1 / 18

Novacoast Development

UCSB Capstone Project Eron Howard, VP Development David Parker, Research & Development. Novacoast Development. Novacoast Overview. Focus Areas (Practices): Systems Integrity Security, Identity Management Data Center Solutions Availability Productivity Solutions

bayard
Download Presentation

Novacoast Development

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. UCSB Capstone Project Eron Howard, VP Development David Parker, Research & Development Novacoast Development www.novacoast.com

  2. www.novacoast.com Novacoast Overview • Focus Areas (Practices): • Systems Integrity • Security, Identity Management • Data Center Solutions • Availability • Productivity Solutions • Resource Management, Training • Product Development • VoiceRD, Castor, Zorro • Product fulfillment • Software Acquisition

  3. www.novacoast.com Novacoast Overview • Company Overview • 90+ employees. • Spread across 16 states. • HQ in Santa Barbara.. • Offices in Portland, Cincinnati, Philadelphia. • Opening New York. • Just celebrated 11 years anniversary. • Development Team • 18 developers. • 100% UCSB CS, CE, & CCS graduates. • Santa Barbara based.

  4. www.novacoast.com Novacoast Development • Types of Projects • Web application Development. • System Integration Programming. • Programming support for Security practice. • Product Development. • VoiceRD Enterprise Open Source VOIP • Examples of Clients (http://www.novacoast.com/clients.php)‏ • Indigo Systems (Flir), Santa Barbara Bank & Trust • Academy of Motion Pictures, Sony Pictures • Walmart, Toyota USA, Cingular

  5. Novacoast Development • Software • 100% Linux • Open Source • Best of Breed • Programming languages • Anything non-Microsoft • The best tool for the job • (Python, PHP, XSLT...)‏ www.novacoast.com

  6. www.novacoast.com CAPSTONE • Capstone Projects • 1) VOIP Video Conferencing • Allows users to login, change system settings, transfer calls, check voicemail. • 2) Distributed Security Auditor • Tools for rapid security assessments on large networks. • 3) Linux Time Machine • Powerful backup technology completely hidden behind simple intuitive user interfaces. • 4) Present your own project. • Software only. • Potentially open sourced.

  7. VOIP Video Conferencing • Conference User features: • Users on a conference call can enable video. • Application displays all users on the conference who have video enabled. • Whoever is talking is highlighted or larger. • Conference Admin features: • Caller ID for users. • Mute/Unmute users. • Kick users. www.novacoast.com

  8. VOIP Video Conferencing • Technologies required: • VoiceRD Open Source PBX • Asterisk video conferencing API • FLEX 3 gui design tools. • PHP SOAP Interface. • Conference Admin features: • Caller ID for users. • Mute/Unmute users. • Kick users. www.novacoast.com

  9. VOIP Video Conferencing • Project details: • 1) Build a GUI using Flex 3 designer which generates MXML / actionscript. • 2) Develop web services layer using PHP with all functionality abstracted out. • 3) Use Asterisk Video API to implement backend functionality. www.novacoast.com

  10. Distributed Security Auditor • Security assessments: internal, external, apps • Knowing no special information, break into systems like a hacker would • Obtain passwords, company data, CC numbers... • Document holes and make recommendations www.novacoast.com

  11. Distributed Security Auditor www.novacoast.com

  12. Distributed Security Auditor • Used to quickly assess the security of hosts on a network (and the network itself)‏ • Automates common information gathering and scripted attacks • Communication: P2P with other hosts and client/server with the management console www.novacoast.com

  13. DSA Architecture • Lightweight agent • Installs and runs silently, cross platform and self contained • Talks to management console and other agents • Can download files, execute commands, and send back results • Extended with plugins that are downloaded on the fly, each of which performs a specific task or attack • Rule-based attack engine • Aggregates data coming back from the agents • Constructs a big picture of the network's security • Decides how, when, and where to attack • Management console GUI • Python? Web-based with PHP and Flex? Java? www.novacoast.com

  14. DSA Functionality • Tasks that the attack engine can “push” to agents: • List users and groups, security policies • Create new user • Dump password hashes • List shared folders, running services, open ports • Sniff network traffic • Dump SQL databases or LDAP queries • Take screenshots and log keystrokes of the active user • Read bookmarks and saved browser passwords for web admin tools • Set up ad-hoc VPN tunnel from the internal network to a management console on the Internet www.novacoast.com

  15. Linux Time Machine • Powerful backup technology has been around for ages but nobody uses it • Make backups completely self-maintaining, painless, and easy • Cross platform backup tool under the hood, web-based configuration tool visible to users www.novacoast.com

  16. Linux Time Machine • Backups can be stored to a locally plugged in USB disk or across the network to a file server • Snapshots are taken efficiently, storing the changes of files instead of the entire files themselves • Restoring to a previous point in time is possible because snapshots are independent • Open source tools to do all of the above are already available and just need a good UI to tie them together • We can extend the idea to a network-aware Time Machine for both desktops and servers, managing backups for multiple systems www.novacoast.com

  17. Linux Time Machine • Web based framework for building a backup & restore UI that is easy to use • Automatically pops up when a backup drive is hotplugged with USB • In a network environment, admins can manage backups for everyone www.novacoast.com

  18. www.novacoast.com CAPSTONE • What we will provide for you: • VOIP Project – VOIP phones and cameras. • Security Auditor – help with tools and techniques used during real world security assessments • Linux Time Machine – access to a graphics designer for designing the UI • Development servers and QA lab. • Our years of experience with running and managing open source projects. • Access to our entire development team's technical expertise for questions and design advice.

More Related