Presentation on theme: "QUINTUS SECURITY Final Presentation 4/29/11 Sanjiv KawaJoshua Reynolds Moe HansaChristian Cortes."— Presentation transcript:
QUINTUS SECURITY Final Presentation 4/29/11 Sanjiv KawaJoshua Reynolds Moe HansaChristian Cortes
AGENDA Projects Reasoning and Choice Server Implementation Website Structure Tutorials and Content Projects Challenges and Successes Lessons Learned Questions
WHO ARE WE? Quintus Security: Quintus of Smyrna A tale teller of the original Trojan Horse Greek Mythology Invasion of Troy Information Technology Major: Computer Systems Image 
WHAT IS THE PROJECT? Security Information Website Written Tutorials/Papers Video Demonstrations Attack Demonstrations Preventive Demonstrations
WHY DID WE CHOOSE IT? Lack of understandable Security Information. Improper Security Practices in the Industry. A group passion for security and providing awareness.
SPONSORSHIP Sponsored by Seccuris Inc. Intellectual Property of the Capstone Project as provided to Seccuris Experts in Information Security Internationally recognized by academic and professional institutes Based out of Winnipeg Image 
REQUIREMENTS – BUSINESS PLAN Due to the nature of the project a Business Plan was required A formal document that is needed for the pre-approval for a loan A Business Plan includes: Business Goals, Description, and Background Marketing and Advertising Competition, Growth Program, Risk Assessment
ItemCost Windows Server 2008 R2 Enterprise$3, Windows XP SP3 Professional$ VMware Workstation 7.1$ Camtasia for Mac | Screen Recording & Presentation $99.00 Linux Distributions$0.00 Canon FS200 Camcorder$ LaCie 500GB External HD USB 2.0$99.99 Server System ( HP DL385 G7) $ D-Link DGS-1008G 8-Port Gigabit Desktop Switch$59.99 Samsung BX2240X 21.5" Business LED Monitor$ x14’ CAT6 Ethernet Patch Cable$27.92 Microsoft Wireless Desktop 3000 Keyboard & Mouse Bundle, English $49.99 Blue Microphones | Snowflake$83.99 Total$ RESOURCES – TIME SPENT & MATERIAL
SERVER IMPLEMENTATION HP DL385 G7 Raid 5 Array (6 Drives) Hard Drive Encryption Ubuntu Server v10.10 PHP5 apache2 SSH SFTP SSL MySQL
WEBSITE STRUCTURE The website can be broken down into 2 areas: Administration Section – Accessed via “hidden” path. User Section – Available to registered users only.
WEBSITE STRUCTURE - ADMIN The Administration Area of the Website consists of 3 sections: Add User – The creation of either a regular user or moderator. Delete User – The removal of either a regular user or moderator. Administrative Logs – Tracks if a moderator has logged, specifies IP and Time.
WEBSITE STRUCTURE - ADMIN
WEBSITE STRUCTURE - USER The User area of the Website consists of 2 sections: About Us – A brief section about each member. Tutorials – A section dedicated towards security write ups and videos.
WEBSITE STRUCTURE - USER
WEBSITE STRUCTURE - NAVIGATION The website implements uniform navigation. A standard portal for easy roaming. One location, serving one purpose. Complete user control.
WEBSITE STRUCTURE - SECURITY Active User Sessions MD5 Encryption Java Script Filtration No $_GET Requests
TUTORIALS Basic: Data Encryption Malware Securing Windows SSL and TLS Image 
CHALLENGES & SUCCESSES Getting video demonstrations to react in an expected manner Trying not to make mistakes while recording video tutorials With practice it became more natural Documentation Format and Flow Intellectual Property Group meetings and Long Discussions regarding the distribution of IP Time constraints Not being able to demonstrate all topics of interest
LESSONS LEARNED Planning is key. Heavy research is required for large projects. Encryptions algorithms are complicated. Modern Linux versions have improved security. Project in itself felt like it was another IT security course. Most importantly: Choose a project that you are passionate about, this way it is enjoyable and you will produce your best work.