modul 1 - intro to network security
DESCRIPTION
Modul 1 - Intro to Network SecurityTRANSCRIPT
![Page 1: Modul 1 - Intro to Network Security](https://reader034.vdocument.in/reader034/viewer/2022042514/563db82d550346aa9a9141a3/html5/thumbnails/1.jpg)
Network Security
PENS-ITS
Intro to Network Security
Network Security
![Page 2: Modul 1 - Intro to Network Security](https://reader034.vdocument.in/reader034/viewer/2022042514/563db82d550346aa9a9141a3/html5/thumbnails/2.jpg)
Network Security
PENS-ITS
Network Security In Action
ClientConfiguration DNS Network Services FTP/Telnet SMTP/POP Web Server
IP & PortScanning
Web Server Exploit Email Exploit DoS Attack Trojan Attack Sniffing
TrafficKeyStroke Logging
Password Cracking MITM Attack
Hardening Host
AntiVirus Applications
Using Firewall
Using GPG/PGP Using SSH Using
Certificate Using IPSec
System Log Analysis
Intrusion Detection System
HoneyPotSpyware
Detection and Removal
Backup and Restore
Finding Hidden Data
![Page 3: Modul 1 - Intro to Network Security](https://reader034.vdocument.in/reader034/viewer/2022042514/563db82d550346aa9a9141a3/html5/thumbnails/3.jpg)
Network Security
PENS-ITS
Why Secure a Network?
External attacker
A network security design protects assets from threats and vulnerabilities in an organized mannerTo design security, analyze risks to your assets and create responses
Corporate Assets
Internal attacker
Incorrect permissionsVirus
![Page 4: Modul 1 - Intro to Network Security](https://reader034.vdocument.in/reader034/viewer/2022042514/563db82d550346aa9a9141a3/html5/thumbnails/4.jpg)
Network Security
PENS-ITS
Computer Security Principles
• Confidentiality– Protecting information from exposure and
disclosure• Integrity
– Decrease possible problems caused by corruption of data
• Availability– Make information always available
![Page 5: Modul 1 - Intro to Network Security](https://reader034.vdocument.in/reader034/viewer/2022042514/563db82d550346aa9a9141a3/html5/thumbnails/5.jpg)
Network Security
PENS-ITS
Exploits (1)
• What is an Exploit?– Crackers break into a computer network by exploiting weaknesses in
operating system services.• Types of attacks
– Local– Remote
• Categories of exploits– 0-day ( new unpublished)– Account cracking– Buffer overflow– Denial of service– Impersonation
![Page 6: Modul 1 - Intro to Network Security](https://reader034.vdocument.in/reader034/viewer/2022042514/563db82d550346aa9a9141a3/html5/thumbnails/6.jpg)
Network Security
PENS-ITS
Exploits (2)
• Categories of exploits (cont.)– Man in the middle– Misconfiguration– Network sniffing– Session hijacking– System/application design errors
![Page 7: Modul 1 - Intro to Network Security](https://reader034.vdocument.in/reader034/viewer/2022042514/563db82d550346aa9a9141a3/html5/thumbnails/7.jpg)
Network Security
PENS-ITS
SANS Security Threats• SANS/FBI top 20 security
threats– http://www.sans.org/top20/
• Goals attackers try to achieve– Gain unauthorized access– Obtain administrative or
root level– Destroy vital data– Deny legitimate users
service– Individual selfish goals– Criminal intent
![Page 8: Modul 1 - Intro to Network Security](https://reader034.vdocument.in/reader034/viewer/2022042514/563db82d550346aa9a9141a3/html5/thumbnails/8.jpg)
Network Security
PENS-ITS
Security Statistics: Attack Trends
• Computer Security Institute (http://www.gocsi.com)• Growing Incident Frequency
– Incidents reported to the Computer Emergency Response Team/Coordination Center
– 1997: 2,134– 1998: 3,474 (75% growth from previous year)– 1999: 9,859 (164% growth)– 2000: 21,756 (121% growth)– 2001: 52,658 (142% growth)– Tomorrow?
![Page 9: Modul 1 - Intro to Network Security](https://reader034.vdocument.in/reader034/viewer/2022042514/563db82d550346aa9a9141a3/html5/thumbnails/9.jpg)
Network Security
PENS-ITS
Attack Targets
• SecurityFocus
– 31 million Windows-specific attacks
– 22 million UNIX/LINUX attacks
– 7 million Cisco IOS attacks
– All operating systems are attacked!
![Page 10: Modul 1 - Intro to Network Security](https://reader034.vdocument.in/reader034/viewer/2022042514/563db82d550346aa9a9141a3/html5/thumbnails/10.jpg)
Network Security
PENS-ITS
Hackers Vs Crackers
• Ethical Hackers vs. Crackers– Hacker usually is a programmer constantly seeks
further knowledge, freely share what they have discovered, and never intentionally damage data.
– Cracker breaks into or otherwise violates system integrity with malicious intent. They destroy vital data or cause problems for their targets.
![Page 11: Modul 1 - Intro to Network Security](https://reader034.vdocument.in/reader034/viewer/2022042514/563db82d550346aa9a9141a3/html5/thumbnails/11.jpg)
Network Security
PENS-ITS
Attack Type
![Page 12: Modul 1 - Intro to Network Security](https://reader034.vdocument.in/reader034/viewer/2022042514/563db82d550346aa9a9141a3/html5/thumbnails/12.jpg)
Network Security
PENS-ITS
Types of Attacks
Attacks
Physical AccessAttacks
--Wiretapping/menyadap
Server HackingVandalism/perusakan
Dialog Attacks--
Eavesdropping(Mendengar yg tdk boleh)
Impersonation(meniru)
Message AlterationMerubah message
PenetrationAttacks
(Usaha menembus)
Social Engineering--
Opening AttachmentsPassword Theft
Information Theft
Scanning(Probing)
Break-inDenial ofService
Malware--
VirusesWorms
![Page 13: Modul 1 - Intro to Network Security](https://reader034.vdocument.in/reader034/viewer/2022042514/563db82d550346aa9a9141a3/html5/thumbnails/13.jpg)
Network Security
PENS-ITS
Social Engineering• Definisi Social enginering
– seni dan ilmu memaksa orang untuk memenuhi harapan anda ( Bernz ), – Suatu pemanfaatan trik-trik psikologis hacker luar pada seorang user
legitimate dari sebuah sistem komputer (Palumbo)– Mendapatkan informasi yang diperlukan (misalnya sebuah password)
dari seseorang daripada merusak sebuah sistem (Berg).• Tujuan dasar social engineering sama seperti umumnya
hacking: mendapatkan akses tidak resmi pada sistem atau informasi untuk melakukan penipuan, intrusi jaringan, mata-mata industrial, pencurian identitas, atau secara sederhana untuk mengganggu sistem atau jaringan.
• Target-target tipikal termasuk perusahaan telepon dan jasa-jasa pemberian jawaban, perusahaan dan lembaga keuangan dengan nama besar, badan-badan militer dan pemerintah dan rumah sakit.
![Page 14: Modul 1 - Intro to Network Security](https://reader034.vdocument.in/reader034/viewer/2022042514/563db82d550346aa9a9141a3/html5/thumbnails/14.jpg)
Network Security
PENS-ITS
Bentuk Social Engineering• Social Engineering dengan telepon
– Seorang hacker akan menelpon dan meniru seseorang dalam suatu kedudukan berwenang atau yang relevan dan secara gradual menarik informasi dari user.
• Diving Dumpster – Sejumlah informasi yang sangat besar bisa dikumpulkan melalui company
Dumpster.• Social engineering on-line :
– Internet adalah lahan subur bagi para teknisi sosiaal yang ingin mendapatkan password
– Berpura-pura menjadi administrator jaringan, mengirimkan e-mail melalui jaringan dan meminta password seorang user.
• Persuasi– Sasaran utamanya adalah untuk meyakinkan orang untuk memberikan
informasi yang sensitif• Reverse social engineering
– sabotase, iklan, dan assisting
![Page 15: Modul 1 - Intro to Network Security](https://reader034.vdocument.in/reader034/viewer/2022042514/563db82d550346aa9a9141a3/html5/thumbnails/15.jpg)
Network Security
PENS-ITS
Penetration Attacks Steps
• Port scanner• Network enumeration• Gaining & keeping root / administrator access• Using access and/or information gained• Leaving backdoor• Attack
– Denial of Services (DoS) :Network flooding– Buffer overflows : Software error– Malware :Virus, worm, trojan horse– Brute force
• Covering his tracks
![Page 16: Modul 1 - Intro to Network Security](https://reader034.vdocument.in/reader034/viewer/2022042514/563db82d550346aa9a9141a3/html5/thumbnails/16.jpg)
Network Security
PENS-ITS
Scanning (Probing) Attacks
Probe Packets to172.16.99.1, 172.16.99.2, etc.
Internet
Attacker
Corporate Network
Host172.16.99.1
No Host172.16.99.2 No Reply
Reply from172.16.99.1
Results172.16.99.1 is reachable172.16.99.2 is not reachable…
![Page 17: Modul 1 - Intro to Network Security](https://reader034.vdocument.in/reader034/viewer/2022042514/563db82d550346aa9a9141a3/html5/thumbnails/17.jpg)
Network Security
PENS-ITS
Network Scanning
![Page 18: Modul 1 - Intro to Network Security](https://reader034.vdocument.in/reader034/viewer/2022042514/563db82d550346aa9a9141a3/html5/thumbnails/18.jpg)
Network Security
PENS-ITS
Denial-of-Service (DoS) Flooding Attack
Message Flood
ServerOverloaded ByMessage Flood
Attacker
![Page 19: Modul 1 - Intro to Network Security](https://reader034.vdocument.in/reader034/viewer/2022042514/563db82d550346aa9a9141a3/html5/thumbnails/19.jpg)
Network Security
PENS-ITS
DoS By Example
![Page 20: Modul 1 - Intro to Network Security](https://reader034.vdocument.in/reader034/viewer/2022042514/563db82d550346aa9a9141a3/html5/thumbnails/20.jpg)
Network Security
PENS-ITS
Dialog Attack
• Eavesdropping, biasa disebut dengan spoofing, cara penanganan dengan Encryption
• Impersonation dan message alteration ditangani dengan gabungan enkripsi dan autentikasi
![Page 21: Modul 1 - Intro to Network Security](https://reader034.vdocument.in/reader034/viewer/2022042514/563db82d550346aa9a9141a3/html5/thumbnails/21.jpg)
Network Security
PENS-ITS
Eavesdropping on a Dialog
Client PCBob Server
Alice
Dialog
Attacker (Eve) interceptsand reads messages
Hello
Hello
![Page 22: Modul 1 - Intro to Network Security](https://reader034.vdocument.in/reader034/viewer/2022042514/563db82d550346aa9a9141a3/html5/thumbnails/22.jpg)
Network Security
PENS-ITS
Password Attack By Example
![Page 23: Modul 1 - Intro to Network Security](https://reader034.vdocument.in/reader034/viewer/2022042514/563db82d550346aa9a9141a3/html5/thumbnails/23.jpg)
Network Security
PENS-ITS
Sniffing By Example
![Page 24: Modul 1 - Intro to Network Security](https://reader034.vdocument.in/reader034/viewer/2022042514/563db82d550346aa9a9141a3/html5/thumbnails/24.jpg)
Network Security
PENS-ITS
KeyLogger
![Page 25: Modul 1 - Intro to Network Security](https://reader034.vdocument.in/reader034/viewer/2022042514/563db82d550346aa9a9141a3/html5/thumbnails/25.jpg)
Network Security
PENS-ITS
Message Alteration
Client PCBob
ServerAlice
Dialog
Attacker (Eve) interceptsand alters messages
Balance =$1
Balance =$1 Balance =
$1,000,000
Balance =$1,000,000
![Page 26: Modul 1 - Intro to Network Security](https://reader034.vdocument.in/reader034/viewer/2022042514/563db82d550346aa9a9141a3/html5/thumbnails/26.jpg)
Network Security
PENS-ITS
Network Scanning dan Probing
![Page 27: Modul 1 - Intro to Network Security](https://reader034.vdocument.in/reader034/viewer/2022042514/563db82d550346aa9a9141a3/html5/thumbnails/27.jpg)
Network Security
Scanning nmap
• Scanning nmap dengan TCP paket
PENS-ITS
![Page 28: Modul 1 - Intro to Network Security](https://reader034.vdocument.in/reader034/viewer/2022042514/563db82d550346aa9a9141a3/html5/thumbnails/28.jpg)
Network Security
28
Flag
![Page 29: Modul 1 - Intro to Network Security](https://reader034.vdocument.in/reader034/viewer/2022042514/563db82d550346aa9a9141a3/html5/thumbnails/29.jpg)
Network Security
29
Three Way Handshake
![Page 30: Modul 1 - Intro to Network Security](https://reader034.vdocument.in/reader034/viewer/2022042514/563db82d550346aa9a9141a3/html5/thumbnails/30.jpg)
Network Security
Type Scanning
• connect scan• TCP SYN scan• TCP FIN scan• TCP Xmas Tree scan• TCP Null scan• TCP ACK scan• TCP Windows scan• TCP RPC scan• UDP scan
PENS-ITS
![Page 31: Modul 1 - Intro to Network Security](https://reader034.vdocument.in/reader034/viewer/2022042514/563db82d550346aa9a9141a3/html5/thumbnails/31.jpg)
Network Security
Tools Scanning• Netstat
Netstat merupakan utility yang powerfull untuk menngamati current state pada server, service apa yang listening untuk incomming connection, interface mana yang listening, siapa saja yang terhubung.
• NmapMerupakan software scanner yang paling tua yang masih dipakai sampai sekarang.
• NessusNessus merupakan suatu tools yang powerfull untuk melihat kelemahan port yang ada pada komputer kita dan komputer lain. Nessus akan memberikan report secara lengkap apa kelemahan komputer kita dan bagaimana cara mengatasinya.
PENS-ITS