Web SevChat

connecting Java to Erlang just because we can

System Diagram of SevChat

Problem Statement

In my distributed systems BCIT option, I learned Java Stripes web framework and Erlang functional language. Naturally, I was curious about ways to connect the two together.

Project Description

The chat application uses the following components:

  • to handle chat messages and send them to users, Erlang sevchat_server,
  • to send and receive messages to/from Erlang server, java classes with OTP Erlang library,
  • to handle clients webpage functionality, stripes framework and javascript/AJAX,
  • to create and store clients logins, Erlang node settings, etc; postgreSQL database.

The user are able to do the following:

  • register themselves with their username, password, and name,
  • log in with their username and password,
  • view all connected users,
  • chat with all connected users,
  • and send private messages to selected users.

Finally, all messages are logged in PostgreSQL database.

Project Outcomes

The system works and is available on github. Also, check out Erlang server source and client source. The full report is available here.

comments


WinRx Assurance Bridge

allowing pharmacy applications to securely exchange health data
- posted on January 12, 2012 by Vsevolod Geraskin in projects about .net6 soap1 http6 xml2 tls/ssl6 security7

Problem Statement

Clients were double-entering same information into both their WinRx pharmacy management software and Assurance EMR system.

Project Description

WinRx-Assurance communications software is a secure application written in .NET that exchanges pharmacy health data between WinRx pharmacy software and Assurance EMR system. Working application required creating a communication framework between WinRx pharmacy software and Assurance system based on Assurance API data requirements and WinRx data model.

Project Outcomes

The software was deployed at several client sites, allowing quick and secure way to share application data between WinRx pharmacy management software and Assurance EMR system.

comments


Web Medadmin System

assisting nurses with scheduled medication procedures in a care home environment
- posted on July 3, 2011 by Vsevolod Geraskin in projects about .net6 sql server2 crystal reports1

WinMMR screenshot

Problem Statement

Nursing procedures at many care homes are inefficient. For example, recording scheduled medications given out to patients, reporting, and other day-to-day repetitive tasks are done manually. Furthermore, data exchanges between care homes and their dispensing pharmacies are often inaccurate due to human errors.

Project Description

I wrote Medadmin System on pharmacy client’s request in order to assist nurses with giving out daily scheduled medications, recording patients’ pain and reactions, and reporting in a care home environment. The online medadmin software is developed in .NET, and consists of the following components:

  • SQL Server database,
  • ASP.NET Web Services,
  • .NET Web User Interface,
  • and Crystal Reports.

Project Outcomes

The Medadmin system was deployed at a client site, but a decision was made to proceed with os-based software instead of this web-based product.

comments


Covert Backdoor

testing Linux systems for software firewall vulnerabilities
- posted on June 25, 2011 by Vsevolod Geraskin in projects about c5 tcp/ip3 linux3 http6 security7

Covert Backdoor Network Diagram

Problem Statement

All companies face challenges of securing their electronic data. Software firewalls often have vulnerabilities which allow exfiltration of sensitive data by malicious software. During my time at BCIT, we examined whether software firewall alone is sufficient to prevent and/or track loss of data if the target machine is compromised.

Project Description

This project implements a complete covert application that allows a user to communicate with a disguised backdoor application on a compromised machine around the software firewall and issue commands remotely. The backdoor application will accept commands and execute them; the results of the command execution will be sent back to the remote client application.

The system works as follows:

  • Using libpcap at both the client and the compromised server, we bypass the software firewall.
  • The packets will arrive to the covert collector on port 80 with certain parameters.
  • The command packet will arrive to the backdoor on a random port with certain parameters.
  • Backdoor has a separate thread that sends SYNs to the covert collector to let it know its ready to receive commands.
  • The backdoor process is masked.
  • The temporary files are shredded off the system after sending and the backdoor program shreds itself out upon receiving a certain command.
  • Crafting custom TCP packets according to our covert channel design.
  • Inotify is used to monitor a defined directory for new files, then send those files to the covert collector.

Project Outcomes

The covert collector and the backdoor application communicate through a covert channel that mimics HTTP protocol, thus possibly escaping notice by network admins. Furthermore, libpcap packet capture library allows our channel to bypass software firewalls. If anything, the project demonstrated that software firewalls alone will not prevent the loss of data from a compromised system.

comments