Security Analysis

Date: January 25, 2015 (updated March 18, 2015)

Overview

Testing the security of the server which houses the site cse-hub.arn.spsu.edu and providing recommendations for better security measures based on the findings.

Project Team 3

Roles	Name	Major responsibilities	Contact
Project owner	John Eidson	Allow access and pen-testing of applications and hardware. Provide permission and information when needed. Provide advice and guidance should technical/security questions arise.	jeidson@spsu.edu 770-853-9359
Team leader	Ian Roemer	Organize and submit documentation and completed work reports by the due date. Assist with tasks/work in order to complete required deliverables/milestones.	ianroemer.school@gmail.com 678-230-0617
Team members	Nick Zungri	Assist with tasks/work in order to complete required deliverables/milestones.	nzungri2@spsu.edu 678-633-4265
	Eri Wahyudi	Assist with tasks/work in order to complete required deliverables/milestones.	ewahyudi@spsu.edu
	James Kiger	Assist with tasks/work in order to complete required deliverables/milestones.	jkiger@spsu.edu james.kiger@mckenneys.com (404) 610-3506 Texting and Mckenneys e-mail is preferred for contact.
Advisor / Instructor	Jack Zheng	Facilitate project progress; advise on project management and technical solutions.	jackzheng@spsu.edu

Final Deliverables

• Research and analysis report (initial target cse-hub.arn.spsu.edu at all levels)
  • Analysis plan and methodology
  • Analysis results
  • Recommendations for remedies or improvements
• Actual implementation of the recommendations
• Documentation of the implementation

Milestones

#1 - By 2/20/2015

• Complete the research and analysis plan/methodology

#2 - By 3/20/2015

• Perform the actual analysis (pen-test) and write report (including recommendations)
• Risk assessment for defensive configuration (internal) and write report
  • User/group policy and setup
  • Web server settings
  • Database settings
• Diagram overall network setup

#3 - By 4/17/2015

• Implement the recommendations on cse-hub.arn.spsu.edu
  • Installation
  • Reconfiguration
  • Alerting/Report security logs
• Pen-test again
• Final recommendations/report

Milestone meetings date/time

#1 2/18 2:30PM to 3:30PM

#2 3/18 2:30PM to 3:30PM

#3 4/15 2:30PM to 3:30PM

Communication and Meeting Planning

All team members will utilize the primary contact information listed above in order to communicate any questions or concerns, as well as submit work completed to the group leader for him to combine and submit by the milestone due date. In-person milestone meetings will take place on the dates and times listed above. If it is convenient for some members of the team and deemed necessary, some informal collaboration meetings will take place at a time which suits team needs.

Project Schedule and Tasks Planning

A Gantt chart containing specific tasks and planning will be included, updated, and distributed regularly to all team members, advisors, and project owners.