Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
|
? ?
r
. Name : Harry Chan Putra. SP. MTCNA
. Country : Indonesia
--- Graduate at Agronomi 2005
--- Work : Engginering On Site PT. Telkom. Tbk
--- Administrator of http://www.harrychanputra.web.id
--- Aktivis : a. Kelompok Pengguna Linux Indonesia Padang
b. MinangCrew
--- Advisor : -- Telkom Security Report
-- Bug Report to securitytracker.com with MinangCrew
--- Certificate : -- Basic and Advance Linux Training Apkomindo
-- Mikrotik Fundamental With Citraweb
-- Fundamental Cisco Inixindo
O
r
r
r
r
Konsep
Konfigurasi
Security
Membangun router
KONSEP
2
r
r
r
Kerahasiaan
Integritas
Ketersediaan
r
Eksternal
]
]
]
]
]
Internal
]
]
Pengguna Layanan
Accidents
2
r
Buffer overflows
]
Software error
Malware
]
Network flooding
Social Engineering
Brute force
Information gathering
Port scanner
Network enumeration
Gaining & keeping root / administrator access
Using access and/or information gained
Leaving backdoor
Covering his tracks
r
-
O
O
KONFIGURASI
Security
O
@
@
r
r
r
r
r
r
r
Packet filter
Stateful
Application proxy firewalls
Implementation:
]
]
]
r
r
r
Chown
Chmod
Chgrp
-
r
Social Engineering
r
Electronic Social
engineering: phising
mig
Host
whois
r
Nmap
]
Which application
running
O
r
Icmp
]
]
Ping
traceroute
r
r
misable unnecessary
services and closing
port
]
]
netstat nlptu
Xinetd
Bebahaya karena :
r
Orang bisa masuk kapan saja
r
Server jadi terbuka untuk serangan
r
Semua yang berbau kegiatan hacking
dikerjakan oleh rootkit :
Linux untuk protek spoofing
r /etc/network/options
r
Spoofprotect=yes
/etc/init.d/networking restart
2
r
r
r
r
ImS
IPS
Honeypots
firewall
@
Snort
O @r
Facility
mate/Time
Jan 1 04:07:23
]
]
]
]
]
]
]
]
]
]
]
]
]
]
]
]
user
Severity
alert
Message
kernel: Intrusion -> IN=ppp_8_81_1 OUT= MAC= src=122.116.17.144 mST=125.162.87.79
LEN=40 TOS=000 PREC=000 TTL=113 Im=336 PROTO=TCP SPT=10391 mPT=1080 WINmOW=32 RES=000 SYN
URGP=0
Jan 1 04:17:35
user
alert
LEN=48 TOS=000 PREC=000 TTL=127 Im=2257 mF PROTO=TCP SPT=3072 mPT=139 WINmOW=64800 RES=000 SYN
URGP=0
Jan 1 04:25:33
user
alert
LEN=48 TOS=000 PREC=000 TTL=114 Im=54968 PROTO=TCP SPT=48832 mPT=1080 WINmOW=65535 RES=000 SYN
URGP=0
Jan 1 04:36:02
user
alert
LEN=52 TOS=000 PREC=000 TTL=50 Im=23868 mF PROTO=TCP SPT=12513 mPT=139 WINmOW=60352 RES=000 SYN
URGP=0
Jan 1 04:46:22
user
alert
LEN=48 TOS=000 PREC=000 TTL=111 Im=21235 mF PROTO=TCP SPT=2084 mPT=1433 WINmOW=65535 RES=000
SYN URGP=0
Jan 1 04:55:22
user
alert
LEN=48 TOS=000 PREC=000 TTL=125 Im=50280 mF PROTO=TCP SPT=2456 mPT=445 WINmOW=64800 RES=000 SYN
URGP=0
Jan 1 05:05:26
user
alert
LEN=48 TOS=000 PREC=000 TTL=127 Im=46298 mF PROTO=TCP SPT=1545 mPT=135 WINmOW=64800 RES=000 SYN
URGP=0
Jan 1 05:16:50
user
alert
LEN=48 TOS=000 PREC=000 TTL=127 Im=21198 mF PROTO=TCP SPT=3555 mPT=135 WINmOW=64800 RES=000 SYN
URGP=0
Jan 1 05:28:43
user
alert
LEN=48 TOS=000 PREC=000 TTL=126 Im=11916 mF PROTO=TCP SPT=2536 mPT=135 WINmOW=16384 RES=000 SYN
URGP=0
Or
Upgrade application
Active reaction (ImS = passive)
Implementation:
]
]
Portsentry
hostsentry
m
@ O
O
Virus
Worm
Trojan horse
Spyware
On email server :
r
r
r
On Proxy server
]
O
]
]
]
]
@
r
r
r
Aturan Password
Penggunaan karakter password
Password file security
]
Password audit
]
/etc/passwd, /etc/shadow
John the ripper
Centralized password
Individual password management
@ @
r
r
Telnet vs SSH
VPN
]
Ipsec
r
r
]
]
]
Freeswan
Racoon
CIPE
PPTP
OpenVPN
ROUTER
.
D
u
1. Free Software
- Linux distro ( Redhat, Suse, Mandrake )
- BSm distribusinya ( FreeBSm,NetBSm,
OpenBSm )
- Open Solaris
2. Propritiary Software
- Windows ( Windows 2000, Windows 2003 )
- Mikrotik ( version 2.xxx 3.xxx ) dan berdasarkan level
lisensi
r -
System Operasi komputer yang
merupakan clonning UNIX
Yang membuat beroperasinya sebuah
Mesin ( Personal Computer ).
-
]
]
]
]
-
-u
]
]
]
]
@
D
]
]
Bebas di muplikasi/Copy
Bebas di Ubah/Modifikasi
Bebas di distribusi/jual/sewa
-
u
@
-u
]
Aplikasi Server
r
Aplikasi desktop
r
r
r
m m
u
u
-
u
u
]
Linux/ BSm relatif jauh lebih tahan terhadap Virus dibanding dengan
sistem operasi Microsoft Windwos/NT/2000
Linux / BSm mewarisi sistem keamanan yang paling tinggi dari sistem
operasi UNIX, jauh sebelum Microsoft Windows dikenal orang
Berbagai pengalaman telah membutktikan kestabilan Linux dan BSm,
perlakuan 'restart' hampir tidak pernah ditemui.
NO Blue Screen
O
]
]
]
]
Tahapan Instalasi
Tahapan Konfigurasi
Tahapan Optimalisasi
Monitoring router
2
r
]
-
-
2
O r
m
Gateway mode jika kita ingin menginstall system menjadi jembatan dua network dengan mengaktifkan
firewall
Standalone mode ditujukan untuk server local network, hanya satu network card disarankan pada mode
ini.
192.168.1.2
255.255.255.0
192.168.1.1
192.168.1.1
r @2@
192.168.0.254
255.255.255.0
m
proxy
e-com.war.net.id
2
2
2
-2
O
2
]
O @
@@r@
- O
- 2
2
]
Cek Koneksi
#ipstate
O
O
]
]
]
]
Tahapan Instalasi
Tahapan Configuration
Tahapan Pengoptimalan
Monitoring Router
2
r
]
O
2
]
/Interface Set 1
r @
Set Ip Address
/ip address add address=192.168.1.2 netmask= 255.255.255.0
interface=Public Comment=Link To Modem
/ip address add address=192.168.0.254 netmask= 255.255.255.0
interface=Local Comment=Link Lan
r
r
Setup Ip-Web-Proxy
Y
Y
Y
YY
Y
Y
YY
Y!
Y"#$Y
2
- 2
u% ,Y-uY%
Y
+*+#
Y ,.
Y
Y-Y
%//
%,///
Y '0120Y
%/%/
Y Y
- O
%%
Y
90u
;"+"8<5
90uY&
YY %%&
%&
%
YY"+#*5
%%&
%=
2
]
The End
Bye-Bye