Keamanan
Jaringan Kecil
Internet Services
With
Harry Chan Putra. SP. MTCNA
harrychanputra.sp@gmail.com
http://harrychanputra.web.id
Introduction
. Name : Harry Chan Putra. SP. MTCNA
. Country : Indonesia
--- Graduate at Agronomi 2005
--- Work : Engginering On Site PT. Telkom. Tbk
--- Administrator of http://www.harrychanputra.web.id
--- Aktivis : a. Kelompok Pengguna Linux Indonesia Padang
b. MinangCrew
--- Advisor : -- Telkom Security Report
-- Bug Report to securitytracker.com with
MinangCrew
--- Certificate : -- Basic and Advance Linux Training
Apkomindo
-- Mikrotik Fundamental With Citraweb
-- Fundamental Cisco Inixindo
Materi
Konsep
Konfigurasi
Security
Membangun router
KONSEP
Timbulnya masalah
keamanan
Kerahasiaan
Integritas
Ketersediaan
Pelakunya
Eksternal
Internal
Pengguna Layanan
Accidents
Tipe Serangan
Buffer overflows
Software error
Malware
Network flooding
Social Engineering
Brute force
Information gathering
Port scanner
Network enumeration
Gaining & keeping root / administrator access
Using access and/or information gained
Leaving backdoor
Covering his tracks
Bagaimanan Cara
Mengamankan
KONFIGURASI
Security
Mengapa ?
Firewall
Packet filter
Stateful
Application proxy firewalls
Implementation:
Firewall rules
Chown
Chmod
Chgrp
Amankan Information
gathering
Bagaimana
Social Engineering
Electronic Social
engineering: phising
Menggunakan Informasi
Umum
Dig
Host
whois
Port scanning
Nmap
Which application
running
Network Mapping
Icmp
Ping
traceroute
Limiting Published
Information
Disable unnecessary
services and closing
port
netstat nlptu
Xinetd
Rootkit
Bebahaya karena :
Spoofprotect
Linux untuk protek spoofing
/etc/network/options
Spoofprotect=yes
/etc/init.d/networking restart
Tindakan Pengatisipasian
DDOS
IDS
IPS
Honeypots
firewall
Akibat DDOS
Intrusion Detection
Software (IDS)
Snort
Date/Time
Facility
Jan 1 04:07:23
LEN=40 TOS=000 PREC=000 TTL=113 ID=336 PROTO=TCP SPT=10391 DPT=1080 WINDOW=32 RES=000 SYN
URGP=0
Jan 1 04:17:35
LEN=48 TOS=000 PREC=000 TTL=127 ID=2257 DF PROTO=TCP SPT=3072 DPT=139 WINDOW=64800 RES=000 SYN
URGP=0
Jan 1 04:25:33
LEN=48 TOS=000 PREC=000 TTL=114 ID=54968 PROTO=TCP SPT=48832 DPT=1080 WINDOW=65535 RES=000 SYN
URGP=0
Jan 1 04:36:02
LEN=52 TOS=000 PREC=000 TTL=50 ID=23868 DF PROTO=TCP SPT=12513 DPT=139 WINDOW=60352 RES=000 SYN
URGP=0
Jan 1 04:46:22
LEN=48 TOS=000 PREC=000 TTL=111 ID=21235 DF PROTO=TCP SPT=2084 DPT=1433 WINDOW=65535 RES=000
SYN URGP=0
Jan 1 04:55:22
LEN=48 TOS=000 PREC=000 TTL=125 ID=50280 DF PROTO=TCP SPT=2456 DPT=445 WINDOW=64800 RES=000 SYN
URGP=0
Jan 1 05:05:26
LEN=48 TOS=000 PREC=000 TTL=127 ID=46298 DF PROTO=TCP SPT=1545 DPT=135 WINDOW=64800 RES=000 SYN
URGP=0
Jan 1 05:16:50
LEN=48 TOS=000 PREC=000 TTL=127 ID=21198 DF PROTO=TCP SPT=3555 DPT=135 WINDOW=64800 RES=000 SYN
URGP=0
Jan 1 05:28:43
user
user
user
user
user
user
user
user
user
Severity
alert
alert
alert
alert
alert
alert
alert
alert
alert
Message
kernel: Intrusion -> IN=ppp_8_81_1 OUT= MAC= src=122.116.17.144 DST=125.162.87.79
Mikrotik IDS
Intrusion Preventions
Software (IPS)
Upgrade application
Active reaction (IDS = passive)
Implementation:
Portsentry
hostsentry
Honeypots
(http://www.honeynet.org)
Malware
Virus
Worm
Trojan horse
Spyware
On email server :
On Proxy server
Monitoring network
Firewall Check
Aturan Password
Penggunaan karakter password
Password file security
Password audit
/etc/passwd, /etc/shadow
John the ripper
Centralized password
Individual password management
Remote access
Telnet vs SSH
VPN
Ipsec
Freeswan
Racoon
CIPE
PPTP
OpenVPN
ROUTER
PC - Router
Pc yang di installkan system operasi yang memiliki
fungsi sebagai router/gw atau dedicated router.
System Operasi
1. Free Software
- Linux distro ( Redhat, Suse, Mandrake )
- BSD distribusinya ( FreeBSD,NetBSD,
OpenBSD )
- Open Solaris
2. Propritiary Software
- Windows ( Windows 2000, Windows 2003 )
- Mikrotik ( version 2.xxx 3.xxx ) dan berdasarkan
level lisensi
Bagaimana Linux
berkembang ?
Bagaimana BSD
berkembang ?
Bebas di Duplikasi/Copy
Bebas di Ubah/Modifikasi
Bebas di distribusi/jual/sewa
Bagaimana dg Software
Aplikasi di Linux dan
BSD?
Aplikasi Server
Aplikasi desktop
Desktop : KDE
Bagaimana dengan
VIRUS,
Security, Kestabilan ?
Membangun Pc-router
Clackconect Standar
Tahapan Instalasi
Tahapan Konfigurasi
Tahapan Optimalisasi
Monitoring router
Tahapan Instalasi
Booting Proses
Pemilihan Bahasa
Pemilihan Setup
Pemilihan Gateway /
Standalone
Gateway mode jika kita ingin menginstall system menjadi jembatan dua network dengan
mengaktifkan firewall
Standalone mode ditujukan untuk server local network, hanya satu network card
disarankan pada mode ini.
192.168.1.2
255.255.255.0
192.168.1.1
192.168.1.1
192.168.0.254
255.255.255.0
Set Hostname PC
proxy
e-com.war.net.id
Pemilihan Date/Time
Tempat penginstalan
Tahapan Penginstalan
Menu Login
Tahapan Konfigurasi
Menu Awal
Setup DANSGUARDIAN
Bandwith Management
Firewall
Blocking Peer-To-Peer
Tahapan Optimalisasi
Monitoring System
Monitoring Trafik
Cek Koneksi
#ipstate
Membangun Pc-router
Mikrotik Standar
Tahapan Instalasi
Tahapan Configuration
Tahapan Pengoptimalan
Monitoring Router
Tahapan Instalasi
Menu Shell
Tahapan Configurasi
/Interface Set 1
Set Ip Address
Set Ip Address
/ip address add address=192.168.1.2 netmask= 255.255.255.0
interface=Public Comment=Link To Modem
/ip address add address=192.168.0.254 netmask= 255.255.255.0
interface=Local Comment=Link Lan
Set Ip route to Gw
Set Ip-WebProxy
Setup Ip-Web-Proxy
ip web-proxy set enabled=yes port=8080 hostname="proxy.admin.war.net.id" transparentproxy=yes parent-proxy=0.0.0.0:0 cache-administrator="webmaster@admin.war.net.id" maxobject-size=4096KiB cache-drive=system max-cache-size=1048576KiB max-ram-cachesize=unlimited
Transparan proxy
disabled=no
disabled=no
Bandwith Manajemen
Tahapan Optimalisasi
Monitoring Trafik
http://harrychanputra.web.id
Harrychanputra.sp@gmail.com
Thanks to :
- Primadonal - http://primadonal.wordpress.com
- Harinto - http://harinto.wordpresss.com
- Tommy Owner Central.Net
- Hengky Owner Vega.Net
- All Team C4 and EOS Telkom
Atas uji coba router2nya dan tempat usahanya
The End
Bye-Bye