Difference between revisions of "Keamanan Jaringan"
Jump to navigation
Jump to search
Onnowpurbo (talk | contribs) |
|||
(96 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
+ | ==Teori== | ||
+ | |||
+ | * [[Peta Teknologi Network Security]] | ||
+ | * [[Cyber Defence]] | ||
+ | * http://www.owasp.org/index.php/Category:Principle - Prinsip Keamanan Aplikasi | ||
+ | * [[Trend Keamanan Internet Indonesia 2010]] | ||
+ | * [[20 Linux Server Hardening Security Tips]] | ||
+ | * http://www.cyberciti.biz/tips/php-security-best-practices-tutorial.html | ||
+ | * [[Linux Security Howto]] | ||
+ | * [[Security: Basic OS Security]] | ||
+ | |||
+ | ==Manajemen== | ||
+ | |||
+ | * [[Framework Cybersecurity]] | ||
+ | |||
+ | ==Network Security Appliance== | ||
+ | |||
+ | Untuk yang tidak mau pusing menginstalasi berbagai [[software]] / aplikasi [[network security]], dapat menggunakan appliance yang sudah jadi. | ||
+ | |||
+ | * [[Cyberoam]] | ||
+ | |||
+ | * [[ipcop]] | ||
+ | * [[smoothwall]] | ||
+ | * [[ebox]] | ||
+ | |||
+ | ==Evaluasi Jaringan== | ||
+ | |||
+ | * [[Meneropong Situs e-banking]] | ||
+ | * [[Menggunakan whois]] | ||
+ | * [[Instalasi PacketTracer Cisco di Ubuntu]] | ||
+ | |||
+ | ===Security Test=== | ||
+ | |||
+ | * http://sectools.org/web-scanners.html | ||
+ | * http://www.cirt.net/nikto2 | ||
+ | * http://www.parosproxy.org/ | ||
+ | * http://sectools.org/web-scanners.html | ||
+ | * http://sectools.org/vuln-scanners.html | ||
+ | |||
+ | Acunetix, Retina Network Security Scanner, Network Security Auditor, dll dapat menganalisa dan memberikan report / | ||
+ | generate report secara akurat dan profesional. | ||
+ | |||
==Network Security== | ==Network Security== | ||
+ | * [[Beberapa Tip Hacking]] | ||
* [[Teknik Memblok Situs Tidak Baik]] | * [[Teknik Memblok Situs Tidak Baik]] | ||
* [[Memblok Situs Porno Menggunakan Content Filter di Firefox Windows]] | * [[Memblok Situs Porno Menggunakan Content Filter di Firefox Windows]] | ||
− | * [[ | + | * [[11 Kelemahan Yang Kerap Tidak Disadari Admin Jaringan]] |
− | * [[ | + | * [[DDos: Langkah Mengatasi Serangan DDoS]] |
− | * [[ | + | * [[Cloud: Tujuh Resiko Keamanan pada Cloud-Computing]] |
− | * | + | |
− | * http://www. | + | ===HoneyPot / HoneyNet=== |
− | * [[ | + | |
+ | * [[Honeypot]] | ||
+ | |||
+ | ===Mail Security=== | ||
+ | |||
+ | * [[Postfix: Konfigurasi relayhost dengan Authentikasi]] | ||
+ | * [[Block Spam Menggunakan Postfix]] | ||
+ | * [[Blok Spam Menggunakan Postfix dan Bogofilter]] | ||
+ | * [[Instalasi MailScanner]] | ||
+ | * http://www.scamnailer.info/ | ||
+ | * [[Teknik Anti Spam]] | ||
* [[Melihat Header e-mail]] | * [[Melihat Header e-mail]] | ||
− | |||
===Firewall & Blokir Situs=== | ===Firewall & Blokir Situs=== | ||
Line 19: | Line 71: | ||
* [[Edit Konfigurasi Pemblokiran Dansguardian]] | * [[Edit Konfigurasi Pemblokiran Dansguardian]] | ||
* [[Instalasi phpSHIELD]] | * [[Instalasi phpSHIELD]] | ||
− | * http:// | + | * http://www.fail2ban.org/wiki/index.php/Main_Page - Deteksi Serangan & Ban automatis |
− | * | + | * [[Zero Trust Network Access (ZTNA)]] |
===Network Monitoring & Intrution Detection=== | ===Network Monitoring & Intrution Detection=== | ||
+ | * [[Suricata]] | ||
* [[Instalasi Nessus]] | * [[Instalasi Nessus]] | ||
+ | * [[Instalasi Nessus Client]] | ||
+ | * [[Nessus: Melalui Web]] | ||
* [[Instalasi NTOP]] | * [[Instalasi NTOP]] | ||
* [[Instalasi SNORT dan BASE]] [[Intrusion Detection System]] ([[IDS]]) | * [[Instalasi SNORT dan BASE]] [[Intrusion Detection System]] ([[IDS]]) | ||
+ | * [[Instalasi EasyIDS]] | ||
+ | * [[Suricata Open Source Next Generation Intrusion Detection and Prevention Engine]] | ||
+ | * http://www.endace.com/cyber-security-monitoring.html | ||
+ | * [[Snorby Preconfigured Security Application]] | ||
+ | * http://www.linux-sec.net/IDS/ ([[IDS]]) | ||
+ | * http://www.monkey.org/~dugsong/talks/ids/ ([[IDS]]). | ||
+ | * http://www.cert.org/tech_tips/intruder_detection_checklist.html ([[IDS]]) | ||
+ | * http://www.robertgraham.com/pubs/network-intrusion-detection.html ([[IDS]]) | ||
+ | * http://www.sans.org/newlook/resources/IDFAQ/ID_FAQ.htm ([[IDS]]) | ||
+ | * [[Linux Monitoring Tool]] | ||
+ | |||
+ | ====Pertahanan untuk NetCut==== | ||
+ | |||
+ | * [[Pertahanan Melawan ARP spoofing di Linux]] | ||
+ | * [[Membuat Linux Kebal ARP Poisoning ARP Spoofing]] | ||
+ | * [[Pemutus jaringan LAN di linux dengan TechnoCut]] | ||
+ | * [[Anti NetCut]] | ||
+ | * [[tuxcut]] | ||
===Secure Connection=== | ===Secure Connection=== | ||
+ | * http://www.madboa.com/geek/gpg-quickstart/#keyintro - GPG Key | ||
* [[Virtual Private Network]] ([[VPN]]) | * [[Virtual Private Network]] ([[VPN]]) | ||
* [[Instalasi dan Konfigurasi rsync]] untuk backup antar mesin | * [[Instalasi dan Konfigurasi rsync]] untuk backup antar mesin | ||
Line 38: | Line 112: | ||
* [[Ubah Nomor Port sshd]] | * [[Ubah Nomor Port sshd]] | ||
− | === | + | ===Authentikasi=== |
− | * [[ | + | |
+ | * [[openldap]] | ||
===Mematikan Mesin Windows Jarak Jauh=== | ===Mematikan Mesin Windows Jarak Jauh=== | ||
Line 48: | Line 123: | ||
* http://landofthefreeish.com/linux/howto-remote-shutdown-of-a-windows-computer-from-linux/ | * http://landofthefreeish.com/linux/howto-remote-shutdown-of-a-windows-computer-from-linux/ | ||
* http://blog.beausanders.com/?q=node/8 | * http://blog.beausanders.com/?q=node/8 | ||
+ | |||
+ | ==OS Security== | ||
+ | |||
+ | * http://www.go2linux.org/fedora-centos-root-password-recovery - kalau lupa password root | ||
+ | * [[Enkripsi Disk]] | ||
+ | * [[20 Linux System Monitoring Tool]] | ||
+ | * [[Cyber Security: Detect and remove trojans in a Linux operating system]] | ||
+ | |||
+ | ===Anti Rootkit=== | ||
+ | |||
+ | * [[Rootkit Hunter]] | ||
+ | * [[chkrootkit]] | ||
+ | |||
+ | ===Anti Virus=== | ||
+ | * [[Instalasi antivirus clamav]] | ||
+ | * [[Scan File dan URL Secara Online]] | ||
+ | * [[Virus]] | ||
+ | * [[Anti Virus]] | ||
+ | |||
+ | ===Host based IDS=== | ||
+ | |||
+ | * [[Tripwire]] | ||
+ | * [[systraq]] | ||
+ | |||
+ | ===RaspberryPi Pentest=== | ||
+ | |||
+ | * http://resources.infosecinstitute.com/pentesting-distributions-and-installer-kits-for-your-raspberry-pi/ | ||
+ | * http://www.raspberrypi.org/downloads | ||
+ | * https://github.com/g13net/PwnBerryPi.git | ||
+ | |||
+ | ==Web Security== | ||
+ | |||
+ | * http://www.ipa.go.jp/security/vuln/documents/website_security_en.pdf | ||
+ | * https://www.owasp.org/index.php/Web_Application_Firewall | ||
+ | |||
+ | ===Web Application Firewall=== | ||
+ | |||
+ | * [[Web Application Firewall]] | ||
+ | |||
+ | ===SQL Injection=== | ||
+ | |||
+ | * [[SQL Injection Web dengan Dork]] | ||
+ | * [[Algoritma dan teknik menangkal SQL injection]] | ||
+ | * [[Teknik Mengatasi SQL Injection]] | ||
+ | * [[Patch SQL Injection Session 1 cmsmadesimple]] | ||
+ | * [[Patch SQL Injection Session 2 cmsmadesimple]] | ||
+ | * [[Patch SQL Injection Session 3 Final akses module]] | ||
+ | |||
+ | ===Cross Site Scripting XSS=== | ||
+ | |||
+ | * [[Injeksi XSS Ke Dalam Website]] | ||
+ | * [[Analisis dan antisipasi serangan Cross Site Scripting (XSS)]] ('''RECOMMENDED''') | ||
+ | * [[Cara Mengatasi XSS Bug pada Bagian Komentar Wordpress]] | ||
+ | * [http://books.google.com/books?id=3YFwVj6_51IC&printsec=frontcover&dq=XSS&hl=en&ei=r_YiTabbBIXwrQer_tDNCw&sa=X&oi=book_result&ct=result&resnum=1&ved=0CCMQ6AEwAA XSS attacks: cross-site scripting exploits and defense] | ||
+ | * [http://books.google.com/books?id=_9P9ImY3ITwC&pg=PA93&dq=XSS&hl=en&ei=r_YiTabbBIXwrQer_tDNCw&sa=X&oi=book_result&ct=result&resnum=2&ved=0CCgQ6AEwAQ Security+ Guide to Network Security Fundamentals - Page 93] | ||
+ | * [http://books.google.com/books?id=bZ9xTCuIWRMC&pg=PT86&dq=XSS&hl=en&ei=r_YiTabbBIXwrQer_tDNCw&sa=X&oi=book_result&ct=result&resnum=4&ved=0CDMQ6AEwAw Hacking: The Next Generation] | ||
+ | * [http://books.google.com/books?id=wIWU94zKEtYC&pg=PT118&dq=XSS&hl=en&ei=r_YiTabbBIXwrQer_tDNCw&sa=X&oi=book_result&ct=result&resnum=7&ved=0CEYQ6AEwBg Building scalable web sites] | ||
+ | * [http://books.google.com/books?id=Ddwyg3ADVCEC&pg=PA409&dq=XSS&hl=en&ei=r_YiTabbBIXwrQer_tDNCw&sa=X&oi=book_result&ct=result&resnum=10&ved=0CFkQ6AEwCQ The definitive guide to Grails - Page 409] | ||
+ | * [http://books.google.com/books?id=XLGdUnShOMYC&pg=PT303&dq=XSS&hl=en&ei=NvgiTZGRKo3QrQeYvOG-Cw&sa=X&oi=book_result&ct=result&resnum=4&ved=0CDQQ6AEwAzgK Apache security] | ||
+ | * http://www.owasp.org/index.php/SQL_injection | ||
+ | |||
+ | ===Pelaporan=== | ||
+ | |||
+ | * [[Melaporkan Situs Phising]] | ||
+ | |||
+ | ===mod security=== | ||
+ | |||
+ | * http://www.thefanclub.co.za/how-to/how-install-apache2-modsecurity-and-modevasive-ubuntu-1204-lts-server | ||
==Hacking== | ==Hacking== | ||
Line 53: | Line 196: | ||
* [[Wireless Hacking]] | * [[Wireless Hacking]] | ||
* [[Beberapa Tip Hacking]] | * [[Beberapa Tip Hacking]] | ||
+ | * [[Backtrack]] | ||
+ | * [[Mari Hacking Website agar menjadi lebih aman]] | ||
+ | * [[Bagi yang Account Facebook di Crack]] | ||
+ | * [[WebGoat - Web yang tidak aman Untuk Belajar di Hack]] | ||
+ | |||
+ | ==Referensi Keamanan Jaringan== | ||
+ | |||
+ | * http://docs.fedoraproject.org/en-US/Fedora/14/html/Security_Guide/index.html | ||
+ | * http://www.securityfocus.com | ||
+ | * http://www.lists.gnac.net/firewalls | ||
+ | * http://www.nfr.com.mailman/listinfo/firewall-wizards | ||
+ | * http://www.sans.org/sansnews/ | ||
+ | * http://www.cert.org/ | ||
+ | * http://www.safemag.com/ | ||
+ | * http://www.ciac.org/ | ||
+ | * http://www.linuxsecurity.com/ | ||
+ | * http://www.insecure.org/ | ||
+ | |||
+ | ===Buku-Buku=== | ||
+ | |||
+ | * http://stores.lulu.com/owasp | ||
+ | |||
+ | ==Referensi Keamanan Web== | ||
+ | |||
+ | * http://www.w3.org/security/faq/ | ||
+ | * http://www.securityportal.com | ||
+ | * http://www.2600.com | ||
+ | * http://www.go2net.com/people/paulp/cgi-security/ | ||
+ | * http://www.consensus.com/security/ssl-talk-faq.html | ||
+ | * [http://www.slideshare.net/bpdp/keynote-speakbpdp / Web Engineering dalam Konteks Web Science: Isu Terkini dan Tantangan] author : Bambang Purnomosidi D. P | ||
+ | * http://whitesecure.com | ||
+ | * http://www.owasp.org/index.php/Main_Page | ||
==URL Menarik== | ==URL Menarik== | ||
Line 58: | Line 233: | ||
* http://awarmanf.wordpress.com/2010/05/01/drop-ultrasurf-dengan-iptables/ | * http://awarmanf.wordpress.com/2010/05/01/drop-ultrasurf-dengan-iptables/ | ||
* [http://milisdad.blogspot.com/2009/02/mereset-password-pada-aplikasi-berbasis.html Mereset Password pada Aplikasi Berbasis Web] - Aplikasi yang cukup aman tidak bisa menggunakan cara ini | * [http://milisdad.blogspot.com/2009/02/mereset-password-pada-aplikasi-berbasis.html Mereset Password pada Aplikasi Berbasis Web] - Aplikasi yang cukup aman tidak bisa menggunakan cara ini | ||
+ | * http://situstarget.com/home/2010/07/02/cara-melaporkan-situs-phising/ | ||
+ | * https://crypto.stanford.edu/cs155/syllabus.html | ||
==Pranala Menarik== | ==Pranala Menarik== |
Latest revision as of 07:10, 31 July 2024
Teori
- Peta Teknologi Network Security
- Cyber Defence
- http://www.owasp.org/index.php/Category:Principle - Prinsip Keamanan Aplikasi
- Trend Keamanan Internet Indonesia 2010
- 20 Linux Server Hardening Security Tips
- http://www.cyberciti.biz/tips/php-security-best-practices-tutorial.html
- Linux Security Howto
- Security: Basic OS Security
Manajemen
Network Security Appliance
Untuk yang tidak mau pusing menginstalasi berbagai software / aplikasi network security, dapat menggunakan appliance yang sudah jadi.
Evaluasi Jaringan
Security Test
- http://sectools.org/web-scanners.html
- http://www.cirt.net/nikto2
- http://www.parosproxy.org/
- http://sectools.org/web-scanners.html
- http://sectools.org/vuln-scanners.html
Acunetix, Retina Network Security Scanner, Network Security Auditor, dll dapat menganalisa dan memberikan report / generate report secara akurat dan profesional.
Network Security
- Beberapa Tip Hacking
- Teknik Memblok Situs Tidak Baik
- Memblok Situs Porno Menggunakan Content Filter di Firefox Windows
- 11 Kelemahan Yang Kerap Tidak Disadari Admin Jaringan
- DDos: Langkah Mengatasi Serangan DDoS
- Cloud: Tujuh Resiko Keamanan pada Cloud-Computing
HoneyPot / HoneyNet
Mail Security
- Postfix: Konfigurasi relayhost dengan Authentikasi
- Block Spam Menggunakan Postfix
- Blok Spam Menggunakan Postfix dan Bogofilter
- Instalasi MailScanner
- http://www.scamnailer.info/
- Teknik Anti Spam
- Melihat Header e-mail
Firewall & Blokir Situs
- Mini Howto iptables untuk Firewall
- Firestarter Firewall untuk Ubuntu
- Teknik Memblok Situs Tidak Baik
- Firewall Untuk Proxy DansGuardian
- Edit Konfigurasi Pemblokiran Dansguardian
- Instalasi phpSHIELD
- http://www.fail2ban.org/wiki/index.php/Main_Page - Deteksi Serangan & Ban automatis
- Zero Trust Network Access (ZTNA)
Network Monitoring & Intrution Detection
- Suricata
- Instalasi Nessus
- Instalasi Nessus Client
- Nessus: Melalui Web
- Instalasi NTOP
- Instalasi SNORT dan BASE Intrusion Detection System (IDS)
- Instalasi EasyIDS
- Suricata Open Source Next Generation Intrusion Detection and Prevention Engine
- http://www.endace.com/cyber-security-monitoring.html
- Snorby Preconfigured Security Application
- http://www.linux-sec.net/IDS/ (IDS)
- http://www.monkey.org/~dugsong/talks/ids/ (IDS).
- http://www.cert.org/tech_tips/intruder_detection_checklist.html (IDS)
- http://www.robertgraham.com/pubs/network-intrusion-detection.html (IDS)
- http://www.sans.org/newlook/resources/IDFAQ/ID_FAQ.htm (IDS)
- Linux Monitoring Tool
Pertahanan untuk NetCut
- Pertahanan Melawan ARP spoofing di Linux
- Membuat Linux Kebal ARP Poisoning ARP Spoofing
- Pemutus jaringan LAN di linux dengan TechnoCut
- Anti NetCut
- tuxcut
Secure Connection
- http://www.madboa.com/geek/gpg-quickstart/#keyintro - GPG Key
- Virtual Private Network (VPN)
- Instalasi dan Konfigurasi rsync untuk backup antar mesin
- Persiapan SSH untuk SCP Batch
- Topal - Pengikat GnuPG dan Alpine
- Mengikat GnuPG dan Alpine
- Menggunakan GnuPG
- GnuPG Mini Howto
- GnuPG Privacy Handbook
- Ubah Nomor Port sshd
Authentikasi
Mematikan Mesin Windows Jarak Jauh
- http://www.howtoforge.com/how-to-remotely-shut-down-windows-xp-computers-from-a-linux-server
- http://www.lgr.ca/blog/2008/04/shutdown-windows-from-linux.html
- http://www.linuxforums.org/forum/redhat-fedora-linux-help/60324-remote-shutdown-windows-linux-box.html
- http://landofthefreeish.com/linux/howto-remote-shutdown-of-a-windows-computer-from-linux/
- http://blog.beausanders.com/?q=node/8
OS Security
- http://www.go2linux.org/fedora-centos-root-password-recovery - kalau lupa password root
- Enkripsi Disk
- 20 Linux System Monitoring Tool
- Cyber Security: Detect and remove trojans in a Linux operating system
Anti Rootkit
Anti Virus
Host based IDS
RaspberryPi Pentest
- http://resources.infosecinstitute.com/pentesting-distributions-and-installer-kits-for-your-raspberry-pi/
- http://www.raspberrypi.org/downloads
- https://github.com/g13net/PwnBerryPi.git
Web Security
- http://www.ipa.go.jp/security/vuln/documents/website_security_en.pdf
- https://www.owasp.org/index.php/Web_Application_Firewall
Web Application Firewall
SQL Injection
- SQL Injection Web dengan Dork
- Algoritma dan teknik menangkal SQL injection
- Teknik Mengatasi SQL Injection
- Patch SQL Injection Session 1 cmsmadesimple
- Patch SQL Injection Session 2 cmsmadesimple
- Patch SQL Injection Session 3 Final akses module
Cross Site Scripting XSS
- Injeksi XSS Ke Dalam Website
- Analisis dan antisipasi serangan Cross Site Scripting (XSS) (RECOMMENDED)
- Cara Mengatasi XSS Bug pada Bagian Komentar Wordpress
- XSS attacks: cross-site scripting exploits and defense
- Security+ Guide to Network Security Fundamentals - Page 93
- Hacking: The Next Generation
- Building scalable web sites
- The definitive guide to Grails - Page 409
- Apache security
- http://www.owasp.org/index.php/SQL_injection
Pelaporan
mod security
Hacking
- Wireless Hacking
- Beberapa Tip Hacking
- Backtrack
- Mari Hacking Website agar menjadi lebih aman
- Bagi yang Account Facebook di Crack
- WebGoat - Web yang tidak aman Untuk Belajar di Hack
Referensi Keamanan Jaringan
- http://docs.fedoraproject.org/en-US/Fedora/14/html/Security_Guide/index.html
- http://www.securityfocus.com
- http://www.lists.gnac.net/firewalls
- http://www.nfr.com.mailman/listinfo/firewall-wizards
- http://www.sans.org/sansnews/
- http://www.cert.org/
- http://www.safemag.com/
- http://www.ciac.org/
- http://www.linuxsecurity.com/
- http://www.insecure.org/
Buku-Buku
Referensi Keamanan Web
- http://www.w3.org/security/faq/
- http://www.securityportal.com
- http://www.2600.com
- http://www.go2net.com/people/paulp/cgi-security/
- http://www.consensus.com/security/ssl-talk-faq.html
- / Web Engineering dalam Konteks Web Science: Isu Terkini dan Tantangan author : Bambang Purnomosidi D. P
- http://whitesecure.com
- http://www.owasp.org/index.php/Main_Page
URL Menarik
- http://awarmanf.wordpress.com/2010/05/01/drop-ultrasurf-dengan-iptables/
- Mereset Password pada Aplikasi Berbasis Web - Aplikasi yang cukup aman tidak bisa menggunakan cara ini
- http://situstarget.com/home/2010/07/02/cara-melaporkan-situs-phising/
- https://crypto.stanford.edu/cs155/syllabus.html