slides
advertisement
Novacoast Development UCSB Capstone Project Eron Howard, VP Development David Parker, Research & Development 2007 Novacoast Inc www.novacoast.com Novacoast Overview Focus Areas (Practices): 2007 Novacoast Inc Systems Integrity Security, Identity Management Data Center Solutions Availability Productivity Solutions Resource Management, Training Product Development VoiceRD, Castor, Zorro Product fulfillment Software Acquisition www.novacoast.com Novacoast Overview Company Overview 90+ employees. Spread across 16 states. HQ in Santa Barbara.. Offices in Portland, Cincinnati, Philadelphia. Opening New York. Just celebrated 11 years anniversary. Development Team 18 developers. 100% UCSB CS, CE, & CCS graduates. Santa Barbara based. 2007 Novacoast Inc www.novacoast.com Novacoast Development Types of Projects Web application Development. System Integration Programming. Programming support for Security practice. Product Development. VoiceRD Enterprise Open Source VOIP Examples of Clients (http://www.novacoast.com/clients.php) Indigo Systems (Flir), Santa Barbara Bank & Trust Academy of Motion Pictures, Sony Pictures Walmart, Toyota USA, Cingular 2007 Novacoast Inc www.novacoast.com Novacoast Development Software 100% Linux Open Source Best of Breed Programming languages Anything non-Microsoft The best tool for the job (Python, PHP, XSLT...) 2007 Novacoast Inc www.novacoast.com CAPSTONE Capstone Projects 1) VOIP Video Conferencing 2) Distributed Security Auditor Tools for rapid security assessments on large networks. 3) Linux Time Machine Allows users to login, change system settings, transfer calls, check voicemail. Powerful backup technology completely hidden behind simple intuitive user interfaces. 4) Present your own project. 2007 Novacoast Inc Software only. Potentially open sourced. www.novacoast.com VOIP Video Conferencing Conference User features: Users on a conference call can enable video. Application displays all users on the conference who have video enabled. Whoever is talking is highlighted or larger. Conference Admin features: Caller ID for users. Mute/Unmute users. Kick users. 2007 Novacoast Inc www.novacoast.com VOIP Video Conferencing 2007 Novacoast Inc Technologies required: VoiceRD Open Source PBX Asterisk video conferencing API FLEX 3 gui design tools. PHP SOAP Interface. Conference Admin features: Caller ID for users. Mute/Unmute users. Kick users. www.novacoast.com VOIP Video Conferencing Project details: 1) Build a GUI using Flex 3 designer which generates MXML / actionscript. 2) Develop web services layer using PHP with all functionality abstracted out. 3) Use Asterisk Video API to implement backend functionality. 2007 Novacoast Inc www.novacoast.com Distributed Security Auditor Security assessments: internal, external, apps Knowing no special information, break into systems like a hacker would Obtain passwords, company data, CC numbers... Document holes and make recommendations 2007 Novacoast Inc www.novacoast.com Distributed Security Auditor 2007 Novacoast Inc www.novacoast.com Distributed Security Auditor Used to quickly assess the security of hosts on a network (and the network itself) Automates common information gathering and scripted attacks Communication: P2P with other hosts and client/server with the management console 2007 Novacoast Inc www.novacoast.com DSA Architecture Lightweight agent Installs and runs silently, cross platform and self contained Talks to management console and other agents Can download files, execute commands, and send back results Extended with plugins that are downloaded on the fly, each of which performs a specific task or attack Rule-based attack engine Aggregates data coming back from the agents Constructs a big picture of the network's security Decides how, when, and where to attack Management console GUI Python? Web-based with PHP and Flex? Java? 2007 Novacoast Inc www.novacoast.com DSA Functionality Tasks that the attack engine can “push” to agents: List users and groups, security policies Create new user Dump password hashes List shared folders, running services, open ports Sniff network traffic Dump SQL databases or LDAP queries Take screenshots and log keystrokes of the active user Read bookmarks and saved browser passwords for web admin tools Set up ad-hoc VPN tunnel from the internal network to a management console on the Internet 2007 Novacoast Inc www.novacoast.com Linux Time Machine Powerful backup technology has been around for ages but nobody uses it Make backups completely selfmaintaining, painless, and easy Cross platform backup tool under the hood, web-based configuration tool visible to users 2007 Novacoast Inc www.novacoast.com Linux Time Machine Backups can be stored to a locally plugged in USB disk or across the network to a file server Snapshots are taken efficiently, storing the changes of files instead of the entire files themselves Restoring to a previous point in time is possible because snapshots are independent Open source tools to do all of the above are already available and just need a good UI to tie them together We can extend the idea to a network-aware Time Machine for both desktops and servers, managing backups for multiple systems 2007 Novacoast Inc www.novacoast.com Linux Time Machine Web based framework for building a backup & restore UI that is easy to use Automatically pops up when a backup drive is hotplugged with USB In a network environment, admins can manage backups for everyone 2007 Novacoast Inc www.novacoast.com CAPSTONE What we will provide for you: VOIP Project – VOIP phones and cameras. Security Auditor – help with tools and techniques used during real world security assessments Linux Time Machine – access to a graphics designer for designing the UI Development servers and QA lab. Our years of experience with running and managing open source projects. Access to our entire development team's technical expertise for questions and design advice. 2007 Novacoast Inc www.novacoast.com
