Difference between revisions of "Keamanan Jaringan"

From OnnoWiki
Jump to navigation Jump to search
 
(71 intermediate revisions by the same user not shown)
Line 1: Line 1:
 +
==Teori==
 +
 
* [[Peta Teknologi Network Security]]
 
* [[Peta Teknologi Network Security]]
 +
* [[Cyber Defence]]
 +
* http://www.owasp.org/index.php/Category:Principle - Prinsip Keamanan Aplikasi
 +
* [[Trend Keamanan Internet Indonesia 2010]]
 +
* [[20 Linux Server Hardening Security Tips]]
 +
* http://www.cyberciti.biz/tips/php-security-best-practices-tutorial.html
 +
* [[Linux Security Howto]]
 +
* [[Security: Basic OS Security]]
 +
 +
==Manajemen==
 +
 +
* [[Framework Cybersecurity]]
 +
 +
==Network Security Appliance==
 +
 +
Untuk yang tidak mau pusing menginstalasi berbagai [[software]] / aplikasi [[network security]], dapat menggunakan appliance yang sudah jadi.
 +
 +
* [[Cyberoam]]
 +
 +
* [[ipcop]]
 +
* [[smoothwall]]
 +
* [[ebox]]
 +
 +
==Evaluasi Jaringan==
 +
 +
* [[Meneropong Situs e-banking]]
 +
* [[Menggunakan whois]]
 +
* [[Instalasi PacketTracer Cisco di Ubuntu]]
 +
 +
===Security Test===
 +
 +
* http://sectools.org/web-scanners.html
 +
* http://www.cirt.net/nikto2
 +
* http://www.parosproxy.org/
 +
* http://sectools.org/web-scanners.html
 +
* http://sectools.org/vuln-scanners.html
 +
 +
Acunetix, Retina Network Security Scanner,  Network Security Auditor, dll dapat menganalisa dan memberikan report /
 +
generate report secara akurat dan profesional.
  
 
==Network Security==
 
==Network Security==
  
 +
* [[Beberapa Tip Hacking]]
 
* [[Teknik Memblok Situs Tidak Baik]]
 
* [[Teknik Memblok Situs Tidak Baik]]
 
* [[Memblok Situs Porno Menggunakan Content Filter di Firefox Windows]]
 
* [[Memblok Situs Porno Menggunakan Content Filter di Firefox Windows]]
* [[Trend Keamanan Internet Indonesia 2010]]
+
* [[11 Kelemahan Yang Kerap Tidak Disadari Admin Jaringan]]
* [[Beberapa Tip Hacking]]
+
* [[DDos: Langkah Mengatasi Serangan DDoS]]
* [[Meneropong Situs e-banking]]
+
* [[Cloud: Tujuh Resiko Keamanan pada Cloud-Computing]]
* http://awarmanf.wordpress.com/2009/12/23/membuat-linux-kebal-arp-poisoning-arp-spoofing/
+
 
* http://www.go2linux.org/fedora-centos-root-password-recovery - kalau lupa password root
+
===HoneyPot / HoneyNet===
* [[Instalasi PacketTracer Cisco di Ubuntu]]
+
 
 +
* [[Honeypot]]
 +
 
 +
===Mail Security===
 +
 
 +
* [[Postfix: Konfigurasi relayhost dengan Authentikasi]]
 +
* [[Block Spam Menggunakan Postfix]]
 +
* [[Blok Spam Menggunakan Postfix dan Bogofilter]]
 +
* [[Instalasi MailScanner]]
 +
* http://www.scamnailer.info/
 +
* [[Teknik Anti Spam]]
 
* [[Melihat Header e-mail]]
 
* [[Melihat Header e-mail]]
* [[Menggunakan whois]]
 
* [[Teknik Mengatasi SQL Injection]]
 
  
 
===Firewall & Blokir Situs===
 
===Firewall & Blokir Situs===
Line 22: Line 71:
 
* [[Edit Konfigurasi Pemblokiran Dansguardian]]
 
* [[Edit Konfigurasi Pemblokiran Dansguardian]]
 
* [[Instalasi phpSHIELD]]
 
* [[Instalasi phpSHIELD]]
* http://awarmanf.wordpress.com/2009/12/23/membuat-linux-kebal-arp-poisoning-arp-spoofing/
+
* http://www.fail2ban.org/wiki/index.php/Main_Page - Deteksi Serangan & Ban automatis
* http://techno-os.net/info-tutorials/hacking/pemutus-jaringan-lan-di-linux-dengan-technocut/
+
* [[Zero Trust Network Access (ZTNA)]]
* [[Anti NetCut]]
 
  
 
===Network Monitoring & Intrution Detection===
 
===Network Monitoring & Intrution Detection===
 +
* [[Suricata]]
 
* [[Instalasi Nessus]]
 
* [[Instalasi Nessus]]
 
* [[Instalasi Nessus Client]]
 
* [[Instalasi Nessus Client]]
Line 36: Line 85:
 
* http://www.endace.com/cyber-security-monitoring.html
 
* http://www.endace.com/cyber-security-monitoring.html
 
* [[Snorby Preconfigured Security Application]]
 
* [[Snorby Preconfigured Security Application]]
* [[Instalasi MailScanner]]
+
* http://www.linux-sec.net/IDS/ ([[IDS]])
 +
* http://www.monkey.org/~dugsong/talks/ids/ ([[IDS]]).
 +
* http://www.cert.org/tech_tips/intruder_detection_checklist.html ([[IDS]])
 +
* http://www.robertgraham.com/pubs/network-intrusion-detection.html ([[IDS]])
 +
* http://www.sans.org/newlook/resources/IDFAQ/ID_FAQ.htm ([[IDS]])
 +
* [[Linux Monitoring Tool]]
  
===Security Test===
+
====Pertahanan untuk NetCut====
  
* http://sectools.org/web-scanners.html
+
* [[Pertahanan Melawan ARP spoofing di Linux]]
* http://www.cirt.net/nikto2
+
* [[Membuat Linux Kebal ARP Poisoning ARP Spoofing]]
* http://www.parosproxy.org/
+
* [[Pemutus jaringan LAN di linux dengan TechnoCut]]
 +
* [[Anti NetCut]]
 +
* [[tuxcut]]
  
 
===Secure Connection===
 
===Secure Connection===
 +
* http://www.madboa.com/geek/gpg-quickstart/#keyintro - GPG Key
 
* [[Virtual Private Network]] ([[VPN]])
 
* [[Virtual Private Network]] ([[VPN]])
 
* [[Instalasi dan Konfigurasi rsync]] untuk backup antar mesin
 
* [[Instalasi dan Konfigurasi rsync]] untuk backup antar mesin
Line 55: Line 112:
 
* [[Ubah Nomor Port sshd]]
 
* [[Ubah Nomor Port sshd]]
  
===Anti Virus===
+
===Authentikasi===
* [[Instalasi antivirus clamav]]
+
 
 +
* [[openldap]]
  
 
===Mematikan Mesin Windows Jarak Jauh===
 
===Mematikan Mesin Windows Jarak Jauh===
Line 66: Line 124:
 
* http://blog.beausanders.com/?q=node/8
 
* http://blog.beausanders.com/?q=node/8
  
===Patch SQL Injection===
+
==OS Security==
 +
 
 +
* http://www.go2linux.org/fedora-centos-root-password-recovery - kalau lupa password root
 +
* [[Enkripsi Disk]]
 +
* [[20 Linux System Monitoring Tool]]
 +
* [[Cyber Security: Detect and remove trojans in a Linux operating system]]
 +
 
 +
===Anti Rootkit===
 +
 
 +
* [[Rootkit Hunter]]
 +
* [[chkrootkit]]
 +
 
 +
===Anti Virus===
 +
* [[Instalasi antivirus clamav]]
 +
* [[Scan File dan URL Secara Online]]
 +
* [[Virus]]
 +
* [[Anti Virus]]
 +
 
 +
===Host based IDS===
 +
 
 +
* [[Tripwire]]
 +
* [[systraq]]
 +
 
 +
===RaspberryPi Pentest===
  
* http://artikel.xcode.or.id/patch-sql-injection-session-1-cmsmadesimple/
+
* http://resources.infosecinstitute.com/pentesting-distributions-and-installer-kits-for-your-raspberry-pi/
* http://www.xp-solution.com/patch-sql-injection-session-1-cmsmadesimple/
+
* http://www.raspberrypi.org/downloads
* http://artikel.xcode.or.id/patch-sql-injection-session-2-cmsmadesimple/
+
* https://github.com/g13net/PwnBerryPi.git
* http://www.xp-solution.com/patch-sql-injection-session-2-cmsmadesimple/
 
* http://artikel.xcode.or.id/patch-sql-injection-session-3final-akses-module-2/
 
* http://www.xp-solution.com/patch-sql-injection-session-3final-akses-module/
 
* http://artikel.xcode.or.id/patch-sql-injection-session-3final-akses-module/
 
* http://h4nk.net/hacking/patch/patch-sql-injection-session-3final-akses-module/
 
  
===Web Security===
+
==Web Security==
  
 
* http://www.ipa.go.jp/security/vuln/documents/website_security_en.pdf  
 
* http://www.ipa.go.jp/security/vuln/documents/website_security_en.pdf  
 +
* https://www.owasp.org/index.php/Web_Application_Firewall
 +
 +
===Web Application Firewall===
 +
 +
* [[Web Application Firewall]]
 +
 +
===SQL Injection===
 +
 +
* [[SQL Injection Web dengan Dork]]
 +
* [[Algoritma dan teknik menangkal SQL injection]]
 +
* [[Teknik Mengatasi SQL Injection]]
 +
* [[Patch SQL Injection Session 1 cmsmadesimple]]
 +
* [[Patch SQL Injection Session 2 cmsmadesimple]]
 +
* [[Patch SQL Injection Session 3 Final akses module]]
 +
 +
===Cross Site Scripting XSS===
 +
 +
* [[Injeksi XSS Ke Dalam Website]]
 +
* [[Analisis dan antisipasi serangan Cross Site Scripting (XSS)]] ('''RECOMMENDED''')
 +
* [[Cara Mengatasi XSS Bug pada Bagian Komentar Wordpress]]
 +
* [http://books.google.com/books?id=3YFwVj6_51IC&printsec=frontcover&dq=XSS&hl=en&ei=r_YiTabbBIXwrQer_tDNCw&sa=X&oi=book_result&ct=result&resnum=1&ved=0CCMQ6AEwAA XSS attacks: cross-site scripting exploits and defense]
 +
* [http://books.google.com/books?id=_9P9ImY3ITwC&pg=PA93&dq=XSS&hl=en&ei=r_YiTabbBIXwrQer_tDNCw&sa=X&oi=book_result&ct=result&resnum=2&ved=0CCgQ6AEwAQ Security+ Guide to Network Security Fundamentals - Page 93]
 +
* [http://books.google.com/books?id=bZ9xTCuIWRMC&pg=PT86&dq=XSS&hl=en&ei=r_YiTabbBIXwrQer_tDNCw&sa=X&oi=book_result&ct=result&resnum=4&ved=0CDMQ6AEwAw Hacking: The Next Generation]
 +
* [http://books.google.com/books?id=wIWU94zKEtYC&pg=PT118&dq=XSS&hl=en&ei=r_YiTabbBIXwrQer_tDNCw&sa=X&oi=book_result&ct=result&resnum=7&ved=0CEYQ6AEwBg Building scalable web sites]
 +
* [http://books.google.com/books?id=Ddwyg3ADVCEC&pg=PA409&dq=XSS&hl=en&ei=r_YiTabbBIXwrQer_tDNCw&sa=X&oi=book_result&ct=result&resnum=10&ved=0CFkQ6AEwCQ The definitive guide to Grails - Page 409]
 +
* [http://books.google.com/books?id=XLGdUnShOMYC&pg=PT303&dq=XSS&hl=en&ei=NvgiTZGRKo3QrQeYvOG-Cw&sa=X&oi=book_result&ct=result&resnum=4&ved=0CDQQ6AEwAzgK Apache security]
 +
* http://www.owasp.org/index.php/SQL_injection
  
 
===Pelaporan===
 
===Pelaporan===
  
 
* [[Melaporkan Situs Phising]]
 
* [[Melaporkan Situs Phising]]
 +
 +
===mod security===
 +
 +
* http://www.thefanclub.co.za/how-to/how-install-apache2-modsecurity-and-modevasive-ubuntu-1204-lts-server
  
 
==Hacking==
 
==Hacking==
Line 92: Line 199:
 
* [[Mari Hacking Website agar menjadi lebih aman]]
 
* [[Mari Hacking Website agar menjadi lebih aman]]
 
* [[Bagi yang Account Facebook di Crack]]
 
* [[Bagi yang Account Facebook di Crack]]
 +
* [[WebGoat - Web yang tidak aman Untuk Belajar di Hack]]
  
 
==Referensi Keamanan Jaringan==
 
==Referensi Keamanan Jaringan==
  
 +
* http://docs.fedoraproject.org/en-US/Fedora/14/html/Security_Guide/index.html
 
* http://www.securityfocus.com
 
* http://www.securityfocus.com
 
* http://www.lists.gnac.net/firewalls
 
* http://www.lists.gnac.net/firewalls
Line 104: Line 213:
 
* http://www.linuxsecurity.com/
 
* http://www.linuxsecurity.com/
 
* http://www.insecure.org/
 
* http://www.insecure.org/
 +
 +
===Buku-Buku===
 +
 +
* http://stores.lulu.com/owasp
  
 
==Referensi Keamanan Web==
 
==Referensi Keamanan Web==
Line 114: Line 227:
 
* [http://www.slideshare.net/bpdp/keynote-speakbpdp / Web Engineering dalam Konteks Web Science: Isu Terkini dan Tantangan] author : Bambang Purnomosidi D. P
 
* [http://www.slideshare.net/bpdp/keynote-speakbpdp / Web Engineering dalam Konteks Web Science: Isu Terkini dan Tantangan] author : Bambang Purnomosidi D. P
 
* http://whitesecure.com
 
* http://whitesecure.com
 +
* http://www.owasp.org/index.php/Main_Page
  
 
==URL Menarik==
 
==URL Menarik==
Line 120: Line 234:
 
* [http://milisdad.blogspot.com/2009/02/mereset-password-pada-aplikasi-berbasis.html Mereset Password pada Aplikasi Berbasis Web] - Aplikasi yang cukup aman tidak bisa menggunakan cara ini
 
* [http://milisdad.blogspot.com/2009/02/mereset-password-pada-aplikasi-berbasis.html Mereset Password pada Aplikasi Berbasis Web] - Aplikasi yang cukup aman tidak bisa menggunakan cara ini
 
* http://situstarget.com/home/2010/07/02/cara-melaporkan-situs-phising/
 
* http://situstarget.com/home/2010/07/02/cara-melaporkan-situs-phising/
 +
* https://crypto.stanford.edu/cs155/syllabus.html
  
 
==Pranala Menarik==
 
==Pranala Menarik==

Latest revision as of 07:10, 31 July 2024

Teori

Manajemen

Network Security Appliance

Untuk yang tidak mau pusing menginstalasi berbagai software / aplikasi network security, dapat menggunakan appliance yang sudah jadi.

Evaluasi Jaringan

Security Test

Acunetix, Retina Network Security Scanner,  Network Security Auditor, dll dapat menganalisa dan memberikan report / generate report secara akurat dan profesional.

Network Security

HoneyPot / HoneyNet

Mail Security

Firewall & Blokir Situs

Network Monitoring & Intrution Detection

Pertahanan untuk NetCut

Secure Connection

Authentikasi

Mematikan Mesin Windows Jarak Jauh

OS Security

Anti Rootkit

Anti Virus

Host based IDS

RaspberryPi Pentest

Web Security

Web Application Firewall

SQL Injection

Cross Site Scripting XSS

Pelaporan

mod security

Hacking

Referensi Keamanan Jaringan

Buku-Buku

Referensi Keamanan Web

URL Menarik

Pranala Menarik