervisor competence: a critical incident analysis study’ Journal of Nursing Management Vol. 13, 3 Clamp, C (1980) ‘Learning through critical incidents’ Nursing Times 1755-1758 Crawford, M (1998) ‘Development through self-assessment: strategies used during clinical nursing placements’ Journal of Advanced Nursing Vol. 27, 1 Duffin, C (2004) NMC system to give early warning of skills shortfall’ Nursing Standard Vol. 19, 5 p7 Flannagan, (1954) cited in Wilshaw, G Bohannon, N (2003) ‘Reflective practice and team teaching in mental health care.’ Nursing Standard Vol. 17, 50 p33-37 Hek, G ‘Developing self evaluation skills: a pragmatic research-based approach for complex areas of nursing’ Nurse Researcher Vol.11, 2 p73-82 Hicks, C Hennessy, D (2001) ‘An alternative technique for evaluating the effectiveness of continuing professional development courses for healthcare professionals: a pilot study with practice nurses’ Journal of Nursing Management Vol. 9 p39-49 Moore, P (1998) ‘Development of professional practice research training fellowships: occasional papers’ Health Professions Wales Morrison, J (2005) ‘ABC of learning and teaching in medicine’ British Medical Journal 326 (7385) p385-387 Newell (1992) cited in Platzer, H. Blake, D Snelling, J (1997) ‘A review of research into the use of groups and discussion to promote reflective practice in nursing’ Research in compulsory Education Vol. 2, 2 Platzer, H. Blake, D Snelling, J (1997) ‘A review of research into the use of groups and discussion to promote reflective practice in nursing’ Research in compulsory Education Vol. 2, 2 Price, B (2005) ‘Self-assessment and reflection in nurse education’ Nursing Standard Vol. 19, 29 p33-37 Wilshaw, G Bohannon, N (2003) ‘Reflective practice and team teaching in mental health care.’ Nursing Standard Vol. 17, 50 p33-37

how to make a justification report

how to make a justification report Justification Report 1. Introduction I have been appointed as a project manager of MPAG (Mostper Park Automobile Group Ltd) which is a fast growing campany formed by the merger of a number of garages who sell used cars. As the newly formed MPAG, the garages then became dealers for the Average Autos Car manufacturer. Subsequetly, as the business of each garage has expanded to cover the sale of new vehicles, the parts and servicing side of the business has also developed. The primary business of each garage is currently considered to be in car sales; each garage deals in both new and used cars. The used cars held at a particular garage come from a variety of sources; some from customer trade-ins at that garage, some from exchanges with other MPAG garages. Each garage aims to keep a limited number of second-hand cars in stock, depending on current trends within the group as well as local sales patterns. Cars are frequently moved between the five MPAG garages in the Mostper Park Automobile Group to avoid any car remaining on a forecourt for any great period. In addition to used cars, each garage keeps a limited supply of new cars. These are available for customers to test drive or purchase. A record is maintained of all new cars on stock within the MPAG. If a customer requires a particular car and the local garage does not have the desired model or specification, the sales staff can check if another garage in the MPAG has one in stock. If one can be located then a transfer/exchange between garage is aranged by the manager. If not, in the case of a purchase requirement, they can place an order with the Average Autos manufacturer. Although members of the sales staff can take bookings for test drives, the final authorisation rests with the manager of the garage. Each garage has a number of other departments; parts, servicing and administration. The primary purpose of the parts department is in supplying the service department and supporting car sales if any optional extras are required which are not factory fitted. The parts department can also trade with customers directly. The service department at each garage has a variety of functions such as basic car servicing and valet service. A number handle MOTs. The small admin department takes care of staff administration functions. The admin department may also handle booking in cars for the service department and switchboard activities. The company decided to develop an online service and appointed a project manager to control the project. So my first tasks as a project manager would be; choose appropriate agile method in order to develop the solution and manage the project, guide the systems analyst to produce analysis and design documents which help to visualise the project well before the development, and Guide the developer to produce the software which meet all the user requirement. Comparing with last couple of decades, todays Information Technology (IT) manager is under ever-increasing pressure to deliver results in the form of applications that drive improvements to the bottom line even while IT budgets are being significantly slashed. Meanwhile, despite the fall of the Internet economy business environments continue to change at a rapid pace leaving many IT shops struggling to keep up with the pace of change. These changes have led to an increased interest in agile software development methodologies with their promise of rapid delivery and flexibility while maintaining quality. Agile methodologies such as extreme Programming (XP), SCRUM and Feature-Driven Development strive to reduce the cost of change throughout the software development process. So after the discussion of requirement gathering, the methodology will be decided to the above mentioned case study scenario. 2. List of Requirements This is the list of requirements for MPAG written below. The first sets of requirements can be considered as the main/ general requirements for every user without specifying their need. 1. The users should be able to create an account using Sign Up process. 2. Once a customer opens an account, he should be able to login using his user name and password. 3. The customer should be able to see online where the nearest garage is (The geographical location). 4. Then the user requirements are going to be categorized according to their major requirement of the time. After the main requirements, I have categorized the user requirements according to their wants and needs stated below. Service Department 1. Once signed in, the customers should be able to do a booking for their car service. 2. When the car(s) are garaged, the car owner should be able to see the progress online. 3. The customer should be able to store private data, such as VIN or license info, for easy access online. 4. The customer should be able to retrieve the history like the last time a repair was performed, with searchable repair forms. 5. The online profile should allow them to display their vehicle in virtual showroom. Sales Department 1. Once signed in the customers can search for used/new cars using advanced search options like manufacture, made, color, etc for the purpose of purchase before they visit the garage. 2. Once signed in the customers can search for used/new cars using advanced search options like manufacture, made, color, etc for the purpose of test drive before they visit the garage. 3. If the customers choice of car is not available in the nearest garage for purchasing or test drive, they should be able to send a request to the garage to get the specific car as soon as possible. 4. If the garage received the customer requested car from another branch, the customer should be acknowledged by sending an email. Parts Department 1. Customers should be able to search for a specific car part online in general (In the entire garage network) 2. Customers should be able to see a list of garages where a specific car part is available for purchasing. 3. They should be able to order it online, if they wish, as an online transaction so the goods will be delivered to him. Administration Department 1. Administration Department should be able to communicate with all the branch administrations as a network. 2. Handle booking in cars for the service department and switchboard activities. 3. The customers should be able to reach the main administration department for inquiry and customer service purpose. 3. Justification Report on Development Customer service is the best customer retention investment organizations can make. Customers expect immediate response and if dissatisfied can disappear. Therefore I am concluding my decision about the development stage of MPAG as I go in below written explanations considering those key facts. Investment in Business Outsourcing is the most effective way to ensure your customers are getting the response they require without a huge capital investment. The right partner adds value to your customer service program. Managing customer services takes special skills training, administration, systems, sales, creative work, legal assistance, and response and tracking technology. A service bureau, with its large volume of work and varied client base, can attract and retain the top specialists in the field. PROVEN PROCESS The outsourcing approach to customer service solutions is a powerful business model because it allows our clients to focus on their core competencies while allowing EMS to focus on ours customer service. You can concentrate on your business while we maintain and enhance your client base through the management of all types of electronic communications without the expense incurred by in-house, customer care programs. SCALABLE OPERATIONS Its hard to build as you go. The flexibility of a modular and scalable environment allows seamless support of your programs and grows with your needs. A service bureau already has the infrastructure and management team in place, so companies can buy the capabilities they need right now, without paying for what might be needed down the road. TECHNOLOGY PRODUCTIVITY MANAGEMENT Many companies look to outsourcing because its just too expensive to keep up on todays technology treadmill. As a result, powerful new products and services are made available to our clients way before such solutions would be possible under an internal development environment. FLEXIBLITY Outsourcing solutions are ready to be deployed very quickly, providing our clients with a clear advantage in time to market. Outsourcing allows clients to manage the growth of their business and improve customer contact, while we respond to, route and track customer electronic communications. 4. Justification Report on chosen Methodology After doing few research studies, I am coming to the conclusion of using SCRUM as the methodology. The main reasons for my choice of SCRUM can be stated as: Scrum delivers value to the business Scrum helps form high performing teams Scrum helps motivate and focus team members So giving an explanation note to each one of those above motioned facts I would like to start with the most important fact for the project manager: delivering values to the business. Scrum delivers value to the business through: Every iteration the product is ready to ship. Adapt to changing requirements: Short iterations mean that the Product Owner provides frequent feedback. As result there are frequent small course corrections as opposed to massive changes late in the project. Visibility of progress: delivering a working product at the end of every iteration means that the customer, executive sponsors and other interested parties can see the product take shape. They are not surprised six weeks before release. Accurate tracking of how much work is left before release: the combination of the product backlog and the teams velocity means that you tell how much the team will get done by the release date. Lightweight requirements: Since the team is in frequent (preferably daily contact) with the Product Owner, she spends less time writing detailed requirements. Instead she is able focus on making decisions and answering questions from developers. Process improvement mechanism to meet business needs: As business needs change SOX, FDA compliance, through the retrospective the Scrum process can be improved and adapted to meet goals and needs in changing environments. Apart from SCRUM, XP was also a considerable option for this project until I came across that XP is geared toward a single project, developed and maintained by a single team and it is particularly vulnerable to developers who are actually not very good at team working. Because in this project where I am going to be the project manager for MPAG, I would really appreciate the team spirit and gathering around for one motivation. And especially XP will not work in an environment where a customer or manager insists on a complete specification or design before they begin programming and it will not work in an environment where programmers are separated geographically as well which I think is one of the crucial reasons for this project where we definitely have to deal with different geographical locations of garages. And XP has not been proven to work with systems that have scalability issues (new applications must integrate into existing systems) which I think will be a drawback for the future development. So in conclusion, scrum provides a way for the business to maximize its ROI by using iterative development to rapidly create working software. It ensures that the team is always working to deliver the highest priority features which concludes any decision of using SCRUM for this project. Motivation Conclusion Concluding this justification report, so far I have gathered the requirements of MPAG, categorizing them to appropriate departments. Then I have finalized the methodology that I am going to apply for this project and how the development should be carried on. In this stage activities like last debugging, marketing and promotion havent taken place yet as this is the very initial stage I am reporting for. By finishing this activity the project will not be closed. But because of the unpredictability of the software development process its not possible to define exactly when this activity will take place and so the project may take shorter or longer than planned. But by using the controls given by Scrum, the project is now of course in the right route.

Effective Use of Imagery in William Blake’s The Lamb and Gabriel Garcia Marquez’s A Very Old Man Wi :: William Blake Lamb Essays

Effective Use of Imagery in William Blake’s The Lamb and Gabriel Garcia Marquez’s A Very Old Man With Enormous Wings "Sailboats as big as cruise ships/ Glide gracefully across the ocean's glassy surface." Have you ever read a piece of literature and found it to be immensely satisfying due to the enormous amount of descriptions used by either the poet or the author? As the opening line illustrates what is happening at the beach, the reader is able to really get to know what the author is trying to explain. These descriptions are referred to as imagery. Imagery is used to give a detailed portrayal of a person, place, or thing. In the short story, "A Very Old Man With Enormous Wings," by Gabriel Garcia Marquez, and in the poem, "The Lamb," by William Blake, both, author and poet, use imagery to depict to their audience their own perception of an angel. In the story, "A Very Old Man With Enormous Wings," Marquez first lets the reader know that, "the fallen body with mute stupor" (828), was an angel by writing that he, "couldn't get up, impeded by his enormous wings" (828). Much of today's societies first initial thought of a man with wings are to believe that this person is an angel. People have many different beliefs of what an angel is supposed to look like. Marquez, not wanting his readers to stray away from what his own personal view of an angel in this story, uses imagery to clarify his perception of the angel. Marquez notes that the angel has an, "incomprehensible dialect with a strong sailor's voice," "he was dressed like a ragpicker," "huge buzzard wings, dirty and half-plucked," "only a few faded hairs on his bald skull and very few teeth in his mouth," and most likely the most significant, "his pitiful condition of a drenched great-grandfather had taken away any sense of grandeur he might have had" (828). Without the latte r details of the "angel", the reader would have the opportunity to use whatever they tend to believe and angel is. Marquez sets up the description of the angel to enable the reader to understand why the townspeople may have treated the angel as they had, "as if he weren't a supernatural creature but a circus animal" (829). In the poem, "The Lamb," Blake uses imagery to explain the way the, "Little Lamb" (Line 1), looks like.

microwave oven :: essays research papers

It is late in the evening and you are â€Å"vegging out† in front of the TV. The program you are watching takes a commercial break. The commercial is advertising the most delicious-looking plate of Mexican food you have ever seen. You soon conclude that you have a craving for Mexican food. You realize that it is late and the only restaurant that serves Mexican food this late is Taco Bell (which is all the way across town). So what do you do? Well, I will tell you. You go to your fridge and grab a frozen burrito out of the freezer. Place the burrito on a paper plate and pop it in the microwave. â€Å"Cook for one and a half minutes on each side and let stand for a couple of minutes.† Vuala! Your hunger has been satisfied!   Ã‚  Ã‚  Ã‚  Ã‚  I have set up this scenario for you to show you how much the inventor of the microwave oven is unappreciated. This person is a genius. This invention is extremely convenient, portable, and easy to use.   Ã‚  Ã‚  Ã‚  Ã‚  First, I would like to mention how convenient this item is. Before the microwave, one would have to go through a series of strenuous step in or to cook a meal. First, you have to preheat the conventional oven (which takes approximately 15-20 minutes). Second, open the inferno door, making sure not to get too close or else you will burn your eyebrows and eyelashes off your face. Next, place the food item onto the racks of the abyss. After that, you have to wait 30-45 minutes until the food has cooked. (This whole time your house is becoming a sweltering netherworld.) You take the food out of the oven and sit down to eat (constantly wiping the sweat from your face). These vigorous steps were brilliantly eliminated due to the invention of the microwave oven. This machine causes no heat, no singed facial hair, and more importantly, takes about one-tenth the amount of time compared to the conventional oven.   Ã‚  Ã‚  Ã‚  Ã‚  Second, I would like to discuss this gadget’s portability. The college you have chosen to attend is several hours away from home. So, without Mom’s home-cooked meals you must rely on this appliance. It would be extremely difficult to stuff a conventional oven in your dorm room. Instead, the microwave oven sits compactly in the corner. You can take it anywhere. (Where there is electricity, that is.

Anti News Media Censorship Essay -- essays research papers fc

  Ã‚  Ã‚  Ã‚  Ã‚  Ã‚  Ã‚  Ã‚  Ã‚  Ã‚  Ã‚  Ã‚  Ã‚  Ã‚  Ã‚  Ã‚  Ã‚  Ã‚  Ã‚  Ã‚  Ã‚  Ã‚  Ã‚  Ã‚  Ã‚   â€Å"Anti News Media Censorship†Ã‚  Ã‚  Ã‚  Ã‚  Ã‚     Ã‚  Ã‚  Ã‚  Ã‚     Ã‚  Ã‚  Ã‚  Ã‚  The best method of informing the public is using television. As a result, the news is televised. Many believe that it is the job of the news media to report to the public what is happening in society. Some, on the other hand, claim that the news media are only interested in increasing their ratings and that they achieve this by reporting events that are of a violent and outrageous nature. Some people who believe this also believe that violence in the news has a direct effect on our society. To them this effect would be influencing people's behavior.   Ã‚  Ã‚  Ã‚  Ã‚  The news media's main goal is to inform the society about world events. Their task is to notify their viewers of new developments around the world. News broadcasts generally strive for accuracy in reports. These reports are presented in an unbiased manner otherwise they would mislead their viewers. It is because the masses do not wish to be mislead that the viewers expect these qualities. Censorship should not be imposed upon the news media because the news is merely circulating to society what is happening right now.   Ã‚  Ã‚  Ã‚  Ã‚  As a result, the news has done nothing but simply display...

Olympia Sanctuary Essay

The sanctuary of Olympia lies in the alluvial valley formed by the confluence of the rivers Kladeos and Adelpheos, bounded to the north by the wooded hill of Kronos. The sanctuary of Zeus is located in the northwest part of the Peloponnese. Olympia can be identified as a non-urban sanctuary, and consequently, as a Panhellenic sanctuary. The use of the term Panhellenic, in present purposes, indicates a major shrine in a Greek territory that is not dominated by a major polis or ethos. Zeus’ sanctuary was under the government of Elis, and, in the early period, Elis was considered a weak government. In the Greek world, all communities were religious, and, worshipping the gods, as well as taking part in religious festivals, were occasions for different groups to meet together. The location of the sanctuary of Olympia, makes it a good place for meeting and competitions between rival individuals and states. H.A Shapiro (2007) has stated that ‘a truly Panhellenic shrine was, in Pindar’s phrase a pandokos naos, an â€Å"all welcoming temple† (Pindar Pythian 8.61-2): it was open, in theory at least, to everyone.’ From this sentence we can deduct that, the Panhellenic shrine is the literal antithesis of a polis: it is Greek, civilised, but it stands in the place where the polis is not. Franà §ois de Polignac (1995) has argued that ‘the sanctuary, the place where two worlds meet, is accordingly seen as the stable point where a controlled passage from a world to the other is possible’ ; so, non-urban sanctuaries ‘manifest the integration of deities who from being potentially hostile, become beneficent for the communities that makes room for them within its religious life’. In ancient greek, the words used to define a sanctuary were: hieron (sacred), and temenos (from the verb temno which means ‘to cut off’ , in other words it suggested the idea of a place set aside). The greek words for defining a sanctuary underlined the idea of a sanctuary as a sacred area, a place away from the world of humans in which the gods were venerated. 3. Plan of the Sanctuary of Zeus, Olympia (http://shelton.berkeley.edu/175c/OlympiaPlan.JPG) * The early years and the votive objects During the eight century we assist to a gradual transformation of the sanctuary from a rural shrine, into a Panhellenic sanctuary. Catherine Morgan identifies this fundamental transformation in two main reasons. The first one was considering Olympia as a good location ‘for conspicuous consumption by aristocrats, via athletics and votive offerings’ . The second one, was that, shrines like this one, ’helped to resolve internal conflicts in the emergent states by means of their oracles’. However, the presence of votive deposits datable around 800 BC ca, suggests that Olympia was originally used as a meeting place for chiefs from Arcadia and Messenia, to make offers to the gods in order to have success in battle, to celebrate victories, and to give thanks for good fortune. During the eight and the seventh century, we can see a consistent increase in the number of votive objects. According to Franà §ois de Polignac (1995) the quantity and the quality of the offerings dating from the eight and the seventh century is an index of the popularity of religious acts in intra-urban sanctuaries. Among the most popular offers, we can identify: figures of animals and mythological beasts (such as: griffins, sphinxes, birds and bulls), figures of warriors (probably as a symbol of the victories of their donors), pieces of armours, and terra-cotta and metal figurines of horses and chariots. The use of metal and terra-cotta, indicates the presence of wealthy citizens, because the sanctuary lies in a landscape dominated by cliffs and rocks. On the other hand, offers of sheep and cattle, indicate activities of the lower classes. There is also the presence of bronze tripod cauldrons (Fig. 4), that were probably made in the home communities of their donors. Tripod cauldrons, indicate the religious activities of population that were living far away from the place of the sanctuary, and, most likely, these objects were an index of their wealth. Morgan (1990) has argued that ‘in the eight century costly dedications at Olympia served a domestic political purpose by reinforcing the position of the elite within the emerging state’. 4. Reconstruction of a large tripod in bronze, with horse handle attachments. Original fragments from the sanctuary of Zeus at Olympia, later eight century BC. Olympia, Archeological Museum. Photo: A. Loxà ¬as During the eighth century, surprisingly there is no presence of pottery. This suggests that, probably, in the early years, the sanctuary was more related to individual purposes, than communal values. However, in the seventh century communal activities became important, in fact, plates, jugs and cups were used, whilst dedications of tripod cauldrons diminished. The temple of Hera, or Heraion, (Fig.3 ) is located in the north of the Altis (the sacred precinct). The Heraion is the oldest peripteral temple in the sanctuary: it was built around 590 BC. The architecture of the temple falls in the category of the early Doric style. The temple is a rectangular chamber with a peripteros of six by sixteen columns. (Fig. 6) These columns were originally made of wood, but throughout the years, were replaced by columns made of stone. This temple is considered significant, because it marks the transition from the construction with mud brick and wood, to the use of the stone. To the east of this temple stood a row of eleven (possibly twelve) thesauroi, overlooking the Archaic stadium, and built mostly in the sixth century. (Fig.3) ‘A treasure house, or thesaurus’ is a ‘small temple like building, built by individual states to hold the offerings of their wealthy citizens’. However, a thesaurus, cannot be considered just as a strongbox to hold gifts for the gods. The thesauroi were a way for the elite to bring a little bit of the polis into the Panhellenic shrine throughout costly dedications, and, also a way to show their economical power, and, at the same time, a religious interest. H.A Shapiro stated that ‘these buildings transform upper-class extravagance into civic pride’. The oldest treasury at Olympia, not surprisingly, was built in 640 BC. by a tyrant: Myron of Sicyon, probably in order to commemorate a chariot-victory. This treasury contained two thalamoi mad of bronze, and in these chambers there were inscriptions that, according to Pausanias (6.19) ‘had been dedicated by Myron and the demos, or commons of Sicyon’. The bronze was probably brought from Tartessos in far-off Spain, and it probably represented a way for Myron, to boast the maritime power of his city. The lower classes and the tyrant were collaborating together in order to accomplish the dedicatory practices of the wealthy. The history of this thesaurus, furnishes evidences to display in our mind a picture of the workings of the archaic tyranny. * Olympic games The Olympic games are traditionally dated to 776 BC. , but we cannot identify it as a precise date. They were a festival held every four years at the same time of the year, to commemorate Zeus. The games were not just an athletic event, but, they were deeply related to religion, and open only to Greek males. The actual prize for Olympic games, was just a wreath to be worn around the head, dedicated to a favoured god. In case of victory, winners were allowed to erect statues representing a replica of themselves in the shrine. This tradition is datable around the 544 BC., but, most likely, it may go back much more earlier. The prestige obtained after and athletic victory was a great source of power for athletes, that , back in their hometown, were celebrated with poems, free meals, cash, choice seats at city functions. This was happening because, with their victory, they were bringing glory to their hometown. However, some lyric poets, such as Xenophanes (fr. 2.1-22), believed that the society was giving excessive rewards to athletes, whilst the wisdom of poets was not really considered. Xenophanes claimed that, even wise poets, should receive recognitions from the society as well as athletes. In the end, we cannot deny that Olympic games, were an occasion to gather athletes, as well as citizens from all over the Greek world. The cycle of games, represented ‘a means by which the ideology of Panhellenism was spread’. * Conclusions An answer in why we investigate Greek sanctuaries, may be found in the fact that they constituted the main ‘physical manifestation of the belief system of the ancient Greeks.’ Religion during the Archaic period , as evidenced by the literary sources, was a consistent element in the everyday life of Greeks. ‘The â€Å"establishment of a state-framework for pilgrimage† was a political and ideological process’, and, ‘dedications, inscriptions, buildings, stones, statues, anecdotes, and poems are the material traces of this process’. Analysing religion, helps us to understand also social and economical aspects of the greek culture. Therefore, studying sanctuaries is a good way to clarify our understanding of how greek religion was practiced. Bibliography * S. E. Alcock and R. G. Osborne (eds.), Classical Archaeology, (Chichester, 2012) * John Pedley, Sanctuaries and the Sacred in the Ancient Greek World (Cambridge, 2005) * H.A. Shapiro (ed.), The Cambridge companion to Archaic Greece, (Cambridge University Press, 2007) * Franà §ois de Polignac, Cults, territory, and the origins of the Greek cirty-state, (University of Chicago Press,1995) * M. L. West (tr.), Greek Lyric Poetry (Oxford, 1999) ——————————————– [ 1 ]. H.A Shapiro, The Cambridge companion to Archaic Greece Cambridge University Press, 2007, (p. 226) [ 2 ]. Franà §ois de Polignac, Cults, territory, and the origins of the Greek city-stat, University of Chicago press,1995 (p.36) [ 3 ]. H.A Shapiro, The Cambridge companion to Archaic Greece, Cambridge University Press, 2007 (p. 226) The author quotes Catherine Morgan. [ 4 ]. H.A Shapiro, The Cambridge companion to Archaic Greece, Cambridge University Press, 2007 (p. 228) Morgan 1990, 102 [ 5 ]. A Peripteros is a temple surrounded by a portico with columns. [ 6 ]. H.A Shapiro, The Cambridge companion to Archaic Greece, Cambridge University Press, 2007 (p.240) [ 7 ]. H.A Shapiro, The Cambridge companion to Archaic Greece, Cambridge University Press 2007 (p.241) [ 8 ]. H.A Shapiro, The Cambridge companion to Archaic Greece, Cambridge University Press 2007 (p.244) [ 9 ]. M. L. West (tr.), Greek Lyric Poetry, Oxford, 1999 (p.p.157-158) [ 10 ]. John Pedley, Sanctuaries and the sacred in the Ancient Greek world, Cambridge University Press, 2005 (p.134) [ 11 ]. John Pedley, Sanctuaries and the sacred in the Ancient Greek world, Cambridge University Press, 2005 (p.1) [ 12 ]. H.A Shapiro, The Cambridge companion to Archaic Greece, Cambridge University Press 2007 (p.251)

Religious Freedom in the Philippines Essay

I. Introduction Based on Dr. Jose Rizal’s symbolisms on the cover page of Noli Me Tangere, religion is a big influence with the perspective of the people. However, in the future, there will still be the influence of religion, but people are then educated. People stop continuing the old practices because they start to question the logic in doing these practices. This is only proof that even though the Filipino mind is deeply influenced by Christianity, being open to improving and revealing of oneself is not that far away. We can never change history or force someone to change their beliefs, but let the youth be the ones to discover it themselves. The Filipino youth must be allowed to choose their religion. If not, they end up being confused, losing the essence of religion during marriage, and continuously discriminated due to offensive stereotyping. Inclining their personality with the appropriate beliefs will result to a better perspective for living and to discovering their self-identity. In fant Baptism states that it wipes away original sin; this is a sacrament being practiced almost fully in the Philippines. Their parents are already binding them to be devoted to a belief that may or may not be suitable for their child. This is the simplest act of violation to the freedom of religion. What will happen to those children who refuse to believe in the practices that their parents taught them? These children end up being outcast to their society, causing depression that sometimes leads to suicide. Majority of the Filipino population are Christian Catholics. At present, the essence of Christianity has been continuously forgotten by these Catholics themselves. For Christians, the Ten Commandments take on a whole new perspective. But it seems that the Ten Commandments are not followed, showing signs of unfaithfulness or betrayal to their owl religion. Then what is the logical explanation for being baptised as Christians if they are not devoted or loyal to Christianity? Based on their actions, they are clearly violating the Ten Commandments. The First Commandment states that â€Å"I am the Lord your God. You shall not have other gods beside me† (Ex 20:2-3; Dt 5:6-7), but to be loyal to their God is to follow His commandments. Unfortunately, there are violating the f irst commandment without them knowing it. At the same time, the Filipino population has a young population, meaning majority of the community are minors. And in lieu with the majority of Christians in the Philippines, majority of these minors are Christians. Since Filipino Christians are mostly unfamiliar to their religion, they do not practice their religion fully despite that they are born Christians. They are growing to be more confused about their religion, and end up losing the essence of it as they grow older. Marriage is a part of adulthood, and marriage is a holy sacrament practiced by Christians to bond their relationship with the opposite sex, declaring them husband and wife, in the name of God. But do the Christians being wedded nowadays even recognise the essence of being married? Most of them get married to have the right to experience sexual intercourse legally, property rights of the mate, and in the name of love. Not knowing they are already forgetting the essence of getting married in the name of God. The Constitution provides for freedom of religion, and the Government generally respected this right in practice. Although Christianity was the predominant religion, there is no state religion, and under the Constitution church and State are separate. Muslims were the largest minority religious group in the country. There was widespread debate over the exact size of the Muslim population, as some officials and observers claimed that security concerns in western Mindanao prevented census takers from conducting accurate counts outside urban areas. Estimates ranged from 3.9 million to 7 million, or 5 to 9 % of the population. Muslims resided principally in Mindanao and nearby islands, but there were Muslim communities throughout the country. Historically, Muslims have been discriminated from the Christian majority. The national culture, with its emphasis on familial, tribal, and regional loyalties, forms informal barriers whereby access to jobs or resources is provided first to those of one’s own family or group network. Muslims reported difficulty renting rooms in boarding houses or being hired for work if they used their real name or wore distinctive Muslim dress. As a result, some Muslims used a Christian pseudonym and did not wear distinctive dress when applying for housing or jobs. The Government’s crackdown on the terrorist ASG has led some human rights NGOs to accuse the police and military of unfairly targeting Muslims for arrest and detention. However, most observers believed that discrimination against Muslims was grounded on cultural differences, not religious beliefs or practices. There also were reports of Muslim discrimination against Christians in areas where Muslims were the majority. In conclusion, freedom of religion must be strictly implemented in the Philippines. And the first step to continue practicing the freedom of religion is to let the youth have the freedom to choose their religion. As a result, Filipinos possibly will be more productive and will have a better point of view in life. This may be a solution to the major crisis of the Philippines with the economy. Workers, namely Filipinos, play a big part in the economy. So having better and devoted workers will help produce a greater economy for Philippines, and resulting to rise of the Filipinos from poverty. II. Significance of the Study Religion is a system of belief that a group of people practice. It involves devotion and ritual observances. And often contains a moral code governing the conduct of human affairs. Religion is something that virtually all humans have in common. In all corners of the world and in all eras of history, people have wondered about the meaning of life, how to make the best of it, what happens afterwards, and if there is anyone or anything â€Å"out there.† Nowadays, religious devotion is being practiced by Filipinos. Sudden devotion to the Black Nazarene is being observed. But still, there are devotees to other religious groups who stay loyal. The freedom of religion is going to benefit majority of Filipinos because of the importance of religion to the Filipinos. The freedom of religion is giving Filipinos the right to practice their religion and still belong to the community without being discriminated; this will unite the Filipino community. Freedom of religion can improve quality of education and man power. Children who are free to choose their belief will have a better perspective in life, and this will help increase man power. Man power is a basic element to greater economy which will be beneficial to the community. It is better to have a better set of generations to educate and nurture for the betterment of our country. Those who will be working or earning money can have a better life. Fewer crimes will be committed due to devotion to what you really want to believe. Democracy will be more effective, because even though there is a law including freedom of religion, namely Article III, section 5, stating free exercise of religious worship shall be allowed, we are not fully practicing freedom. III. Body A. Religion a. Religions in the World 1. Major Religions Religion is a belief where in people sometimes uses it as a way of life or a perspective. There are many, long established, major world religions, each with over three million followers. These religions that are considered as major religions include Christianity, Buddhism, Confucianism, Islam, Hinduism, Taoism, Baha’i Faith, Jainism, Judaism, Shinto’s, Sikhism, and Paganism; All from different countries of the world. If we had been born in a specific place, we are most likely to adapt the most common religion in the place. Given that you were born in Saudi Arabia, you would almost certainly hold Muslim beliefs. In much of Europe, there is Christianity. And in the Philippines, you are most likely to be Catholic; except if you were born in ARMM, you are to be a Muslim. 2. Neopagans This religion is a modern-day reconstruction of ancient Pagan religions from various countries and eras. Majority of the followers of the Neopagans refer to themselves as Pagans. But the term Neopagans is used because the followers and the religion itself is less ambiguous compare to the Pagans. Neopagans include Asatru or Norse Paganism, Druidism, Wicca, and Witchcraft. But some followers of Asatru regard themselves as Heathens rather than Neopagans. 3. Atheist An Atheist is seldom referred to as agnostic or infidel. Atheists are people who do not believe in the existence of a supreme being. They deny to be committed to the belief of creation of the universe by a particular deity. They spread free thoughts, sceptical inquiry, and subsequent increase in criticism of religion. One of the most famous groups of Atheists is the Scientology. b. History of Religions in the Philippines 1. Early Period In this period of time, the Philippines were invaded by the Spaniards. The Spaniards were the ones who introduced Catholicism to the Filipinos. Specifically, Ferdinand Magellan was the one who introduced it to Lapu-lapu. The Spaniards were off on a search for Marianas Island, it is said to be rich in different spices. They got off the chart and accidentally went to the Philippines. Their goal was the three G’s; God, gold, and glory; God, to introduce Catholicism, gold, to be able to get a lot of resources, and glory, to invade the islands. They were successful with this because until now, most of the Filipinos practice the religion they introduced to us, Catholicism. 2. Revolutionary Era In 1898, Spain ceded the Philippines to the United States. By February 1902, the United States defeated the forces of Spain. They established an independent state for the country. The Philippine Organic Act of 1902 was declared stating that no law shall be made to prohibit free will, and that free exercise must forever be allowed. 3. Late American Period The Americans established a religious freedom by declaring the separation of church and state based on the First Amendment to the United States Constitution. Filipinos still show signs of anti-friars; therefore, the Americans replaced the Spanish friars for Filipino one’s to take over. The Marcos regime continues to rein the country and imposed Martial Law, which some of the bishops opposed, trying to win back the hearts and loyalty of the country. 4. Post-Independence Corazon Aquino took over Marcos’ presidency and brought back the unity of the government with the Catholic Church. This made way for church officials to make an impression on the 1986 Constitutional Commission. B. Freedom of Religion in the Philippines a. Constitutional Laws 1. Benevolent Neutrality The Supreme Court of the Philippines, established the doctrine of benevolent neutrality-accommodation. The 2006 ruling, imposed by former Chief Justice Puno, explained benevolent-neutrality in the context of U.S. jurisprudence. It states that religious practices is a unanimous right and does not privilege the society to discriminate anyone who accommodates their religion under some circumstances. 2. Article II, Section 3 The separation of Church and State shall be inviolable. With the guarantee of religious freedom in the Philippines, the Roman Catholic Church clergy subsequently remained in the political background as a source of moral influence for many voters during elections until today. Political candidates generally court the clergy for support, although this does not guarantee victory for a candidate. The Philippines was placed under martial law by Dictator Ferdinand Marcos and relations changed dramatically, as some bishops opposed the martial law. 3. Article III, Section 5 No law shall be made respecting an establishment of religion, or prohibiting the free exercise thereof. The free exercise and enjoyment of religious profession and worship, without discrimination or preference, shall forever be allowed. No religious test shall be required for the exercise of civil or political rights The former Philippine Organic Act of 1902. This law is now imposed in the 1987 Philippine Constitution. But the right to act in accordance with one’s belief cannot be absolute. Conduct remains subject to regulation and even prohibition for the protection of society. It may not be used to justify an action or refusal inconsistent with general welfare of society (People vs. Diel, [CA] 44 O.G. 590, August 22, 1947). One of the regulations imposed in its exercise is the compliance of government employees to Section 5 of the Omnibus Rules relative to the number of working hours. While government employees of Muslim faith are excused from work between the hours of 10 o’clock in the morning up to 2 o’clock in the afternoon every Friday, they are obligated to compensate said lost working hours by adopting flexible time schedule to complete forty hours of work in a week. 4. Republic Act No. 3350 This was intended to serve the purpose of advancing the constitutional right to the free exercise of religion, by averting that some people be dismissed from work, or be dispossessed of their right to work and of being impeded to pursue a modest means of livelihood, by reason of union security agreements. b. Religious Conflicts 1. Religious Freedom in the Government Offices Act Kabataan Rep. Raymond Palatino has withdrawn House Bill 6330 otherwise known as the Religious Freedom in Government Offices Act, which seeks to ban religious images and ceremonies in government offices. The fact that one legislator actually had the guts to file a bill like this in a country where the Roman Catholic Church holds considerable influence in politics is already an achievement in itself. As Palatino said in a statement,†We are encouraged by the fact that despite the misunderstandings, the bill initiated relevant discussions on freedom of religion as one of the fundamental rights enshrined in the Constitution.† 2. Muslim Discrimination Muslims were the largest minority religious group in the country. Muslims resided principally in Mindanao and nearby islands, but there were Muslim communities throughout the country. Historically, Muslims have been alienated from the predominant Christian majority. The national culture, with its emphasis on familial, tribal, and regional loyalties, creates informal barriers whereby access to jobs or resources is provided first to those of one’s own family or group network. Muslims reported difficulty renting rooms in boarding houses or being hired for retail work if they used their real name or wore distinctive Muslim dress. As a result, some Muslims used a Christian pseudonym and did not wear distinctive dress when applying for housing or jobs 3. Separation of Church and State The First Amendment is about the right to free exercise of religion. It’s interaction with non-discrimination law based on sexual orientation and gender identity. The right of a non-church-related employer to discriminate against gay employees based on religious belief is against a law prohibiting job discrimination. The enactment of employment protections based on sexual orientation and gender identity, opponents of such laws have often raised concerns about the infringement of the religious freedom of business owners. C. Current Religious State Is religious freedom being practiced fully in the Philippines? Based on other researches, even though there are many laws regarding the separation of church and state, the Catholic Church still has a lot of influence in the system of the government. And in the minds of the Filipino community, they are not practicing this given democracy and the simple act of baptism to a child is a form of violation. Baptism is a form of surrendering yourself to a Supreme Being and you are already making a sin to that Supreme Being whenever he has doubts or decide to choose their own religion. This is giving pressure to the youth and sometimes lead to social discrimination and suicide. IV. Conclusion The Filipino youth is the foundation of the future of the Philippine community. That’s why we must nurture the youth and continue to educate them and guide them towards a life with more purpose. In our country, religion is one of the major factors that affect the society’s perspective. That is why as early as now; the youth must be guided properly and taught according to their choice of religion. Religion is a way of life, a system of belief wherein they give knowledge of people’s lives importance. And it will be an advantage for everyone in the way they behave. This will lead to a better community, the one that can provide a safe environment for Filipinos and foreigners. And freedom of religion can help produce educated people, and this results to greater man power and greater economy. V. Bibliography Agoncillo, Teodoro; Guerrero, Milagros (1970). History of the Filipino People. Malaya Books. Bacani, Teodoro (1987). The Church and Politics. Diliman, Quezon City, Philippines: Clarentian Publications. Schumacher, John (1976). Church and State in the Nineteenth and Twentieth Centuries. Loyola School of Theology, Quezon City. de la Costa, Horacio; John Schumacher (1976). Church and State: The Philippine Experience. Quezon City, Philippines: Loyola School of Theology.

Thinking Outside The Box Essay

We live in the age of new technologies, in an age of rapid progress and every successful employer seeks to meet all the requirements of the present time namely control and improve the quality of services, to reduce execution time and be the best in the business, despite not less intelligent competitors. 1. What external factors were affecting UPS’s HR practices? How did UPS respond to these trends? Workers of the UPS has a responsible attitude towards the quality of their services. They daily take care about these services, and also prepare highly qualified specialists. One of the problems that they are facing is that a large number of people (baby-boomers) are close to retirement age. UPS has taken steps to be sure that they will have driver which will be ready for meeting the demand. The company staff is hiring and training some 25.000 drivers over the next five year to replace retiring Baby Boomers. Based upon the premise that younger drivers learn best by technology and hands on training, UPS has created several simulations and a videogames designed to aid in driver training. 2. Why is efficiency and safety so important to UPS? What role do the company’s industrial engineers play in how employees do their work? The answer lies in the amount of people and companies with which UPS operates. UPS sends more than 15m parcels in more than 200 countries every day. Because of competition (i.e. the U.S. Postal Service, DHL, and Federal Express), for UPS, it’s all about speed, accuracy, and safety. UPS must keep cost low and customer satisfaction high. To increase the productivity of drivers, UPS has used their industrial engineers to design more efficient routes, loading & unloading procedures, and employee policies to help get the most from their employees in the field. 3. What changes did the company make to its driver training program? In addition to learning the company’s ‘340 Methods,’ applicants play a videogame where they’re in the driver’s seat and must identify obstacles. From computer simulations, they move to â€Å"Clarksville,† a mock  village with miniature houses and faux businesses. There, they drive a real truck and â€Å"must successfully execute five deliveries in 19 minutes.† And, in the interest of safety and efficiency, trainees learn to carefully walk on ice with the slip and fall simulator. 4. What advantages and drawbacks do you see to this training approach for (a) the trainee and (b) the company? It appears that the use of simulations and the other new programs implemented by UPS would have good transfer to work the drivers would be doing in the field. This is an advantage for the trainee and the company. A potential disadvantage would be if the applicant was not familiar with new technology, such as computer games, or other forms of electronic learning. These applicants may be successful in the job, but may not show proficiency in training due to the technological nature of the training. For the company, such programs are expensive but that can be balanced by the benefit of having a better trained workforce.

Net Sec

1. Name at least five applications and tools pre-loaded on the TargetWindows01 server desktop, and identify whether that application starts as a service on the system or must be run manually. WINDOWS APPLICATION LOADEDSTARTS AS SERVICE Y/N 1. tftpd32 Starts as a service 2. FileZilla Server Interface- The interface does not start as a service and must be ran manually 3. Wireshark – Does not start as a service and must be ran manually 4. Nessus Server Manager – Does not start as a service and must be ran manually 5. NetWitness Investigator – Does not start as a service and must be ran manually 2.What was the allocated source IP host address for the TargetWindows01 server, TargetUbuntu01 server, and the IP default gateway router? TagetWindows01 Server- Source IP = 172. 30. 0. 8 TargetUbuntu01 Server – Source IP = 172. 30. 0. 4 TargetUbuntu02 Server – Source IP = 172. 30. 0. 9 The Default Gateway IP is = 172. 30. 0. 1 3. Did the targeted IP hosts respon d to the ICMP echo-request packet with an ICMP echo-reply packet when you initiated the â€Å"ping† command at your DOS prompt? If yes, how many ICMP echo-request packets were sent back to the IP source? Yes, the targeted IP host responded back with 4 echo-replies. 4.If you ping the TargetWindows01 server and the UbuntuTarget01 server, which fields in the ICMP echo-request/echo-replies vary? The fields that vary is the Time To Live (TTL) fields. For the TargetUbuntu01 it's 64 and the TargetWindows01 is 128. 5. What is the command line syntax for running an â€Å"Intense Scan† with Zenmap on a target subnet of 172. 30. 0. 0/24? The syntax for an Intense Scan in Zenmap is as followed: nmap -T4 -A -v -PE -PS22,25,80 -PA21,23,80,3389 172. 30. 0. 0/24 6. Name at least five different scans that may be performed from the Zenmap GUI. Document under what circumstances you would choose to run those particular scans.Intense Scan-Provides a very detailed information about ports an d protocols, Operating Systems, and Mac Addresses Internse Scan, all TCP ports – Provide intense scan on all tcp ports 1-65535. Ping Scan-Provide basic information about availability and MAC addresses Quick Scan- Provides a fast scan limiting the number of TCP ports scanned only the top 100 most common TCP ports Regular Scan-This is the default scan by issuing TCP SYN scans for the most common 1000 TCP ports using pings for host detection. 7. How many different tests (i. e. , scripts) did your â€Å"Intense Scan† definition perform?List them all after reviewing the scan report. The Intense Scan initiated 36 Scripts. The scripts can be found at http://nmap. org/nsedoc/ 8. Describe what each of these tests or scripts performs within the Zenmap GUI (Nmap) scan report. Below are each of the 36 scripts and a description of each, derived from http://nmap. org/nsedoc/. acarsd-info Retrieves information from a listening acarsd daemon. Acarsd decodes ACARS (Aircraft Communicati on Addressing and Reporting System) data in real time. The information retrieved by this script includes the daemon version, API version, administrator e-mail address and listening frequency. ddress-info Shows extra information about IPv6 addresses, such as embedded MAC or IPv4 addresses when available. afp-brute Performs password guessing against Apple Filing Protocol (AFP). afp-ls Attempts to get useful information about files from AFP volumes. The output is intended to resemble the output of ls. afp-path-vuln Detects the Mac OS X AFP directory traversal vulnerability, CVE-2010-0533. afp-serverinfo Shows AFP server information. This information includes the server's hostname, IPv4 and IPv6 addresses, and hardware type (for example Macmini or MacBookPro). fp-showmount Shows AFP shares and ACLs. ajp-auth Retrieves the authentication scheme and realm of an AJP service (Apache JServ Protocol) that requires authentication. ajp-brute Performs brute force passwords auditing against the A pache JServ protocol. The Apache JServ Protocol is commonly used by web servers to communicate with back-end Java application server containers. ajp-headers Performs a HEAD or GET request against either the root directory or any optional directory of an Apache JServ Protocol server and returns the server response headers. ajp-methodsDiscovers which options are supported by the AJP (Apache JServ Protocol) server by sending an OPTIONS request and lists potentially risky methods. ajp-request Requests a URI over the Apache JServ Protocol and displays the result (or stores it in a file). Different AJP methods such as; GET, HEAD, TRACE, PUT or DELETE may be used. amqp-info Gathers information (a list of all server properties) from an AMQP (advanced message queuing protocol) server. asn-query Maps IP addresses to autonomous system (AS) numbers. auth-owners Attempts to find the owner of an open TCP port by querying an auth daemon which must also be open on the target system.The auth service , also known as identd, normally runs on port 113. auth-spoof Checks for an identd (auth) server which is spoofing its replies. backorifice-brute Performs brute force password auditing against the BackOrifice service. The backorifice-brute. ports script argument is mandatory (it specifies ports to run the script against). backorifice-info Connects to a BackOrifice service and gathers information about the host and the BackOrifice service itself. banner A simple banner grabber which connects to an open TCP port and prints out anything sent by the listening service within five seconds. bitcoin-getaddrQueries a Bitcoin server for a list of known Bitcoin nodes bitcoin-info Extracts version and node information from a Bitcoin server bitcoinrpc-info Obtains information from a Bitcoin server by calling getinfo on its JSON-RPC interface. bittorrent-discovery Discovers bittorrent peers sharing a file based on a user-supplied torrent file or magnet link. Peers implement the Bittorrent protoco l and share the torrent, whereas the nodes (only shown if the include-nodes NSE argument is given) implement the DHT protocol and are used to track the peers. The sets of peers and nodes are not the same, but they usually intersect. bjnp-discoverRetrieves printer or scanner information from a remote device supporting the BJNP protocol. The protocol is known to be supported by network based Canon devices. broadcast-ataoe-discover Discovers servers supporting the ATA over Ethernet protocol. ATA over Ethernet is an ethernet protocol developed by the Brantley Coile Company and allows for simple, high-performance access to SATA drives over Ethernet. broadcast-avahi-dos Attempts to discover hosts in the local network using the DNS Service Discovery protocol and sends a NULL UDP packet to each host to test if it is vulnerable to the Avahi NULL UDP packet denial of service (CVE-2011-1002). roadcast-bjnp-discover Attempts to discover Canon devices (Printers/Scanners) supporting the BJNP prot ocol by sending BJNP Discover requests to the network broadcast address for both ports associated with the protocol. broadcast-db2-discover Attempts to discover DB2 servers on the network by sending a broadcast request to port 523/udp. broadcast-dhcp-discover Sends a DHCP request to the broadcast address (255. 255. 255. 255) and reports the results. The script uses a static MAC address (DE:AD:CO:DE:CA:FE) while doing so in order to prevent scope exhaustion. broadcast-dhcp6-discoverSends a DHCPv6 request (Solicit) to the DHCPv6 multicast address, parses the response, then extracts and prints the address along with any options returned by the server. broadcast-dns-service-discovery Attempts to discover hosts' services using the DNS Service Discovery protocol. It sends a multicast DNS-SD query and collects all the responses. broadcast-dropbox-listener Listens for the LAN sync information broadcasts that the Dropbox. com client broadcasts every 20 seconds, then prints all the discovered client IP addresses, port numbers, version numbers, display names, and more. broadcast-eigrp-discoveryPerforms network discovery and routing information gathering through Cisco's Enhanced Interior Gateway Routing Protocol (EIGRP). broadcast-igmp-discovery Discovers targets that have IGMP Multicast memberships and grabs interesting information. broadcast-listener Sniffs the network for incoming broadcast communication and attempts to decode the received packets. It supports protocols like CDP, HSRP, Spotify, DropBox, DHCP, ARP and a few more. See packetdecoders. lua for more information. broadcast-ms-sql-discover Discovers Microsoft SQL servers in the same broadcast domain. broadcast-netbios-master-browserAttempts to discover master browsers and the domains they manage. broadcast-networker-discover Discovers EMC Networker backup software servers on a LAN by sending a network broadcast query. broadcast-novell-locate Attempts to use the Service Location Protocol to discover Novell Net Ware Core Protocol (NCP) servers. broadcast-pc-anywhere Sends a special broadcast probe to discover PC-Anywhere hosts running on a LAN. broadcast-pc-duo Discovers PC-DUO remote control hosts and gateways running on a LAN by sending a special broadcast UDP probe. broadcast-pim-discovery Discovers routers that are running PIM (Protocol Independent Multicast). roadcast-ping Sends broadcast pings on a selected interface using raw ethernet packets and outputs the responding hosts' IP and MAC addresses or (if requested) adds them as targets. Root privileges on UNIX are required to run this script since it uses raw sockets. Most operating systems don't respond to broadcast-ping probes, but they can be configured to do so. broadcast-pppoe-discover Discovers PPPoE (Point-to-Point Protocol over Ethernet) servers using the PPPoE Discovery protocol (PPPoED). PPPoE is an ethernet based protocol so the script has to know what ethernet interface to use for discovery.If no interface is specified, r equests are sent out on all available interfaces. broadcast-rip-discover Discovers hosts and routing information from devices running RIPv2 on the LAN. It does so by sending a RIPv2 Request command and collects the responses from all devices responding to the request. broadcast-ripng-discover Discovers hosts and routing information from devices running RIPng on the LAN by sending a broadcast RIPng Request command and collecting any responses. broadcast-sybase-asa-discover Discovers Sybase Anywhere servers on the LAN by sending broadcast discovery messages. broadcast-tellstick-discoverDiscovers Telldus Technologies TellStickNet devices on the LAN. The Telldus TellStick is used to wirelessly control electric devices such as lights, dimmers and electric outlets. For more information: http://www. telldus. com/ broadcast-upnp-info Attempts to extract system information from the UPnP service by sending a multicast query, then collecting, parsing, and displaying all responses. broadcast-ve rsant-locate Discovers Versant object databases using the broadcast srvloc protocol. broadcast-wake-on-lan Wakes a remote system up from sleep by sending a Wake-On-Lan packet. broadcast-wpad-discoverRetrieves a list of proxy servers on a LAN using the Web Proxy Autodiscovery Protocol (WPAD). It implements both the DHCP and DNS methods of doing so and starts by querying DHCP to get the address. DHCP discovery requires nmap to be running in privileged mode and will be skipped when this is not the case. DNS discovery relies on the script being able to resolve the local domain either through a script argument or by attempting to reverse resolve the local IP. broadcast-wsdd-discover Uses a multicast query to discover devices supporting the Web Services Dynamic Discovery (WS-Discovery) protocol.It also attempts to locate any published Windows Communication Framework (WCF) web services (. NET 4. 0 or later). broadcast-xdmcp-discover Discovers servers running the X Display Manager Control P rotocol (XDMCP) by sending a XDMCP broadcast request to the LAN. Display managers allowing access are marked using the keyword Willing in the result. cassandra-brute Performs brute force password auditing against the Cassandra database. cassandra-info Attempts to get basic info and server status from a Cassandra database. cccam-version Detects the CCcam service (software for sharing subscription TV among multiple receivers). itrix-brute-xml Attempts to guess valid credentials for the Citrix PN Web Agent XML Service. The XML service authenticates against the local Windows server or the Active Directory. citrix-enum-apps Extracts a list of published applications from the ICA Browser service. citrix-enum-apps-xml Extracts a list of applications, ACLs, and settings from the Citrix XML service. citrix-enum-servers Extracts a list of Citrix servers from the ICA Browser service. citrix-enum-servers-xml Extracts the name of the server farm and member servers from Citrix XML service. couchdb -databases Gets database tables from a CouchDB database. ouchdb-stats Gets database statistics from a CouchDB database. creds-summary Lists all discovered credentials (e. g. from brute force and default password checking scripts) at end of scan. cups-info Lists printers managed by the CUPS printing service. cups-queue-info Lists currently queued print jobs of the remote CUPS service grouped by printer. cvs-brute Performs brute force password auditing against CVS pserver authentication. cvs-brute-repository Attempts to guess the name of the CVS repositories hosted on the remote server. With knowledge of the correct repository name, usernames and passwords can be guessed. aap-get-library Retrieves a list of music from a DAAP server. The list includes artist names and album and song titles. daytime Retrieves the day and time from the Daytime service. db2-das-info Connects to the IBM DB2 Administration Server (DAS) on TCP or UDP port 523 and exports the server profile. No authentication is required for this request. db2-discover Attempts to discover DB2 servers on the network by querying open ibm-db2 UDP ports (normally port 523). dhcp-discover Sends a DHCPINFORM request to a host on UDP port 67 to obtain all the local configuration parameters without allocating a new address. ict-info Connects to a dictionary server using the DICT protocol, runs the SHOW SERVER command, and displays the result. The DICT protocol is defined in RFC 2229 and is a protocol which allows a client to query a dictionary server for definitions from a set of natural language dictionary databases. distcc-cve2004-2687 Detects and exploits a remote code execution vulnerability in the distributed compiler daemon distcc. The vulnerability was disclosed in 2002, but is still present in modern implementation due to poor configuration of the service. dns-blacklistChecks target IP addresses against multiple DNS anti-spam and open proxy blacklists and returns a list of services for which an IP has b een flagged. Checks may be limited by service category (eg: SPAM, PROXY) or to a specific service name. dns-brute Attempts to enumerate DNS hostnames by brute force guessing of common subdomains. dns-cache-snoop Performs DNS cache snooping against a DNS server. dns-check-zone Checks DNS zone configuration against best practices, including RFC 1912. The configuration checks are divided into categories which each have a number of different tests. dns-client-subnet-scanPerforms a domain lookup using the edns-client-subnet option which allows clients to specify the subnet that queries supposedly originate from. The script uses this option to supply a number of geographically distributed locations in an attempt to enumerate as many different address records as possible. The script also supports requests using a given subnet. dns-fuzz Launches a DNS fuzzing attack against DNS servers. dns-ip6-arpa-scan Performs a quick reverse DNS lookup of an IPv6 network using a technique which analyzes DNS server response codes to dramatically reduce the number of queries needed to enumerate large networks. ns-nsec-enum Enumerates DNS names using the DNSSEC NSEC-walking technique. dns-nsec3-enum Tries to enumerate domain names from the DNS server that supports DNSSEC NSEC3 records. dns-nsid Retrieves information from a DNS nameserver by requesting its nameserver ID (nsid) and asking for its id. server and version. bind values. This script performs the same queries as the following two dig commands: – dig CH TXT bind. version @target – dig +nsid CH TXT id. server @target dns-random-srcport Checks a DNS server for the predictable-port recursion vulnerability.Predictable source ports can make a DNS server vulnerable to cache poisoning attacks (see CVE-2008-1447). dns-random-txid Checks a DNS server for the predictable-TXID DNS recursion vulnerability. Predictable TXID values can make a DNS server vulnerable to cache poisoning attacks (see CVE-2008-1447). dns-recursion Checks if a DNS server allows queries for third-party names. It is expected that recursion will be enabled on your own internal nameservers. dns-service-discovery Attempts to discover target hosts' services using the DNS Service Discovery protocol. dns-srv-enum Enumerates various common service (SRV) records for a given domain name.The service records contain the hostname, port and priority of servers for a given service. The following services are enumerated by the script: – Active Directory Global Catalog – Exchange Autodiscovery – Kerberos KDC Service – Kerberos Passwd Change Service – LDAP Servers – SIP Servers – XMPP S2S – XMPP C2S dns-update Attempts to perform a dynamic DNS update without authentication. dns-zeustracker Checks if the target IP range is part of a Zeus botnet by querying ZTDNS @ abuse. ch. Please review the following information before you start to scan: https://zeustracker. abuse. ch/ztdns. php dns-zone-t ransferRequests a zone transfer (AXFR) from a DNS server. domcon-brute Performs brute force password auditing against the Lotus Domino Console. domcon-cmd Runs a console command on the Lotus Domino Console using the given authentication credentials (see also: domcon-brute) domino-enum-users Attempts to discover valid IBM Lotus Domino users and download their ID files by exploiting the CVE-2006-5835 vulnerability. dpap-brute Performs brute force password auditing against an iPhoto Library. drda-brute Performs password guessing against databases supporting the IBM DB2 protocol such as Informix, DB2 and Derby drda-infoAttempts to extract information from database servers supporting the DRDA protocol. The script sends a DRDA EXCSAT (exchange server attributes) command packet and parses the response. duplicates Attempts to discover multihomed systems by analysing and comparing information collected by other scripts. The information analyzed currently includes, SSL certificates, SSH host keys, MAC addresses, and Netbios server names. eap-info Enumerates the authentication methods offered by an EAP (Extensible Authentication Protocol) authenticator for a given identity or for the anonymous identity if no argument is passed. pmd-info Connects to Erlang Port Mapper Daemon (epmd) and retrieves a list of nodes with their respective port numbers. eppc-enum-processes Attempts to enumerate process info over the Apple Remote Event protocol. When accessing an application over the Apple Remote Event protocol the service responds with the uid and pid of the application, if it is running, prior to requesting authentication. finger Attempts to retrieve a list of usernames using the finger service. firewalk Tries to discover firewall rules using an IP TTL expiration technique known as firewalking. firewall-bypassDetects a vulnerability in netfilter and other firewalls that use helpers to dynamically open ports for protocols such as ftp and sip. flume-master-info Retrieves informat ion from Flume master HTTP pages. ftp-anon Checks if an FTP server allows anonymous logins. ftp-bounce Checks to see if an FTP server allows port scanning using the FTP bounce method. ftp-brute Performs brute force password auditing against FTP servers. ftp-libopie Checks if an FTPd is prone to CVE-2010-1938 (OPIE off-by-one stack overflow), a vulnerability discovered by Maksymilian Arciemowicz and Adam â€Å"pi3† Zabrocki. See the advisory at http://nmap. rg/r/fbsd-sa-opie. Be advised that, if launched against a vulnerable host, this script will crash the FTPd. ftp-proftpd-backdoor Tests for the presence of the ProFTPD 1. 3. 3c backdoor reported as OSVDB-ID 69562. This script attempts to exploit the backdoor using the innocuous id command by default, but that can be changed with the ftp-proftpd-backdoor. cmd script argument. ftp-vsftpd-backdoor Tests for the presence of the vsFTPd 2. 3. 4 backdoor reported on 2011-07-04 (CVE-2011-2523). This script attempts to exploit the ba ckdoor using the innocuous id command by default, but that can be changed with the exploit. md or ftp-vsftpd-backdoor. cmd script arguments. ftp-vuln-cve2010-4221 Checks for a stack-based buffer overflow in the ProFTPD server, version between 1. 3. 2rc3 and 1. 3. 3b. By sending a large number of TELNET_IAC escape sequence, the proftpd process miscalculates the buffer length, and a remote attacker will be able to corrupt the stack and execute arbitrary code within the context of the proftpd process (CVE-2010-4221). Authentication is not required to exploit this vulnerability. ganglia-info Retrieves system information (OS version, available memory, etc. from a listening Ganglia Monitoring Daemon or Ganglia Meta Daemon. giop-info Queries a CORBA naming server for a list of objects. gkrellm-info Queries a GKRellM service for monitoring information. A single round of collection is made, showing a snapshot of information at the time of the request. gopher-ls Lists files and directories at the root of a gopher service. gpsd-info Retrieves GPS time, coordinates and speed from the GPSD network daemon. hadoop-datanode-info Discovers information such as log directories from an Apache Hadoop DataNode HTTP status page. hadoop-jobtracker-infoRetrieves information from an Apache Hadoop JobTracker HTTP status page. hadoop-namenode-info Retrieves information from an Apache Hadoop NameNode HTTP status page. hadoop-secondary-namenode-info Retrieves information from an Apache Hadoop secondary NameNode HTTP status page. hadoop-tasktracker-info Retrieves information from an Apache Hadoop TaskTracker HTTP status page. hbase-master-info Retrieves information from an Apache HBase (Hadoop database) master HTTP status page. hbase-region-info Retrieves information from an Apache HBase (Hadoop database) region server HTTP status page. hddtemp-infoReads hard disk information (such as brand, model, and sometimes temperature) from a listening hddtemp service. hostmap-bfk Discovers hostnames that resolve to the target's IP address by querying the online database at http://www. bfk. de/bfk_dnslogger. html. hostmap-robtex Discovers hostnames that resolve to the target's IP address by querying the online Robtex service at http://ip. robtex. com/. http-affiliate-id Grabs affiliate network IDs (e. g. Google AdSense or Analytics, Amazon Associates, etc. ) from a web page. These can be used to identify pages with the same owner. http-apache-negotiationChecks if the target http server has mod_negotiation enabled. This feature can be leveraged to find hidden resources and spider a web site using fewer requests. http-auth Retrieves the authentication scheme and realm of a web service that requires authentication. http-auth-finder Spiders a web site to find web pages requiring form-based or HTTP-based authentication. The results are returned in a table with each url and the detected method. http-awstatstotals-exec Exploits a remote code execution vulnerability in Awstats Totals 1. 0 up to 1. 14 and possibly other products based on it (CVE: 2008-3922). ttp-axis2-dir-traversal Exploits a directory traversal vulnerability in Apache Axis2 version 1. 4. 1 by sending a specially crafted request to the parameter xsd (OSVDB-59001). By default it will try to retrieve the configuration file of the Axis2 service ‘/conf/axis2. xml' using the path ‘/axis2/services/' to return the username and password of the admin account. http-backup-finder Spiders a website and attempts to identify backup copies of discovered files. It does so by requesting a number of different combinations of the filename (eg. index. bak, index. html~, copy of index. html). http-barracuda-dir-traversalAttempts to retrieve the configuration settings from a Barracuda Networks Spam & Virus Firewall device using the directory traversal vulnerability described at http://seclists. org/fulldisclosure/2010/Oct/119. http-brute Performs brute force password auditing against http basic authenticatio n. http-cakephp-version Obtains the CakePHP version of a web application built with the CakePHP framework by fingerprinting default files shipped with the CakePHP framework. http-chrono Measures the time a website takes to deliver a web page and returns the maximum, minimum and average time it took to fetch a page. ttp-config-backup Checks for backups and swap files of common content management system and web server configuration files. http-cors Tests an http server for Cross-Origin Resource Sharing (CORS), a way for domains to explicitly opt in to having certain methods invoked by another domain. http-date Gets the date from HTTP-like services. Also prints how much the date differs from local time. Local time is the time the HTTP request was sent, so the difference includes at least the duration of one RTT. http-default-accounts Tests for access with default credentials used by a variety of web applications and devices. ttp-domino-enum-passwords Attempts to enumerate the hashed Do mino Internet Passwords that are (by default) accessible by all authenticated users. This script can also download any Domino ID Files attached to the Person document. http-drupal-enum-users Enumerates Drupal users by exploiting a an information disclosure vulnerability in Views, Drupal's most popular module. http-drupal-modules Enumerates the installed Drupal modules by using a list of known modules. http-email-harvest Spiders a web site and collects e-mail addresses. http-enum Enumerates directories used by popular web applications and servers. ttp-exif-spider Spiders a site's images looking for interesting exif data embedded in . jpg files. Displays the make and model of the camera, the date the photo was taken, and the embedded geotag information. http-favicon Gets the favicon (â€Å"favorites icon†) from a web page and matches it against a database of the icons of known web applications. If there is a match, the name of the application is printed; otherwise the MD5 hash of the icon data is printed. http-form-brute Performs brute force password auditing against http form-based authentication. http-form-fuzzerPerforms a simple form fuzzing against forms found on websites. Tries strings and numbers of increasing length and attempts to determine if the fuzzing was successful. http-frontpage-login Checks whether target machines are vulnerable to anonymous Frontpage login. http-generator Displays the contents of the â€Å"generator† meta tag of a web page (default: /) if there is one. http-git Checks for a Git repository found in a website's document root /. git/) and retrieves as much repo information as possible, including language/framework, remotes, last commit message, and repository description. http-gitweb-projects-enumRetrieves a list of Git projects, owners and descriptions from a gitweb (web interface to the Git revision control system). http-google-malware Checks if hosts are on Google's blacklist of suspected malware and phishing serve rs. These lists are constantly updated and are part of Google's Safe Browsing service. http-grep Spiders a website and attempts to match all pages and urls against a given string. Matches are counted and grouped per url under which they were discovered. http-headers Performs a HEAD request for the root folder (â€Å"/†) of a web server and displays the HTTP headers returned. http-huawei-hg5xx-vulnDetects Huawei modems models HG530x, HG520x, HG510x (and possibly others†¦ ) vulnerable to a remote credential and information disclosure vulnerability. It also extracts the PPPoE credentials and other interesting configuration values. http-icloud-findmyiphone Retrieves the locations of all â€Å"Find my iPhone† enabled iOS devices by querying the MobileMe web service (authentication required). http-icloud-sendmsg Sends a message to a iOS device through the Apple MobileMe web service. The device has to be registered with an Apple ID using the Find My Iphone application. h ttp-iis-webdav-vuln Checks for a vulnerability in IIS 5. /6. 0 that allows arbitrary users to access secured WebDAV folders by searching for a password-protected folder and attempting to access it. This vulnerability was patched in Microsoft Security Bulletin MS09-020, http://nmap. org/r/ms09-020. http-joomla-brute Performs brute force password auditing against Joomla web CMS installations. http-litespeed-sourcecode-download Exploits a null-byte poisoning vulnerability in Litespeed Web Servers 4. 0. x before 4. 0. 15 to retrieve the target script's source code by sending a HTTP request with a null byte followed by a . txt file extension (CVE-2010-2333). ttp-majordomo2-dir-traversal Exploits a directory traversal vulnerability existing in Majordomo2 to retrieve remote files. (CVE-2011-0049). http-malware-host Looks for signature of known server compromises. http-method-tamper Attempts to bypass password protected resources (HTTP 401 status) by performing HTTP verb tampering. If an ar ray of paths to check is not set, it will crawl the web server and perform the check against any password protected resource that it finds. http-methods Finds out what options are supported by an HTTP server by sending an OPTIONS request. Lists potentially risky methods.Optionally tests each method individually to see if they are subject to e. g. IP address restrictions. http-open-proxy Checks if an HTTP proxy is open. http-open-redirect Spiders a website and attempts to identify open redirects. Open redirects are handlers which commonly take a URL as a parameter and responds with a http redirect (3XX) to the target. Risks of open redirects are described at http://cwe. mitre. org/data/definitions/601. html. http-passwd Checks if a web server is vulnerable to directory traversal by attempting to retrieve /etc/passwd or oot. ini. http-php-version Attempts to retrieve the PHP version from a web server.PHP has a number of magic queries that return images or text that can vary with the PHP version. This script uses the following queries: /? =PHPE9568F36-D428-11d2-A769-00AA001ACF42: gets a GIF logo, which changes on April Fool's Day. /? =PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000: gets an HTML credits page. http-phpself-xss Crawls a web server and attempts to find PHP files vulnerable to reflected cross site scripting via the variable $_SERVER[â€Å"PHP_SELF†]. http-proxy-brute Performs brute force password guessing against HTTP proxy servers. http-put Uploads a local file to a remote web server using the HTTP PUT method.You must specify the filename and URL path with NSE arguments. http-qnap-nas-info Attempts to retrieve the model, firmware version, and enabled services from a QNAP Network Attached Storage (NAS) device. http-rfi-spider Crawls webservers in search of RFI (remote file inclusion) vulnerabilities. It tests every form field it finds and every parameter of a URL containing a query. http-robots. txt Checks for disallowed entries in /robots. txt on a web server. http-robtex-reverse-ip Obtains up to 100 forward DNS names for a target IP address by querying the Robtex service (http://www. robtex. com/ip/). http-robtex-shared-nsFinds up to 100 domain names which use the same name server as the target by querying the Robtex service at http://www. robtex. com/dns/. http-sitemap-generator Spiders a web server and displays its directory structure along with number and types of files in each folder. Note that files listed as having an ‘Other' extension are ones that have no extension or that are a root document. http-slowloris Tests a web server for vulnerability to the Slowloris DoS attack by launching a Slowloris attack. http-slowloris-check Tests a web server for vulnerability to the Slowloris DoS attack without actually launching a DoS attack. ttp-sql-injection Spiders an HTTP server looking for URLs containing queries vulnerable to an SQL injection attack. It also extracts forms from found websites and tries to identify field s that are vulnerable. http-title Shows the title of the default page of a web server. http-tplink-dir-traversal Exploits a directory traversal vulnerability existing in several TP-Link wireless routers. Attackers may exploit this vulnerability to read any of the configuration and password files remotely and without authentication. http-trace Sends an HTTP TRACE request and shows if the method TRACE is enabled.If debug is enabled, it returns the header fields that were modified in the response. http-traceroute Exploits the Max-Forwards HTTP header to detect the presence of reverse proxies. http-unsafe-output-escaping Spiders a website and attempts to identify output escaping problems where content is reflected back to the user. This script locates all parameters, ? x=foo&y=bar and checks if the values are reflected on the page. If they are indeed reflected, the script will try to insert ghz>hzx†zxc'xcv and check which (if any) characters were reflected back onto the page witho ut proper html escaping.This is an indication of potential XSS vulnerability. http-userdir-enum Attempts to enumerate valid usernames on web servers running with the mod_userdir module or similar enabled. http-vhosts Searches for web virtual hostnames by making a large number of HEAD requests against http servers using common hostnames. http-virustotal Checks whether a file has been determined as malware by Virustotal. Virustotal is a service that provides the capability to scan a file or check a checksum against a number of the major antivirus vendors.The script uses the public API which requires a valid API key and has a limit on 4 queries per minute. A key can be acquired by registering as a user on the virustotal web page: http://www. virustotal. com http-vlcstreamer-ls Connects to a VLC Streamer helper service and lists directory contents. The VLC Streamer helper service is used by the iOS VLC Streamer application to enable streaming of multimedia content from the remote server to the device. http-vmware-path-vuln Checks for a path-traversal vulnerability in VMWare ESX, ESXi, and Server (CVE-2009-3733). http-vuln-cve2009-3960Exploits cve-2009-3960 also known as Adobe XML External Entity Injection. http-vuln-cve2010-0738 Tests whether a JBoss target is vulnerable to jmx console authentication bypass (CVE-2010-0738). http-vuln-cve2010-2861 Executes a directory traversal attack against a ColdFusion server and tries to grab the password hash for the administrator user. It then uses the salt value (hidden in the web page) to create the SHA1 HMAC hash that the web server needs for authentication as admin. You can pass this value to the ColdFusion server as the admin without cracking the password hash. ttp-vuln-cve2011-3192 Detects a denial of service vulnerability in the way the Apache web server handles requests for multiple overlapping/simple ranges of a page. http-vuln-cve2011-3368 Tests for the CVE-2011-3368 (Reverse Proxy Bypass) vulnerability in Apache HT TP server's reverse proxy mode. The script will run 3 tests: o the loopback test, with 3 payloads to handle different rewrite rules o the internal hosts test. According to Contextis, we expect a delay before a server error. o The external website test. This does not mean that you can reach a LAN ip, but this is a relevant issue anyway. ttp-vuln-cve2012-1823 Detects PHP-CGI installations that are vulnerable to CVE-2012-1823, This critical vulnerability allows attackers to retrieve source code and execute code remotely. http-waf-detect Attempts to determine whether a web server is protected by an IPS (Intrusion Prevention System), IDS (Intrusion Detection System) or WAF (Web Application Firewall) by probing the web server with malicious payloads and detecting changes in the response code and body. http-waf-fingerprint Tries to detect the presence of a web application firewall and its type and version. http-wordpress-brute erforms brute force password auditing against WordPress CMS/blo g installations. http-wordpress-enum Enumerates usernames in WordPress blog/CMS installations by exploiting an information disclosure vulnerability existing in versions 2. 6, 3. 1, 3. 1. 1, 3. 1. 3 and 3. 2-beta2 and possibly others. http-wordpress-plugins Tries to obtain a list of installed WordPress plugins by brute force testing for known plugins. iax2-brute Performs brute force password auditing against the Asterisk IAX2 protocol. Guessing fails when a large number of attempts is made due to the maxcallnumber limit (default 2048).In case your getting â€Å"ERROR: Too many retries, aborted †¦ † after a while, this is most likely what's happening. In order to avoid this problem try: – reducing the size of your dictionary – use the brute delay option to introduce a delay between guesses – split the guessing up in chunks and wait for a while between them iax2-version Detects the UDP IAX2 service. icap-info Tests a list of known ICAP service names and prints information about any it detects. The Internet Content Adaptation Protocol (ICAP) is used to extend transparent proxy servers and is generally used for content filtering and antivirus scanning. ke-version Get information from an IKE service. Tests the service with both Main and Aggressive Mode. Sends multiple transforms in a single request, so currently, only four packets are sent to the host. imap-brute Performs brute force password auditing against IMAP servers using either LOGIN, PLAIN, CRAM-MD5, DIGEST-MD5 or NTLM authentication. imap-capabilities Retrieves IMAP email server capabilities. informix-brute Performs brute force password auditing against IBM Informix Dynamic Server. informix-query Runs a query against IBM Informix Dynamic Server using the given authentication credentials (see also: informix-brute). nformix-tables Retrieves a list of tables and column definitions for each database on an Informix server. ip-forwarding Detects whether the remote device has ip fo rwarding or â€Å"Internet connection sharing† enabled, by sending an ICMP echo request to a given target using the scanned host as default gateway. ip-geolocation-geobytes Tries to identify the physical location of an IP address using the Geobytes geolocation web service (http://www. geobytes. com/iplocator. htm). The limit of lookups using this service is 20 requests per hour. Once the limit is reached, an nmap. registry[â€Å"ip-geolocation-geobytes†]. blocked oolean is set so no further requests are made during a scan. ip-geolocation-geoplugin Tries to identify the physical location of an IP address using the Geoplugin geolocation web service (http://www. geoplugin. com/). There is no limit on lookups using this service. ip-geolocation-ipinfodb Tries to identify the physical location of an IP address using the IPInfoDB geolocation web service (http://ipinfodb. com/ip_location_api. php). ip-geolocation-maxmind Tries to identify the physical location of an IP address using a Geolocation Maxmind database file (available from http://www. maxmind. com/app/ip-location).This script supports queries using all Maxmind databases that are supported by their API including the commercial ones. ipidseq Classifies a host's IP ID sequence (test for susceptibility to idle scan). ipv6-node-info Obtains hostnames, IPv4 and IPv6 addresses through IPv6 Node Information Queries. ipv6-ra-flood Generates a flood of Router Advertisements (RA) with random source MAC addresses and IPv6 prefixes. Computers, which have stateless autoconfiguration enabled by default (every major OS), will start to compute IPv6 suffix and update their routing table to reflect the accepted announcement.This will cause 100% CPU usage on Windows and platforms, preventing to process other application requests. irc-botnet-channels Checks an IRC server for channels that are commonly used by malicious botnets. irc-brute Performs brute force password auditing against IRC (Internet Relay Chat) serv ers. irc-info Gathers information from an IRC server. irc-sasl-brute Performs brute force password auditing against IRC (Internet Relay Chat) servers supporting SASL authentication. irc-unrealircd-backdoor Checks if an IRC server is backdoored by running a time-based command (ping) and checking how long it takes to respond. scsi-brute Performs brute force password auditing against iSCSI targets. iscsi-info Collects and displays information from remote iSCSI targets. isns-info Lists portals and iSCSI nodes registered with the Internet Storage Name Service (iSNS). jdwp-exec Attempts to exploit java's remote debugging port. When remote debugging port is left open, it is possible to inject java bytecode and achieve remote code execution. This script abuses this to inject and execute a Java class file that executes the supplied shell command and returns its output. jdwp-info Attempts to exploit java's remote debugging port.When remote debugging port is left open, it is possible to inject java bytecode and achieve remote code execution. This script injects and execute a Java class file that returns remote system information. jdwp-inject Attempts to exploit java's remote debugging port. When remote debugging port is left open, it is possible to inject java bytecode and achieve remote code execution. This script allows injection of arbitrary class files. jdwp-version Detects the Java Debug Wire Protocol. This protocol is used by Java programs to be debugged via the network.It should not be open to the public Internet, as it does not provide any security against malicious attackers who can inject their own bytecode into the debugged process. krb5-enum-users Discovers valid usernames by brute force querying likely usernames against a Kerberos service. When an invalid username is requested the server will responde using the Kerberos error code KRB5KDC_ERR_C_PRINCIPAL_UNKNOWN, allowing us to determine that the user name was invalid. Valid user names will illicit either th e TGT in a AS-REP response or the error KRB5KDC_ERR_PREAUTH_REQUIRED, signaling that the user is required to perform pre authentication. dap-brute Attempts to brute-force LDAP authentication. By default it uses the built-in username and password lists. In order to use your own lists use the userdb and passdb script arguments. ldap-novell-getpass Universal Password enables advanced password policies, including extended characters in passwords, synchronization of passwords from eDirectory to other systems, and a single password for all access to eDirectory. ldap-rootdse Retrieves the LDAP root DSA-specific Entry (DSE) ldap-search Attempts to perform an LDAP search and returns all matches. lexmark-config Retrieves configuration information from a Lexmark S300-S400 printer. lmnr-resolve Resolves a hostname by using the LLMNR (Link-Local Multicast Name Resolution) protocol. lltd-discovery Uses the Microsoft LLTD protocol to discover hosts on a local network. maxdb-info Retrieves version and database information from a SAP Max DB database. mcafee-epo-agent Check if ePO agent is running on port 8081 or port identified as ePO Agent port. membase-brute Performs brute force password auditing against Couchbase Membase servers. membase-http-info Retrieves information (hostname, OS, uptime, etc. ) from the CouchBase Web Administration port. The information retrieved by this script does not require any credentials. emcached-info Retrieves information (including system architecture, process ID, and server time) from distributed memory object caching system memcached. metasploit-info Gathers info from the Metasploit rpc service. It requires a valid login pair. After authentication it tries to determine Metasploit version and deduce the OS type. Then it creates a new console and executes few commands to get additional info. References: * http://wiki. msgpack. org/display/MSGPACK/Format+specification * https://community. rapid7. com/docs/DOC-1516 Metasploit RPC API Guide metasp loit-msgrpc-brutePerforms brute force username and password auditing against Metasploit msgrpc interface. metasploit-xmlrpc-brute Performs brute force password auditing against a Metasploit RPC server using the XMLRPC protocol. mmouse-brute Performs brute force password auditing against the RPA Tech Mobile Mouse servers. mmouse-exec Connects to an RPA Tech Mobile Mouse server, starts an application and sends a sequence of keys to it. Any application that the user has access to can be started and the key sequence is sent to the application after it has been started. modbus-discover Enumerates SCADA Modbus slave ids (sids) and collects their device information. ongodb-brute Performs brute force password auditing against the MongoDB database. mongodb-databases Attempts to get a list of tables from a MongoDB database. mongodb-info Attempts to get build info and server status from a MongoDB database. mrinfo Queries targets for multicast routing information. ms-sql-brute Performs password guessing against Microsoft SQL Server (ms-sql). Works best in conjunction with the broadcast-ms-sql-discover script. ms-sql-config Queries Microsoft SQL Server (ms-sql) instances for a list of databases, linked servers, and configuration settings. ms-sql-dacQueries the Microsoft SQL Browser service for the DAC (Dedicated Admin Connection) port of a given (or all) SQL Server instance. The DAC port is used to connect to the database instance when normal connection attempts fail, for example, when server is hanging, out of memory or in other bad states. In addition, the DAC port provides an admin with access to system objects otherwise not accessible over normal connections. ms-sql-dump-hashes Dumps the password hashes from an MS-SQL server in a format suitable for cracking by tools such as John-the-ripper. In order to do so the user needs to have the appropriate DB privileges. s-sql-empty-password Attempts to authenticate to Microsoft SQL Servers using an empty password for the sysad min (sa) account. ms-sql-hasdbaccess Queries Microsoft SQL Server (ms-sql) instances for a list of databases a user has access to. ms-sql-info Attempts to determine configuration and version information for Microsoft SQL Server instances. ms-sql-query Runs a query against Microsoft SQL Server (ms-sql). ms-sql-tables Queries Microsoft SQL Server (ms-sql) for a list of tables per database. ms-sql-xp-cmdshell Attempts to run a command using the command shell of Microsoft SQL Server (ms-sql). msrpc-enumQueries an MSRPC endpoint mapper for a list of mapped services and displays the gathered information. mtrace Queries for the multicast path from a source to a destination host. murmur-version Detects the Murmur service (server for the Mumble voice communication client) version 1. 2. 0 and above. mysql-audit Audits MySQL database server security configuration against parts of the CIS MySQL v1. 0. 2 benchmark (the engine can be used for other MySQL audits by creating appropriate audit files ). mysql-brute Performs password guessing against MySQL. mysql-databases Attempts to list all databases on a MySQL server. mysql-dump-hashesDumps the password hashes from an MySQL server in a format suitable for cracking by tools such as John the Ripper. Appropriate DB privileges (root) are required. mysql-empty-password Checks for MySQL servers with an empty password for root or anonymous. mysql-enum Performs valid user enumeration against MySQL server. mysql-info Connects to a MySQL server and prints information such as the protocol and version numbers, thread ID, status, capabilities, and the password salt. mysql-query Runs a query against a MySQL database and returns the results as a table. mysql-users Attempts to list all users on a MySQL server. mysql-variablesAttempts to show all variables on a MySQL server. mysql-vuln-cve2012-2122 nat-pmp-info Get's the routers WAN IP using the NAT Port Mapping Protocol (NAT-PMP). The NAT-PMP protocol is supported by a broad range of routers including: – Apple AirPort Express – Apple AirPort Extreme – Apple Time Capsule – DD-WRT – OpenWrt v8. 09 or higher, with MiniUPnP daemon – pfSense v2. 0 – Tarifa (firmware) (Linksys WRT54G/GL/GS) – Tomato Firmware v1. 24 or higher. (Linksys WRT54G/GL/GS and many more) – Peplink Balance nat-pmp-mapport Maps a WAN port on the router to a local port on the client using the NAT Port Mapping Protocol (NAT-PMP).It supports the following operations: o map – maps a new external port on the router to an internal port of the requesting IP o unmap – unmaps a previously mapped port for the requesting IP o unmapall – unmaps all previously mapped ports for the requesting IP nbstat Attempts to retrieve the target's NetBIOS names and MAC address. ncp-enum-users Retrieves a list of all eDirectory users from the Novell NetWare Core Protocol (NCP) service. ncp-serverinfo Retrieves eDirectory server information (OS ve rsion, server name, mounts, etc. ) from the Novell NetWare Core Protocol (NCP) service. ndmp-fs-infoLists remote file systems by querying the remote device using the Network Data Management Protocol (ndmp). NDMP is a protocol intended to transport data between a NAS device and the backup device, removing the need for the data to pass through the backup server. The following products are known to support the protocol: Amanda Bacula CA Arcserve CommVault Simpana EMC Networker Hitachi Data Systems IBM Tivoli Quest Software Netvault Backup Symantec Netbackup Symantec Backup Exec ndmp-version Retrieves version information from the remote Network Data Management Protocol (ndmp) service.NDMP is a protocol intended to transport data between a NAS device and the backup device, removing the need for the data to pass through the backup server. The following products are known to support the protocol: Amanda Bacula CA Arcserve CommVault Simpana EMC Networker Hitachi Data Systems IBM Tivoli Ques t Software Netvault Backup Symantec Netbackup Symantec Backup Exec nessus-brute Performs brute force password auditing against a Nessus vulnerability scanning daemon using the NTP 1. 2 protocol. nessus-xmlrpc-brute Performs brute force password auditing against a Nessus vulnerability scanning daemon using the XMLRPC protocol. etbus-auth-bypass Checks if a NetBus server is vulnerable to an authentication bypass vulnerability which allows full access without knowing the password. netbus-brute Performs brute force password auditing against the Netbus backdoor (â€Å"remote administration†) service. netbus-info Opens a connection to a NetBus server and extracts information about the host and the NetBus service itself. netbus-version Extends version detection to detect NetBuster, a honeypot service that mimes NetBus. nexpose-brute Performs brute force password auditing against a Nexpose vulnerability scanner using the API 1. 1.By default it only tries three guesses per username to avoid target account lockout. nfs-ls Attempts to get useful information about files from NFS exports. The output is intended to resemble the output of ls. nfs-showmount Shows NFS exports, like the showmount -e command. nfs-statfs Retrieves disk space statistics and information from a remote NFS share. The output is intended to resemble the output of df. nping-brute Performs brute force password auditing against an Nping Echo service. nrpe-enum Queries Nagios Remote Plugin Executor (NRPE) daemons to obtain information such as load averages, process counts, logged in user information, etc. tp-info Gets the time and configuration variables from an NTP server. We send two requests: a time request and a â€Å"read variables† (opcode 2) control message. Without verbosity, the script shows the time and the value of the version, processor, system, refid, and stratum variables. With verbosity, all variables are shown. ntp-monlist Obtains and prints an NTP server's monitor data. omp2- brute Performs brute force password auditing against the OpenVAS manager using OMPv2. omp2-enum-targets Attempts to retrieve the list of target systems and networks from an OpenVAS Manager server. openlookup-infoParses and displays the banner information of an OpenLookup (network key-value store) server. openvas-otp-brute Performs brute force password auditing against a OpenVAS vulnerability scanner daemon using the OTP 1. 0 protocol. oracle-brute Performs brute force password auditing against Oracle servers. oracle-brute-stealth Exploits the CVE-2012-3137 vulnerability, a weakness in Oracle's O5LOGIN authentication scheme. The vulnerability exists in Oracle 11g R1/R2 and allows linking the session key to a password hash. When initiating an authentication attempt as a valid user the server will respond with a session key and salt.Once received the script will disconnect the connection thereby not recording the login attempt. The session key and salt can then be used to brute force t he users password. oracle-enum-users Attempts to enumerate valid Oracle user names against unpatched Oracle 11g servers (this bug was fixed in Oracle's October 2009 Critical Patch Update). oracle-sid-brute Guesses Oracle instance/SID names against the TNS-listener. ovs-agent-version Detects the version of an Oracle Virtual Server Agent by fingerprinting responses to an HTTP GET request and an XML-RPC method call. p2p-conficker Checks if a host is infected with Conficker.C or higher, based on Conficker's peer to peer communication. path-mtu Performs simple Path MTU Discovery to target hosts. pcanywhere-brute Performs brute force password auditing against the pcAnywhere remote access protocol. pgsql-brute Performs password guessing against PostgreSQL. pjl-ready-message Retrieves or sets the ready message on printers that support the Printer Job Language. This includes most PostScript printers that listen on port 9100. Without an argument, displays the current ready message. With the p jl_ready_message script argument, displays the old ready message and changes it to the message given. op3-brute Tries to log into a POP3 account by guessing usernames and passwords. pop3-capabilities Retrieves POP3 email server capabilities. pptp-version Attempts to extract system information from the point-to-point tunneling protocol (PPTP) service. qscan Repeatedly probe open and/or closed ports on a host to obtain a series of round-trip time values for each port. These values are used to group collections of ports which are statistically different from other groups. Ports being in different groups (or â€Å"families†) may be due to network mechanisms such as port forwarding to machines behind a NAT. quake3-infoExtracts information from a Quake3 game server and other games which use the same protocol. quake3-master-getservers Queries Quake3-style master servers for game servers (many games other than Quake 3 use this same protocol). rdp-enum-encryption Determines which Secu rity layer and Encryption level is supported by the RDP service. It does so by cycling through all existing protocols and ciphers. When run in debug mode, the script also returns the protocols and ciphers that fail and any errors that were reported. rdp-vuln-ms12-020 Checks if a machine is vulnerable to MS12-020 RDP vulnerability. realvnc-auth-bypassChecks if a VNC server is vulnerable to the RealVNC authentication bypass (CVE-2006-2369). redis-brute Performs brute force passwords auditing against a Redis key-value store. redis-info Retrieves information (such as version number and architecture) from a Redis key-value store. resolveall Resolves hostnames and adds every address (IPv4 or IPv6, depending on Nmap mode) to Nmap's target list. This differs from Nmap's normal host resolution process, which only scans the first address (A or AAAA record) returned for each host name. reverse-index Creates a reverse index at the end of scan output showing which hosts run a particular service. This is in addition to Nmap's normal output listing the services on each host. rexec-brute Performs brute force password auditing against the classic UNIX rexec (remote exec) service. riak-http-info Retrieves information (such as node name and architecture) from a Basho Riak distributed database using the HTTP protocol. rlogin-brute Performs brute force password auditing against the classic UNIX rlogin (remote login) service. This script must be run in privileged mode on UNIX because it must bind to a low source port number. rmi-dumpregistry Connects to a remote RMI registry and attempts to dump all of its objects. mi-vuln-classloader Tests whether Java rmiregistry allows class loading. The default configuration of rmiregistry allows loading classes from remote URLs, which can lead to remote code execution. The vendor (Oracle/Sun) classifies this as a design feature. rpc-grind Fingerprints the target RPC port to extract the target service, RPC number and version. rpcap-brute Perform s brute force password auditing against the WinPcap Remote Capture Daemon (rpcap). rpcap-info Connects to the rpcap service (provides remote sniffing capabilities through WinPcap) and retrieves interface information.The service can either be setup to require authentication or not and also supports IP restrictions. rpcinfo Connects to portmapper and fetches a list of all registered programs. It then prints out a table including (for each program) the RPC program number, supported version numbers, port number and protocol, and program name. rsync-brute Performs brute force password auditing against the rsync remote file syncing protocol. rsync-list-modules Lists modules available for rsync (remote file sync) synchronization. rtsp-methods Determines which methods are supported by the RTSP (real time streaming protocol) server. tsp-url-brute Attempts to enumerate RTSP media URLS by testing for common paths on devices such as surveillance IP cameras. samba-vuln-cve-2012-1182 Checks if ta rget machines are vulnerable to the Samba heap overflow vulnerability CVE-2012-1182. servicetags Attempts to extract system information (OS, hardware, etc. ) from the Sun Service Tags service agent (UDP port 6481). sip-brute Performs brute force password auditing against Session Initiation Protocol (SIP – http://en. wikipedia. org/wiki/Session_Initiation_Protocol) accounts. This protocol is most commonly associated with VoIP sessions. ip-call-spoof Spoofs a call to a SIP phone and detects the action taken by the target (busy, declined, hung up, etc. ) sip-enum-users Enumerates a SIP server's valid extensions (users). sip-methods Enumerates a SIP Server's allowed methods (INVITE, OPTIONS, SUBSCRIBE, etc. ) skypev2-version Detects the Skype version 2 service. smb-brute Attempts to guess username/password combinations over SMB, storing discovered combinations for use in other scripts. Every attempt will be made to get a valid list of users and to verify each username before actu ally using them.When a username is discovered, besides being printed, it is also saved in the Nmap registry so other Nmap scripts can use it. That means that if you're going to run smb-brute. nse, you should run other smb scripts you want. This checks passwords in a case-insensitive way, determining case after a password is found, for Windows versions before Vista. smb-check-vulns Checks for vulnerabilities: MS08-067, a Windows RPC vulnerability Conficker, an infection by the Conficker worm Unnamed regsvc DoS, a denial-of-service vulnerability I accidentally found in Windows 2000 SMBv2 exploit (CVE-2009-3103, Microsoft Security Advisory 75497) MS06-025, a Windows Ras RPC service vulnerability MS07-029, a Windows Dns Server RPC service vulnerability smb-enum-domains Attempts to enumerate domains on a system, along with their policies. This generally requires credentials, except against Windows 2000. In addition to the actual domain, the â€Å"Builtin† domain is generally displ ayed. Windows returns this in the list of domains, but its policies don't appear to be used anywhere. smb-enum-groups Obtains a list of groups from the remote Windows system, as well as a list of the group's users. This works similarly to enum. exe with the /G switch. smb-enum-processesPulls a list of processes from the remote server over SMB. This will determine all running processes, their process IDs, and their parent processes. It is done by querying the remote registry service, which is disabled by default on Vista; on all other Windows versions, it requires Administrator privileges. smb-enum-sessions Enumerates the users logged into a system either locally or through an SMB share. The local users can be logged on either physically on the machine, or through a terminal services session. Connections to a SMB share are, for example, people connected to fileshares or making RPC calls.Nmap's connection will also show up, and is generally identified by the one that connected â€Å" 0 seconds ago†. smb-enum-shares Attempts to list shares using the srvsvc. NetShareEnumAll MSRPC function and retrieve more information about them using srvsvc. NetShareGetInfo. If access to those functions is denied, a list of common share names are checked. smb-enum-users Attempts to enumerate the users on a remote Windows system, with as much information as possible, through two different techniques (both over MSRPC, which uses port 445 or 139; see smb. lua). The goal of this script is to iscover all user accounts that exist on a remote system. This can be helpful for administration, by seeing who has an account on a server, or for penetration testing or network footprinting, by determining which accounts exist on a system. smb-flood Exhausts a remote SMB server's connection limit by by opening as many connections as we can. Most implementations of SMB have a hard global limit of 11 connections for user accounts and 10 connections for anonymous. Once that limit is reached, f urther connections are denied. This script exploits that limit by taking up all the connections and holding them. smb-lsAttempts to retrieve useful information about files shared on SMB volumes. The output is intended to resemble the output of the UNIX ls command. smb-mbenum Queries information managed by the Windows Master Browser. smb-os-discovery Attempts to determine the operating system, computer name, domain, workgroup, and current time over the SMB protocol (ports 445 or 139). This is done by starting a session with the anonymous account (or with a proper user account, if one is given; it likely doesn't make a difference); in response to a session starting, the server will send back all this information. smb-print-text