Various way of protecting your cloud server port - Abdullah
-
Upload
idsecconf -
Category
Technology
-
view
120 -
download
4
description
Transcript of Various way of protecting your cloud server port - Abdullah
![Page 1: Various way of protecting your cloud server port - Abdullah](https://reader035.fdocuments.us/reader035/viewer/2022081404/559af17b1a28ab72658b4602/html5/thumbnails/1.jpg)
![Page 2: Various way of protecting your cloud server port - Abdullah](https://reader035.fdocuments.us/reader035/viewer/2022081404/559af17b1a28ab72658b4602/html5/thumbnails/2.jpg)
Who This Guy!
Abdullah
S1 Informatika
Universitas Brawijaya Malang
![Page 3: Various way of protecting your cloud server port - Abdullah](https://reader035.fdocuments.us/reader035/viewer/2022081404/559af17b1a28ab72658b4602/html5/thumbnails/3.jpg)
![Page 4: Various way of protecting your cloud server port - Abdullah](https://reader035.fdocuments.us/reader035/viewer/2022081404/559af17b1a28ab72658b4602/html5/thumbnails/4.jpg)
![Page 5: Various way of protecting your cloud server port - Abdullah](https://reader035.fdocuments.us/reader035/viewer/2022081404/559af17b1a28ab72658b4602/html5/thumbnails/5.jpg)
![Page 6: Various way of protecting your cloud server port - Abdullah](https://reader035.fdocuments.us/reader035/viewer/2022081404/559af17b1a28ab72658b4602/html5/thumbnails/6.jpg)
Tingkat Keamanan Internet Nasional
• Januari – Februari 2014 : SEDANG• Maret - April 2014 : BURUK• Mei 2014 : SANGAT BURUK• Juni – Agustus : BURUK
![Page 7: Various way of protecting your cloud server port - Abdullah](https://reader035.fdocuments.us/reader035/viewer/2022081404/559af17b1a28ab72658b4602/html5/thumbnails/7.jpg)
![Page 8: Various way of protecting your cloud server port - Abdullah](https://reader035.fdocuments.us/reader035/viewer/2022081404/559af17b1a28ab72658b4602/html5/thumbnails/8.jpg)
Jumlah serangan : 72.225.360, atau 200.626/hari
Serangan terbesar terjadi pada bulan November : 26 Juta
82% serangan kategori SQL, Malware, Web Base & Botnet
Jumlah insiden website terbesar terjadi pada bulan Mei 2013, 3.126 insiden website
Rata-rata 67% tingkat serangan
Pemantauan Trafik Nasional (Jumlah Serangan) Tahun 2013
Negara sumber serangan : CN, ID, BR
Negara target serangan : ID, US, CN, JP
![Page 9: Various way of protecting your cloud server port - Abdullah](https://reader035.fdocuments.us/reader035/viewer/2022081404/559af17b1a28ab72658b4602/html5/thumbnails/9.jpg)
Pemantauan Trafik Nasional (Jumlah Serangan) Tahun 2013
![Page 10: Various way of protecting your cloud server port - Abdullah](https://reader035.fdocuments.us/reader035/viewer/2022081404/559af17b1a28ab72658b4602/html5/thumbnails/10.jpg)
Statistik Serangan Website domain Indonesia Tahun 2013
![Page 11: Various way of protecting your cloud server port - Abdullah](https://reader035.fdocuments.us/reader035/viewer/2022081404/559af17b1a28ab72658b4602/html5/thumbnails/11.jpg)
Statistik Serangan Website domain
Indonesia Tahun 2013
![Page 12: Various way of protecting your cloud server port - Abdullah](https://reader035.fdocuments.us/reader035/viewer/2022081404/559af17b1a28ab72658b4602/html5/thumbnails/12.jpg)
Celah Keamanan Pada TLD .ID Tahun 2013
Rata-rata 2300/bulan ditemukan website yang rentan
Domain yang paling rentan : ac.id, .sch.id, .go.id, .co.id
![Page 13: Various way of protecting your cloud server port - Abdullah](https://reader035.fdocuments.us/reader035/viewer/2022081404/559af17b1a28ab72658b4602/html5/thumbnails/13.jpg)
Data Leaked
Terdapat 60 website dan 423 record data yang dibocorkan di internet
![Page 14: Various way of protecting your cloud server port - Abdullah](https://reader035.fdocuments.us/reader035/viewer/2022081404/559af17b1a28ab72658b4602/html5/thumbnails/14.jpg)
Mengapa semua ini bisa terjadi?
Salah siapa?
![Page 15: Various way of protecting your cloud server port - Abdullah](https://reader035.fdocuments.us/reader035/viewer/2022081404/559af17b1a28ab72658b4602/html5/thumbnails/15.jpg)
PENYEBAB BANYAKNYA SERANGAN
Kurangnya kesadaran keamanan informasi, dari sisi personal sampai dengan kelembagaan.
Manusia, sisi keamanan terlemah - social engineering, phising & malicious code (tools)
Hacking Tools sangat mudah didapat dan mudah digunakan (Click Kiddies)
Hacker semakin nyaman dalam melakukan aksinya.
![Page 16: Various way of protecting your cloud server port - Abdullah](https://reader035.fdocuments.us/reader035/viewer/2022081404/559af17b1a28ab72658b4602/html5/thumbnails/16.jpg)
![Page 17: Various way of protecting your cloud server port - Abdullah](https://reader035.fdocuments.us/reader035/viewer/2022081404/559af17b1a28ab72658b4602/html5/thumbnails/17.jpg)
http://www.fastandeasyhacking.com
![Page 18: Various way of protecting your cloud server port - Abdullah](https://reader035.fdocuments.us/reader035/viewer/2022081404/559af17b1a28ab72658b4602/html5/thumbnails/18.jpg)
![Page 19: Various way of protecting your cloud server port - Abdullah](https://reader035.fdocuments.us/reader035/viewer/2022081404/559af17b1a28ab72658b4602/html5/thumbnails/19.jpg)
Port Scanner
Nmap
Metasploit
![Page 20: Various way of protecting your cloud server port - Abdullah](https://reader035.fdocuments.us/reader035/viewer/2022081404/559af17b1a28ab72658b4602/html5/thumbnails/20.jpg)
Port Scanning : Matrix Reloaded
![Page 21: Various way of protecting your cloud server port - Abdullah](https://reader035.fdocuments.us/reader035/viewer/2022081404/559af17b1a28ab72658b4602/html5/thumbnails/21.jpg)
![Page 22: Various way of protecting your cloud server port - Abdullah](https://reader035.fdocuments.us/reader035/viewer/2022081404/559af17b1a28ab72658b4602/html5/thumbnails/22.jpg)
Update status dulu . .
Yes, aku berhasil masuk ke sistemnya,
haha!
![Page 23: Various way of protecting your cloud server port - Abdullah](https://reader035.fdocuments.us/reader035/viewer/2022081404/559af17b1a28ab72658b4602/html5/thumbnails/23.jpg)
Terus gimana caranya Agar aman?
![Page 24: Various way of protecting your cloud server port - Abdullah](https://reader035.fdocuments.us/reader035/viewer/2022081404/559af17b1a28ab72658b4602/html5/thumbnails/24.jpg)
You can't secure the system
![Page 25: Various way of protecting your cloud server port - Abdullah](https://reader035.fdocuments.us/reader035/viewer/2022081404/559af17b1a28ab72658b4602/html5/thumbnails/25.jpg)
You can slow down the performance of hackers
![Page 26: Various way of protecting your cloud server port - Abdullah](https://reader035.fdocuments.us/reader035/viewer/2022081404/559af17b1a28ab72658b4602/html5/thumbnails/26.jpg)
Kippo SSH Honeypot
Membuat Sistem Palsu
Seolah-olah Attacker Berada Dalam Sistem Yang Sebenarnya
Download : code.google.com/p/kippo/
Berkreasi Sesuka Anda!
Mencatat Semua Perbuatan Dosa Si Attacker
![Page 27: Various way of protecting your cloud server port - Abdullah](https://reader035.fdocuments.us/reader035/viewer/2022081404/559af17b1a28ab72658b4602/html5/thumbnails/27.jpg)
Konfigurasi
Lokasi : kippo/kippo.cfg
Start Kippo SSH Honeypot!
![Page 28: Various way of protecting your cloud server port - Abdullah](https://reader035.fdocuments.us/reader035/viewer/2022081404/559af17b1a28ab72658b4602/html5/thumbnails/28.jpg)
Portspoof
Menyamarkan Port
Dialihkan ke Port 4444
Memperlambat Kinerja Attacker
Mengaktifkan 65 Ribu Port
![Page 29: Various way of protecting your cloud server port - Abdullah](https://reader035.fdocuments.us/reader035/viewer/2022081404/559af17b1a28ab72658b4602/html5/thumbnails/29.jpg)
“Portspoof takes more than 8 hours and 200MB of sent data in order to
properly go through the reconessaince
phase for your system”
@drk1wi
![Page 30: Various way of protecting your cloud server port - Abdullah](https://reader035.fdocuments.us/reader035/viewer/2022081404/559af17b1a28ab72658b4602/html5/thumbnails/30.jpg)
Portspoof
![Page 31: Various way of protecting your cloud server port - Abdullah](https://reader035.fdocuments.us/reader035/viewer/2022081404/559af17b1a28ab72658b4602/html5/thumbnails/31.jpg)
Portsentry
Mendeteksi Port Scanner
Banned IP Secara Otomatis
Membuat Port Palsu
Fun With Custom Banner
![Page 32: Various way of protecting your cloud server port - Abdullah](https://reader035.fdocuments.us/reader035/viewer/2022081404/559af17b1a28ab72658b4602/html5/thumbnails/32.jpg)
Portsentry
Config > /etc/portsentry/portsentry.conf
v
Log > /var/log/syslog
History > /var/lib/portsentry/portsentry.history
Custom Banner
![Page 33: Various way of protecting your cloud server port - Abdullah](https://reader035.fdocuments.us/reader035/viewer/2022081404/559af17b1a28ab72658b4602/html5/thumbnails/33.jpg)
THANK YOU!