300 likes | 413 Views
PERTEMUAN III Oleh : Fajar Y. Zebua. Administrator jaringan. NETWORK SECURITY. A network security design protects assets from threats and vulnerabilities in an organized manner To design security, analyze risks to your assets and create responses. WHY SECURE A NETWORK.
E N D
PERTEMUAN III Oleh : Fajar Y. Zebua Administrator jaringan
A network security design protects assets from threats and vulnerabilities in an organized manner • To design security, analyze risks to your assets and create responses WHY SECURE A NETWORK
Pihak yang tidak bertanggung-jawab: – memodifikasi situs Internet. – memanfaatkan kartu-kredit untuk belanja. – memalsukan email. – memalsukan transaksi e-commerce. – membuat virus komputer. – menyerang/memacetkan saluran internet. Ilustrasikasuskeamanan
Keperluan Sistem Informasi – penjaminan INTEGRITAS informasi. – pengamanan KERAHASIAN data. – pemastian KESIAGAAN sistem informasi. – pemastian MEMENUHI peraturan, hukum, dan bakuan yang berlaku. Isukeamanan
Confidentiality Protecting information from exposure and disclosure Integrity Decrease possible problems caused by corruption of data Availability Make Information always available Prinsipkeamanan
What is an Exploit? Crackers break into a computer network by exploiting weaknesses in operating system services. Types of attacks – Local –Remote Exploits (1)
Categories of exploits - 0-day ( new unpublished) - Account cracking - Buffer overflow - Denial of service - Impersonation Exploits (2) - Man in the middle - Misconfiguration - Network sniffing - Session hijacking - System/application design errors
Computer Security Institute (http://www.gocsi.com) • Growing Incident Frequency – Incidents reported to the Computer Emergency Response Team/Coordination Center - 1997: 2,134 - 1998: 3,474 (75% growth from previous year) - 1999: 9,859 (164% growth) - 2000: 21,756 (121% growth) - 2001: 52,658 (142% growth) - Tomorrow? Security Statistics: Attack Trends
Security Focus – 31 million Windows-specific attacks – 22 million UNIX/LINUX attacks – 7 million Cisco IOS attacks – All operating systems are attacked! Target serangan
Ethical Hackers vs. Crackers – Hacker usually is a programmer constantly seek further knowledge, freely share what they have discovered and never intentionally damage data. – Cracker breaks into or otherwise violates system integrity with malicious intent. They destroy vital data or cause problems for their targets. Hackers vs crackers
SOCIAL ENGINEERING Seni dan ilmu memaksa orang untuk memenuhi harapan anda ( Bernz ), Suatu pemanfaatan trik-trik psikologis hacker luar pada seorang userlegitimate dari sebuah sistem komputer (Palumbo) Mendapatkan informasi yang diperlukan (misalnya sebuah password)dari seseorang yang merusak sebuah sistem (Berg).
TUJUAN DASAR SE Tujuan dasar social engineering sama seperti umumnyahacking: mendapatkan akses tidak resmi pada sistem atauinformasi untuk melakukan penipuan, intrusi jaringan, matamataindustrial, pencurian identitas, atau secara sederhanauntuk mengganggu sistem atau jaringan.
TARGET Target-target tipikal termasuk perusahaan telepon dan jasa-jasapemberian jawaban, perusahaan dan lembaga keuangandengan nama besar, badan-badan militer dan pemerintah dan rumah sakit.
BENTUK SOCIAL ENGINEERING Social Engineering dengan telepon Diving Dumpster Social engineering on-line : Persuasi Reverse social engineering
Penetration Attacks Steps Footprinting (nslookup, whois, dig) Port scanner (nmap) Network enumeration (nullsession) : cari account name yangsah Gaining & keeping root / administrator access Using access and/or information gained Leaving backdoor Attack – Denial of Services (DoS) :Network flooding – Buffer overflows : Software error – Malware :Virus, worm, trojan horse – Brute force Covering his tracks (hapus jejak)
DIALOG ATTACK Eavesdropping, biasa disebut dengan spoofing,cara penanganan dengan Encryption Impersonation dan message alterationditangani dengan gabungan enkripsi danautentikasi
PORT SCANNING Port scanning adalah proses koneksi ke port-port TCP atauUDP pada host yang menjadi target untuk menentukan serviceapa yang sedang berjalan (Listening). Dengan mengidentifikasi port-port yang listening ini kita dapatmenentukan jenis aplikasi dan sistem operasi apa yangdipergunakan pada host tersebut. Service yang dalam status listening ini memungkinkan orangyang tidak berhak menerobos ke dalam host tersebut
WELL KNOWN PORTS A list of commonly used well known ports are . • Port 20 – FTP, data • Port 21 – FTP, control • Port 22 – SSH • Port 23 – Telnet • Port 25 – SMTP • Port 53 – DNS • Port 80 - HTTP
TOOLS SCANNING Netstat NMAP Nessus
HTTP ATTACK http://www.sans.org/top-cyber-security-risks/
SQL INJECTION ATTACKS http://www.sans.org/top-cyber-security-risks/
Who does the best job of protecting data onComputers Source: Information Technology Association of America, Arlington, Va.Only 0.4% of a company's revenue, on average, is dedicated to information security in the U.S. By 2011, however, that figure will accelerate tenfold to 4% of revenue for U.S. companies, according to Gartner Inc.'s total cost of ownership model for information security.
CYBERCRIME http://www.enigmasoftware.com/top-20-countries-the-most-cybercrime/