ASSURING RELIABLE AND SECURE IT SERVICE

1. ASSURING RELIABLE AND SECURE IT SERVICE PPM BUSINESS SCHOOL MM-46 JANUARY 16, 2010 LECTURER: HENRY CHRISTIANTO, ST., MTI

2. INTRODUCTION HACKER IS EVERYWHERE…. IS THAT INTERNET SAVE ?

3. Big Iron S D Source : Austin, Robert D.; Leibrock , Larry; Murray, Alan, “ The iPremier Company: Denial of Service Attack (A), ” Harvard Business School Case No. 601 - 114. LEARN FROM iPREMIER Qdata Facility D Qdata Private Network U P P R E L O W E R N O M A R VPN Cust A S D Ethernet Switch Router- Cust A DNS Servers VPN Cust B To Public Internet Router- Cust B D S VPN Cust ... S D Router- Cust ... Internet Router Network Management VPN iPremier Company iPremier Co Cage S D Router Firewall Web Accelerator Router to HO T1 Ethernet Switches S D S D S D Web Server Cluster SMTP/POP Network Server Management Database Server DIAGRAM SIMPLIFIED FOR ILLUSTRATION PURPOSES Chapter 5 Figure 5 - 7

4. 75 MINUTES ATTACK • TRIAL 1 : RESTART WEB SERVER • RESULT : FAILED • RECOMENDATION : PULL THE PLUG SERVER IS RUNNING, ATTACK STOPPED 4.31 am 4.39 am 5.27 am 5.46 am • WEB SITE LOCKED • FLOODING E-MAIL • ANALYZE: SYN FLOOD • DoS ATTACK • TRIAL 2 : • SHUTTING DOWN TRAFFIC • RESULT : FAILED

7. MANAGING RISK BEFORE INCIDENT DURING INCIDENT AFTER INCIDENT

8. THANK YOU