SoftwareSecurity2012/Group 4/Log

Uit Werkplaats
Ga naar: navigatie, zoeken

Log

Date Who What Hours
23-03-2012 Christiaan, Kevin, Bas, Willem Starting setup of wiki pages, registering group and talk about subject preferences. 2
23-03-2012 Christiaan, Kevin, Bas, Willem Determining to focus on the Private Messaging module security 0.5
04-04-2012 Christiaan, Kevin, Bas, Willem Installing Apache, MySQL and PHP.
Installing FluxBB.
Installing New Private Message System modification.
Installing and testing RIPS 0.53 and Yasca (with the RATS and PHPLint plugins).
Reporting our findings on the wiki.
6
11-04-2012 Christiaan, Kevin, Bas, Willem Reviewing and complementing Trying Out Code Scanners text.
Writing install guides for RIPS and Yasca
Reading OWASP AVSV document (partially)
Getting raw results for RIPS and Yasca including difference file
Start with manual review of results
Documenting findings of manual review of RIPS on wiki
6
20-04-2012 Christiaan, Kevin, Bas, Willem Verifying the RIPS and Yasca results manually and completing the code scanner results page.
Further reading of the ASVS 2009 documentation and started on manually checking code.
4
11-05-2012 Christiaan, Kevin, Bas, Willem Corrected the initial code scanning result analysis based on the feedback we have got from Erik, Started with the manual analysis of OWASP ASVS guideline points.
Christiaan and Kevin started looking at V5, V6 and V8. Willem and Bas started looking at V2, V3 and V4
8
15-05-2012 Christiaan, Kevin, Bas, Willem Continued with the manual analysis (code review) using the OWASP ASVS guideline.
Began writing down results on the WIKI, including forming a verdict on the security requirements.
Some small modifications to the reflection on code scanners page.
8
08-06-2012 Christiaan, Kevin, Bas, Willem Continued writing down results on the WIKI, including forming a verdict on the security requirements.
Wrote our used method on the main page. Cleaned up the main page.
Start writing the documentation we would have wanted about the FluxBB forum.
Some small extensions to the reflection on code scanners page.
8
12-06-2012 Christiaan Continued writing which documentation we would have liked 3
13-06-2012 Christiaan Continued writing which documentation we would have liked 3
15-06-2012 Kevin, Bas, Willem Finished the verdict of the security requirements.
Wrote reflection of the code scanners.
Wrote reflection of the project as a whole.
Started preparation for the presentation, presentation slides and contents.
6

Planning

Date Who What
23-3-2012 Christiaan, Kevin, Bas, Willem Starting up project.
30-3-2012 Christiaan, Kevin, Bas, Willem Trying out code scanners, installing FluxBB etc.
6-4-2012 Christiaan, Kevin, Bas, Willem Installing module. See what the scanners give as result and getting to know the code of the module.
20-4-2012 Christiaan, Kevin, Bas, Willem Deadline source code analysis and code scanner report.
27-4-2012 Christiaan, Kevin, Bas, Willem Lecture with discussion about the project.
19-6-2012 Christiaan, Kevin, Bas, Willem Last small additions to the project wiki pages.
21-6-2012 Christiaan, Kevin, Bas, Willem Deadline project.
21-6-2012 Christiaan, Kevin, Bas, Willem Preparing presentation.
22-6-2012 Christiaan, Kevin, Bas, Willem Presentation of the project results.