Weekly Logs
Report Week: 11/13 to 11/19
Progress summary
Finished Milestone 3 / Faculty presentation
Finished all Milestone 3 and C-Day deliverables
Meeting summary (11/3)
We discussed our plans for completing the research paper and updating the Showcase website with our final deliverables and changes.
Key events
Acceptance to C-Day
Submission of all project deliverables
Member activities
Team member name | Major tasks and contributions | Workload (hours) |
|---|---|---|
Gilbert Vuong | Updates to Team Showcase Website. Aggregation of files for final submission. | 14 |
Manuel Chico | Updated team showcase website.
Flash, CDay, and Final presentation updates.
Cday, and Final presentation recording. | 20 |
Harrison Jones | Updating Showcase website. Reviewing/editing research paper. C-Day Presentation. Updating C-Day poster. Adding citations to research paper. | 15 |
George Barber | Updated research paper. Added citations. Edited Showcase website and improved consistency/formatting | 15 |
Joseph Gillepsie | [Team member has dropped this class] | n/a |
Team Total: | 64 |
Report Week: 11/6 to 11/12
Progress summary
Completed C-Day 5-minute presentation
Updated C-Day poster
Combing Teams and consolidating communication and correspondence
Meeting summary (11/10)
Discussed remaining tasks to complete for Milestone 3
Scheduled times and backup times for C-Day and Milestone 3 presentation recording
Key events
C-Day Registration
Member activities
Team member name | Major tasks and contributions | Workload (hours) |
|---|---|---|
Gilbert Vuong | Updates to research paper. Updates to team’s showcase website. Weekly log updates. Updates to Milestone 3 presentation slides. | 10 |
Manuel Chico | Attack phase completion and documentation.
Research paper updates and Meeting with KSU writing center.
Updates to Milestone 3 presentation slides. | 10 |
Harrison Jones | Review of research paper. Preparation for C-Day registration and submission. Updating Weekly Logs page of website. Updating website navigation menu. Updating Showcase website overall and mobile version. C-Day presentation recording. Updates to Milestone 3 presentation slides. | 10 |
George Barber | Continued working on research paper. Preparation for C-Day presentation recording. Documentation of blue team results and actions taken to monitor and protect server. Updates to Milestone 3 presentation slides. | 10 |
Joseph Gillepsie | [Team member has dropped this class] | n/a |
Team Total: | 40 |
Report Week: 10/30 to 11/5
Progress summary
Continued updates to team’s show case website.
Continued updates to team’s research paper.
Sign up for C-Day event and presentation.
Continued pentesting and red team activities at opposing team’s web server stack.
Continued monitoring and patches to our team’s web server stack.
Meeting summary (11/3)
Discussed current progression in vulnerability scanning and testing of opposing team’s web server stack.
Discussed potential target vectors and avenues of intrusion.
Reviewed our team’s web server status and security protocols.
Planned team’s next steps as red team and blue team for next week.
Key events
Updated show case website.
Updated research paper.
Signed up for C-Day event.
Member activities
Team member name | Major tasks and contributions | Workload (Hours) |
|---|---|---|
Gilbert Voung | Continued updates to team’s show case website. Monitoring of web server stack for intrusions or interferences. Documentation and notation of team’s web server security scans. Research into team’s red team best practices and software tools. Additions and edits to team’s research paper. | 8 |
Manuel Chico | Continued troubleshooting of IDS issues. Updates and monitoring of web server stack and security programs. Pentesting and vulnerability scanning of opposing team’s web server stack. Resolved IP blacklisting issues. Research into potential intrusion vectors into opposing team’s web server stack. Documented scans and team’s red team activities. | 10 |
Harrison Jones | Researching WordPress-specific attach techniques. Researching brute force attacks for WordPress admin pages. Reviewing Teams posts and summarizing events and findings during Red/Blue team phase. Reviewing WAF and server logs. Utilizing BurpSuite for scanning opposing team’s WordPress Admin URL. | 10 |
George Barber | Worked on grammar and spelling mistakes in research paper draft and added appendix for ancillary material. Documented all software that needs citation. | 6 |
Joseph Gillespie | [Team member has dropped the class] | n/a |
Team Total | 34 |
Report Week: 10/23 to 10/29
Progress summary
Setup tracking for IP addresses accessing website
Disabling port 22 in favor of Terminal via Cockpit
Enumerating site map of target server
Updating SSL certificate and other services in reference to IP address change from .236 to .241
Meeting summary (10/27)
Key events
KSU network issue resulted in server outage caused by duplicate IP assignment. New server IP address is 10.96.32.241
One-off snapshot taken after immediate changes made prior to start of Phase 3
Member activities
Team member name | Major tasks and contributions | Workload (hours) |
|---|---|---|
Gilbert Voung | Gilbert traveling this week. He worked on Showcase website and server troubleshooting when server went down due to IP change. | 4 |
Manuel Chico | Troubleshoot server access issues. changed server and wp site configuration after IP changes. Update FW configuration, and ensured port 22 and SSD were disabled. Updated Appsec config. And troubleshoot IDS issues SNort configuration is not able as there are too many conjuration changes that need to be updated, alternate IDS Suritcate and SSID were attempted with minimal success due to missing libraries. Suricane was installed successfully, however, the application crashed after installation due to missing library. Preformed scan passive and active scans against target system: confirmed Tgt system, has SSH, 9090, 80 and 443 are opened. The opposing team has changed default password for root, admin and itgroup, server has Suciry WAF fireall and http redirection wp plugin. The opposing team has blacklisted my IP. And verified that GP has static setting. Contacted project sponsor and KSU support to change IP setting, due to the nature of IP configuration all team can just Blacklist all IP’s and not have any intrusions. Verified our team WAF and RH WF firewall setting blacklist IP for 24hrs. | 12 |
Harrison Jones | Communication w/ Josh Hawke regarding server access issues caused by IP conflict due to KSU infrastructure. Coordinating connectivity restoration and immediate snapshot prior to beginning of Phase 3. Attempting Snort IDS installation setup. Troubleshooting missing pre-requisites. Researching passive and active enumeration and vulnerability scanning techniques and tools. Identifying wp-login.php URL of target server. WPScan of target server in passive mode. Scanning our server via passive/aggressive tactics. Utilizing BurpSuite Professional trial for enumeration of our web server. Scanning and gathering site map of our web server and target server. | 15 |
George Barber | Traveled to Netherlands, troubleshooting vpn and website issues. Researching python scripting resources and website scan for red team tactics. | 4 |
Joseph Gillespie | [Team member has dropped the class] | n/a |
Team Total | 35 |
Report Week: 10/16 to 10/22
Progress summary
Research paper updated and references added
Second snapshot recovery successful
Re-implementation of HTTPS after snapshot recovery
Disaster Recovery procedure finalized
Meeting summary (10/11)
Discussing passive vs active penetration testing for phase 3
Concerns regarding response time and time for restoration during phase 3
Key events
Attempted RedHat OS update
Snapshot recovery took 4 business days to complete
Member activities
Team member name | Major tasks and contributions | Workload (hours) |
|---|---|---|
Gilbert Voung | Updates to Research Paper. Continued updates to team’s Show Case website. Presented Milestone 2 Presentation to sponsor. Continued security testing few newly implemented security fixes and configuration. | 10 |
Manuel Chico | RedHat OS update. Snapshot recovery. Reimplantation of security program that was lost during recovery. Setup Cockpit. Removed SSH access. Continued implementation of security module. Milestone 2 Presentation to sponsor. | 10 |
Harrison Jones | Finalize snapshot recovery process. Finalizing DR Plan. Updating security policy. Research paper review. Organizing and adding references to research papers. Team discussions regarding next steps as we enter Milestone 3. Presented Milestone 2 Presentation to sponsor | 10 |
George Barber | Milestone 2 Presentation to sponsor. Updates to Show Case website. Added additional references to Research Paper and website. Continued documentation of research and vulnerability fixes. | 8 |
Joseph Gillespie | [Team member has dropped the class] | n/a |
Team Total | 38 |
Report Week: 10/9 to 10/15
Progress summary
Continuing to patch vulnerabilities and hardening server security
Continuing research and contribution to research paper
Researching and planning strategies to compromise other web servers
Meeting summary (10/11)
Discuss live-alerting and server monitoring capabilities
Planning and reallocating tasks due to team member dropping class
Confirming everyone is aware of location for contact information pertaining to server backup restoration
Research and timeline for implementing monitoring solutions for real-time alerting
Key events
Successful restoration of snapshot recovery solidifying DR recovery process
Enabled and secured web server and WordPress with firewall and WAF
Implementation of HTTPS
Setup access to server via Cockpit, allowing for disabling of SSH port 22
Member activities
Team member name | Major tasks and contributions | Workload (hours) |
|---|---|---|
Gilbert Voung | Updates to Project Plan, IT Security Policy, and Research Paper. Updates to team’s Show Case website. Added to Milestone 2 presentation. Continued security testing few newly implemented security fixes and configuration. | 9 |
Manuel Chico | Implementation and configuration of HTTPS, WAF, and firewall for server and WordPress. Setup Cockpit. Removed SSH access. Continued implementation of security module. | 9 |
Harrison Jones | Researching DR Plans and recovery processes. Verifying access to server through Cockpit. Updating documentation/credentials. Research password policy. Researching best practices for automatic updates. Vulnerability scan of server after Cockpit implementation. | 9 |
George Barber | Running python scripts for automated network and system scanning for weaknesses and attack testing. Continued documentation of research and vulnerability fixes. Research into security policy best practices | 8 |
Joseph Gillespie | [Team member has dropped the class] | n/a |
Team Total | 38 |
Report Week: 10/2 to 10/8
Progress summary
Continuing to patch vulnerabilities and hardening server security
Continuing research and contribution to research paper
Submitting request to restore from snapshot due to inability to SSH into server after reinstalling Apache
Researching and planning strategies to compromise other web servers
Meeting summary
Apache uninstall occurring after our snapshot on 10/6/2023 at midnight
Research and timeline for implementing monitoring solutions for real-time alerting
Key events
Apache uninstall/reinstall attempted
Submitting request to restore from snapshot due to inability to SSH into server after reinstalling Apache
Member activities
Team member name | Major tasks and contributions | Workload (hours) |
|---|---|---|
Gilbert Voung | Researching into Disaster Recovery and Incident Response Plans draft. Research into web server fixes. Research into security software and monitoring software. Update and security testing. Taken over responsibility of updating team’s Show Case website. | 8 |
Manuel Chico | Performing updates and security fixes. Uninstall and new install of updated Apache on web server. | 8 |
Harrison Jones | Researching potential issues related to Apache reinstallation. Researching disaster recovery plan and incident response plan methodologies. Updating documentation with KSU support contacts. | 7 |
George Barber | Researching python scripts for automated network and system scanning for weaknesses and attack testing. | 7 |
Joseph Gillespie | [Team member has dropped the class] | n/a |
Team Total | 30 |
Report Week: 9/25 to 10/1
Progress summary
Making progress towards Milestone 2
Began applying security fixes to web server stack
Continued research paper draft
Began draft for Disaster Recovery Plans
Began draft for Incident Response Plans
Meeting summary
Team meeting 9/29: Discussed current progress in updating and applying security fixes. Discussed what disaster recovery and incident response research. Assigned tasks to complete for the next week.
Key events
Updating key web server software to ensure security from known vulnerabilities.
Member activities
Team member name | Major tasks and contributions | Workload (hours) |
|---|---|---|
Gilbert Voung | Researching into Disaster Recovery and Incident Response Plans draft. Research into web server fixes. Research into security software and monitoring software. | 8 |
Manuel Chico | Web server software updates. Continued monitor of web server security. Research into monitoring software to better secure web server stack. | 8 |
Harrison Jones | Researching security policy best practices. Researching Disaster Recovery Plans and beginning draft. Researching Incident Response Plans and beginning draft. Reviewing research paper draft and working on content pertaining to policy. | 8 |
George Barber | Continued documentation of research and vulnerability fixes. Research into security policy best practices | 8 |
Joseph Gillespie | Continued updates to team’s Show Case website. Began documenting notes for milestone 2 presentation. | 8 |
Team Total | 40 |
Report Week: 9/18 to 9/24
Progress summary
Milestone 1 presentation slides developed.
Updated Gantt chart
Updated Weekly Log
Started draft of Research Paper
Finalize IT Security Policy and Acceptable Use Policy
Finalize Implementation plan
Scheduled meeting with sponsor to present on September 24, 2023, at 5:00 PM.
Meeting summary
The team held its weekly Teams meeting on 9/22/23 at 6:00 PM to discuss weekly progress and tasks to complete before presentation. Confirmed sponsor meeting for 9/24/23 at 5:00 PM.
The team held a meeting at 4:00 PM on 9/24/23 to go over Milestone 1 presentation presenting order, slides, and practice presenting for official presentation at 5:00 PM.
Held official presentation meeting with sponsor and team at 5:00 PM on 9/24/23.
Key events
Completed Milestone 1 objectives and tasks
Updated documentation, logs, and charts
Successfully presented to sponsor as scheduled
Approval to progress to Milestone 2
Member activities
Team member name | Major tasks and contributions | Workload (hours) |
|---|---|---|
Gilbert Voung | Milestone 1 presentation slides. Updated Weekly Log and Gantt Chart. Finalize IT Security Policy and Acceptable Policy. Presented Milestone 1 Report to sponsor. | 10 |
Manuel Chico | Milestone 1 presentation slides. Continued vulnerability research and testing. Updates to Risk Assessment. Web server software updates. Developed Research Paper draft. Presented Milestone 1 Report to sponsor. | 12 |
Harrison Jones | Continued developing and finalizing Website Server Information Security Policy. Creating Acceptable Use Policy for Akwaaba. Researching security policy and change management policy. Presented Milestone 1 Report to sponsor. | 10 |
George Barber | Continued documentation of research and references for vulnerability research. Milestone 1 presentation slides. Developed Research Paper draft. Presented Milestone 1 Report to sponsor. | 9 |
Joseph Gillespie | Continued development and updates to team’s Show Case website. Continued security research to improve Implementation plan. Milestone 1 presentation slides. Presented Milestone 1 Report to sponsor. | 9 |
Team Total | 50 |
Report Week: 9/11 to 9/17
Progress summary
IT Security Policy almost finalized
Meeting invitation sent to professor for Friday, September 22 at 6:00 pm for a live presentation and progress review
Meeting summary
Team Meeting 9/15 - Reviewed recently found vulnerabilities found on web stack. Scheduled when to update web stack and software. Reviewed Milestone 1 deliverables and report guide. Discussed outline and slide requirements for presentation. Assigned tasks to complete for Milestone 1 and deliver.
Key events
Successfully scheduled snapshots of our virtual machine to occur every Friday at midnight. Began research paper draft. Presentation slide and outline.
Member activities
Team member name | Major tasks and contributions | Workload (hours) |
|---|---|---|
Gilbert Voung | Weekly Report 2. Continued Milestone 1 report. Presentation slides for Milestone 1 presentation. Security research consolidation. | 9 |
Manuel Chico | Continued website hardening and software security research. research. Web server scans for vulnerabilities. Vulnerabilities documentation. Web server resiliency testing. | 8 |
Harrison Jones | Reviewing WordPress plugins and other software on the server and researching best practices. Continued working on defining security policy. | 8 |
George Barber | Started research paper draft. Created presentation slides outline. References addition to Zotero. Web server vulnerability testing. | 8 |
Joseph Gillespie | Continued to add and develop presentation website. Assisted with presentation slides. Web server vulnerability testing. | 8 |
Team Total | 41 |
Report Week: 9/04 to 9/10
Progress summary
Team meeting on 9/8/2023
IT Security Policy Plan draft created. Further research is needed to expand and solidify defined policies.
Meeting summary
Review of Milestone 1 tasks and discussion regarding the delegation of duties and responsibilities, as well as check-in times.
Key events
Started web server vulnerabilities scanning and research. Documentation and references included into Zotero. Remediation process and strategy development.
Member activities
Team member name | Major tasks and contributions | Workload (hours) |
|---|---|---|
Gilbert Voung | Weekly report 1. Began Milestone 1 report. | 7 |
Manuel Chico | Website hardening research. Web server scans for vulnerabilities. Software security research. | 8 |
Harrison Jones | Researching IT Security Policies. Researching security hardening tactics for web servers. Researching security hardening tactics specific to Red Hat Enterprise Linux. Establishing formatting and creating IT Security Policy draft | 6 |
George Barber | Zotero – References additions and formatting | 4 |
Joseph Gillespie | Presentation website development and additions | 4 |
Team Total | 29 |
Report Week: 8/28 to 9/03
Progress summary
Team meeting
Project plan draft
RACI chart creation
MS project creation
Gantt chart creation
Weekly Log creation
Website creation
Starting vulnerability scanning
Meeting summary
On September 1, 2023. The team met via Teams and discussed project plan, communication plans.
For now, we have created a show case website in Wiz and will make final determination on the platform during next week's meeting. The Team agreed to meet weekly every Friday at 18:00hrs EST via Teams. The meeting will be recorded and uploaded to the teams' channel in case anyone is not able to attend. Weekly communication will be done via Teams Chat.
Key events
Communication and responsibilities were established along with weekly team meetings.
Member activities
Team member name | Major tasks and contributions | Workload (hours) |
|---|---|---|
Gilbert Voung | Started project plan and began working on MS project and RACI chart. | 7 |
Manuel Chico | Changed server defaults user / pass. Brought up server and created showcase site. | 8 |
Harrison Jones | Researching common security issues with hosted websites and best practices related to website server security. Coordinating assignments and discussing project status with team. Including team meetings and meetings with sponsor regarding overall project. Working on MS Project file and RACI chart to create clearly defined roles based on task. | 7 |
George Barber | Researched server notifications through python scripting and potential server protection software | 3 |
Joseph Gillespie | Researched common website vulnerabilities and attack vectors as well as potential tools and technologies to address specific security concerns. | 5 |
Team Total | 30 |