LAMPIRAN-LAMPIRAN. 1. Bagaimana topologi jaringan komputer di PT. CAI?

(1)

LAMPIRAN-LAMPIRAN

Wawancara dengan Bapak Willy Purwantoro

1. Bagaimana topologi jaringan komputer di PT. CAI?

2. Sistem Operasi dan aplikasi yang digunakan untuk mengatur jaringan internet pada

PT. CAI?

3. Bagaimana pembagian bandwidth internet pada PT. CAI?

4. Berapa jumlah user yang terkoneksi pada internet di PT. CAI?

5. Apakah sistem keamanan internet (firewall) sudah optimal?

6. Apakah adanya penggunaan internet dirasa menggangu kinerja karyawan di dalam

perusahaan?

Jawaban

1. Topologi jaringan internet yang digunakan menggunakan topologi Hierarki

2. Sistem Operasi yang digunakan menggunakan Windows Server 2003 dan untuk

pengaturan jaringan belum ada aplikasinya jadi hanya sebatas membagi jaringan

dengan menggunakkan Windows Server 2003 saja sebagai PC Router

3. Belum ada pembagian Bandwidth internet pada PT . CAI sehingga kecepatan

koneksi tidak stabil / berubah – ubah.

4. User yang terhubung oleh internet ada 28 orang

5. Firewall jaringan internet hanya sebatas dari Windows Server 2003 saja dan masi

belum optimal dilihat dari sisi keamanan dan perfomance ( cepat panas dan

menyebabkan hang).

(2)

6. Adanya penggunaan internet membuat beberapa karyawan sering terlambat

menyelesaikan tugasnya karena mereka menggunakkan fasilitas internet untuk

kebutuhan pribadi pada jam kerja seperti mengakses facebook.

(3)

Isi dari /etc/squid/passwd :

[root@localhost ~]# cat /etc/squid/passwd manajer:V9ucr54RWQEDk

cai:uu1S1ruWYepmE

Isi dari /var/log/squid/access.log:

[root@localhost ~]# cat /var/log/squid/access.log

1261297612.947 1 192.168.0.2 TCP_DENIED/407 2424 GET http://www.google.co.id/ - NONE/- text/html

1261297618.360 69 192.168.0.2 TCP_HIT/200 9570 GET

http://www.google.co.id/intl/id_id/images/logo.gif cai NONE/- image/gif

1261297618.472 2334 192.168.0.2 TCP_MISS/200 8759 GET http://www.google.co.id/ cai DIRECT/208.67.219.230 text/html

1261297619.589 472 192.168.0.2 TCP_HIT/200 902 GET

http://www.google.com/images/mgyhp_sm.png cai NONE/- image/png 1261297619.828 33 192.168.0.2 TCP_HIT/200 5935 GET

http://www.google.co.id/images/nav_logo7.png cai NONE/- image/png 1261297621.128 1858 192.168.0.2 TCP_MISS/200 23875 GET

http://www.google.co.id/extern_js/f/CgJpZBICaWQrMAo4QUAdLCswDjgKLCswFjgULCswFzgELCswGDgE LCswGTgNLCswJTjJiAEsKzAmOAgsKzAnOAIsKzA8OAEsKzBFOAAs/vBaXu92pgSQ.js cai

DIRECT/208.67.219.231 text/javascript

1261297621.711 506 192.168.0.2 TCP_MISS/204 431 GET http://www.google.co.id/csi? cai DIRECT/208.67.219.230 text/html

1261297622.160 985 192.168.0.2 TCP_MISS/204 301 GET

http://clients1.google.co.id/generate_204 cai DIRECT/66.102.7.100 text/html 1261297623.632 0 192.168.0.2 TCP_DENIED/403 2459 GET

http://clients1.google.co.id/complete/search? cai NONE/- text/html 1261297624.008 826 192.168.0.2 TCP_MISS/200 762 GET

(4)

1261297624.140 810 192.168.0.2 TCP_MISS/200 785 GET

http://clients1.google.co.id/complete/search? cai DIRECT/66.102.7.102 text/javascript 1261297624.564 0 192.168.0.2 TCP_DENIED/403 2551 GET

http://www.google.co.id/search? cai NONE/- text/html

1261297626.460 261 192.168.0.2 TCP_MISS/302 652 GET http://www.google.co.id/search? cai DIRECT/208.67.219.230 text/html

1261297626.944 477 192.168.0.2 TCP_MISS/200 8805 GET http://www.google.co.id/webhp cai DIRECT/208.67.219.230 text/html

1261297627.516 476 192.168.0.2 TCP_MISS/204 431 GET http://www.google.co.id/csi? cai DIRECT/208.67.219.231 text/html

1261297628.729 519 192.168.0.2 TCP_MISS/200 774 GET

http://clients1.google.co.id/complete/search? cai DIRECT/66.102.7.113 text/javascript 1261297629.904 635 192.168.0.2 TCP_MISS/200 779 GET

http://clients1.google.co.id/complete/search? cai NONE/- text/html 1261297631.155 494 192.168.0.2 TCP_MISS/200 816 GET

(5)

Isi dari /var/log/squid/cache.log:

[root@localhost ~]# cat /var/log/squid/cache.log

2009/12/20 15:11:11| Starting Squid Cache version 3.1.STABLE14 for i686-redhat-linux-gnu...

2009/12/20 15:11:11| Process ID 9010

2009/12/20 15:11:11| With 1024 file descriptors available

2009/12/20 15:11:11| DNS Socket created at 0.0.0.0, port 35082, FD 7 2009/12/20 15:11:11| Adding nameserver 208.67.222.222 from squid.conf 2009/12/20 15:11:11| Adding nameserver 208.67.220.220 from squid.conf 2009/12/20 15:11:11| helperOpenServers: Starting 5 'ncsa_auth' processes 2009/12/20 15:11:11| User-Agent logging is disabled.

2009/12/20 15:11:11| Referer logging is disabled. 2009/12/20 15:11:12| Unlinkd pipe opened on FD 17

2009/12/20 15:11:12| Local cache digest enabled; rebuild/rewrite every 3600/3600 sec 2009/12/20 15:11:12| Swap maxSize 102400 KB, estimated 7876 objects

2009/12/20 15:11:12| Target number of buckets: 393 2009/12/20 15:11:12| Using 8192 Store buckets 2009/12/20 15:11:12| Max Mem size: 8192 KB 2009/12/20 15:11:12| Max Swap size: 102400 KB

2009/12/20 15:11:12| Version 1 of swap file with LFS support detected... 2009/12/20 15:11:12| Rebuilding storage in /var/spool/squid (CLEAN) 2009/12/20 15:11:12| Using Least Load store dir selection

2009/12/20 15:11:12| Current Directory is /root 2009/12/20 15:11:12| Loaded Icons.

2009/12/20 15:11:12| Accepting HTTP connections at 0.0.0.0, port 3128, FD 19. 2009/12/20 15:11:12| HTCP Disabled.

2009/12/20 15:11:12| Ready to serve requests.

2009/12/20 15:11:12| Done reading /var/spool/squid swaplog (3260 entries) 2009/12/20 15:11:12| Finished rebuilding storage from disk.

2009/12/20 15:11:12| Took 0.54 seconds (5990.65 objects/sec). 2009/12/20 15:11:12| Beginning Validation Procedure

(6)

2009/12/20 15:11:12| Completed Validation Procedure 2009/12/20 15:11:12| Validated 6520 Entries

2009/12/20 15:11:12| store_swap_size = 47252

2009/12/20 15:11:13| storeLateRelease: released 0 objects

Isi dari /var/spool/squid/store.log:

[root@localhost ~]# cat /var/log/squid/store.log

1261297612.947 RELEASE -1 FFFFFFFF 67E296AE2A203F9BFD0E42D8AFA1CAD0 407 1261297612 0 -1 text/html 1960/1960 GET http://www.google.co.id/

1261297618.472 RELEASE -1 FFFFFFFF 47B22AAECAA930B478746F4F835C01A0 200 1261297661 -1 1261297661 text/html -1/8391 GET http://www.google.co.id/

1261297621.128 RELEASE -1 FFFFFFFF AD8BE1038A893B34CD972EE381C43B10 200 1261297663 1229817600 1292716800 text/javascript -1/23425 GET

http://www.google.co.id/extern_js/f/CgJpZBICaWQrMAo4QUAdLCswDjgKLCswFjgULCswFzgELCswGDgE LCswGTgNLCswJTjJiAEsKzAmOAgsKzAnOAIsKzA8OAEsKzBFOAAs/vBaXu92pgSQ.js

1261297621.711 RELEASE -1 FFFFFFFF 61DCBF4D466D212BA39856328A3C44E0 204 1074714690 -1 180221530 text/html 0/0 GET http://www.google.co.id/csi?

1261297623.632 RELEASE -1 FFFFFFFF B485A77452D5DE027C8702F325967E29 403 1261297623 0 -1 text/html 2076/2076 GET http://clients1.google.co.id/complete/search?

1261297624.000 RELEASE 00 0000065B 21AAA144963EEDB9EB579590F8A7BB93 ? ? ? ? ?/? ?/? ? ?

1261297624.008 SWAPOUT 00 0000015F 21AAA144963EEDB9EB579590F8A7BB93 200 1261297553 -1 1261301153 text/javascript -1/390 GET http://clients1.google.co.id/complete/search? 1261297624.139 RELEASE 00 000007C2 4120D089B8E9D0286C57E5E44EC25B3B ? ? ? ? ?/? ?/? ? ?

1261297624.140 SWAPOUT 00 000001B0 4120D089B8E9D0286C57E5E44EC25B3B 200 1261297668 -1 1261301268 text/javascript -1/423 GET http://clients1.google.co.id/complete/search? 1261297624.564 RELEASE -1 FFFFFFFF 128A0C18B0788AEDE80FC8662ED76D7E 403 1261297624 0 -1 text/html 2168/2168 GET http://www.google.co.id/search?

(7)

1261297626.460 RELEASE -1 FFFFFFFF 5B31199CE76C0F8F8D138835F01DD560 302 1261297670 -1 -1 text/html 226/226 GET http://www.google.co.id/search?

1261297626.944 RELEASE -1 FFFFFFFF 66A86273C42A60266214A46EA353A2B8 200 1261297670 -1 1261297670 text/html -1/8437 GET http://www.google.co.id/webhp

1261297627.516 RELEASE -1 FFFFFFFF 17E2CE7D2505537212683C0DE15E0504 204 1074714690 -1 180221530 text/html 0/0 GET http://www.google.co.id/csi?

1261297628.729 SWAPOUT 00 000001E5 35F85DC5578BA29ED9CAF909179BE353 200 1261297672 -1 1261301272 text/javascript -1/411 GET http://clients1.google.co.id/complete/search? 1261297629.904 RELEASE 00 00000633 42F69723EA50628456A43D815E14B0F6 ? ? ? ? ?/? ?/? ? ?

1261297629.904 SWAPOUT 00 000004A1 42F69723EA50628456A43D815E14B0F6 200 1261297673 -1 1261301273 text/javascript -1/417 GET http://clients1.google.co.id/complete/search? 1261297630.263 RELEASE 00 00000636 D3FFBFAB3C4C0BDD32246B6103B628DC ? ? ? ? ?/? ?/? ? ?

1261297630.264 SWAPOUT 00 00000633 D3FFBFAB3C4C0BDD32246B6103B628DC 200 1261297531 -1 1261301131 text/javascript -1/431 GET http://clients1.google.co.id/complete/search? 1261297630.320 RELEASE 00 00000637 10AB29AAB6A6F79DFCAB4F6867FC5C2C ? ? ? ? ?/? ?/? ? ?

1261297630.321 SWAPOUT 00 00000636 10AB29AAB6A6F79DFCAB4F6867FC5C2C 200 1261297530 -1 1261301130 text/javascript -1/418 GET http://clients1.google.co.id/complete/search? 1261297630.948 RELEASE 00 00000638 278F183EF2BD540A52CF975F5A73518C ? ? ? ? ?/? ?/? ? ?

1261297630.948 SWAPOUT 00 00000637 278F183EF2BD540A52CF975F5A73518C 200 1261297674 -1 1261301274 text/javascript -1/432 GET http://clients1.google.co.id/complete/search? 1261297631.115 RELEASE -1 FFFFFFFF 75D7236A945B6166A799D86F294A9D68 403 1261297631 0 -1 text/html 2085/2085 GET http://clients1.google.co.id/complete/search?

1261297631.155 RELEASE 00 000009C1 AE68D993D0392FF6E050232363CC6314 ? ? ? ? ?/? ?/? ? ?

(8)

1261297631.155 SWAPOUT 00 00000638 AE68D993D0392FF6E050232363CC6314 200 1261297532 -1 1261301132 text/javascript -1/444 GET http://clients1.google.co.id/complete/search? 1261297631.277 RELEASE 00 00000650 A18B42FDEA46188377EEDE4F64C1E028 ? ? ? ? ?/? ?/? ? ?

1261297631.278 SWAPOUT 00 00000650 A18B42FDEA46188377EEDE4F64C1E028 200 1261297531 -1 1261301131 text/javascript -1/433 GET http://clients1.google.co.id/complete/search? 1261297631.497 RELEASE -1 FFFFFFFF 27A6B98B456372923CD1D5013B4B6BA6 403 1261297631 0 -1 text/html 2177/2177 GET http://www.google.co.id/search?

Isi dari /etc/squid/forbidden_ip:

[root@localhost ~]# cat /etc/squid/forbidden_ip 12.181.172.10 207.226.172.10 64.226.172.10 205.159.173.10 209.195.173.10 209.207.173.10 204.50.173.10 66.98.173.10 128.242.174.10 216.218.175.10 204.225.175.10 69.5.175.10 66.115.176.10 205.134.177.10 66.17.177.10 209.238.177.10 69.50.177.10 206.83.178.10 216.130.179.10 209.152.179.10 128.121.18.10 63.209.18.10 205.178.180.10 66.230.180.10 65.173.181.10 209.185.181.10

(9)

69.25.181.10 66.115.182.10 216.218.182.10 66.230.182.10 209.52.182.10 66.118.184.10 216.130.184.10 62.210.185.10 66.230.185.10 209.35.185.10 212.72.185.10 209.126.186.10 168.143.186.10 217.237.187.10 63.88.187.10 216.106.188.10 208.51.188.10 216.18.19.10 216.100.190.10 208.185.190.10 205.134.191.10 67.19.191.10 193.28.191.10 216.53.191.10 206.127.192.10 206.161.192.10 194.207.192.10 209.117.193.10 64.192.193.10 216.198.193.10 194.9.193.10 206.45.194.10 64.38.195.10 62.67.195.10 207.8.195.10 64.38.196.10 212.43.196.10 213.132.197.10 216.94.197.10 69.30.198.10 4.21.199.10

(10)

62.221.199.10 69.63.199.10 128.11.2.10 194.148.2.10 64.157.2.10 194.164.20.10 66.197.20.10 84.40.20.10 216.49.20.10 62.67.200.10 195.160.201.10 151.196.201.10 206.246.202.10

Isi dari /etc/squid/forbidden_word:

[root@localhost ~]# cat /etc/squid/forbidden_word facebook friendster sex memek ngentot sodomi lesbi homo porno kontol kondom porn bugil toge pemerkosaan sek seksual klitoris vagina 17tahun -lilo-og-stitc-porno.solvebowl.he.cn/moms-gucking 0-cost-host.com/candy_manson 0003.bestsoloadm.cn/amateur-ass-hole 001radiostorm.com/stream/hardrock.asx 00690069.com/p_b/2

(11)

007.sh/femdomreality 007.sh/idealboobs 007.sh/worldmature

Isi dari /etc/squid/forbidden_domain:

www.17tahun.com www.duniasex.com www.indosexindex.com www.keezmovies.com www.yobt.com www.pornomovies.com www.pornojpg.com www.sexthe.net www.xnxx.com www.porn.com www.freefuckvidz.com www.newsfilter.org www.pornhub.com www.brazzers.com www.fridabali.com www.collegewhores.org www.worldsex.com www.twilightsex.com sex.healthguru.com www.badjojo.com www.facebook.com www.friendster.com

Isi dari /etc/squid/file_limit:

[root@localhost ~]# cat /etc/squid/file_limit \.mp3 \.avi \.flv \.jpg \.zip \.iso \.7z \.rpm \.jpeg \.mp4 \.wmv

(12)

\.mkv \.tar.gz \.tar.bz

Tampilan iptables

meliputi chain INPUT , FOWARD DAN OUTPUT

[root@localhost ~]# iptables -L

Chain INPUT (policy DROP)

target prot opt source destination

ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED ACCEPT tcp -- anywhere anywhere tcp dpt:net-steward ACCEPT tcp -- anywhere anywhere tcp dpt:squid ACCEPT tcp -- anywhere anywhere tcp dpt:ssh

REJECT all -- anywhere anywhere reject-with icmp-host-prohibited

Chain FORWARD (policy ACCEPT)

target prot opt source destination Chain OUTPUT (policy ACCEPT)

target prot opt source destination

Penjelasan

dari isi file squid.conf

Coding Keterangan

http_port 3128

default port dari squid

icp_port 0

tidak mengijinkan port icp

cache_dir ufs /var/spool/squid 100 16 512

jenis file yang dipakai ufs, ukuran cache 100,

16 dan 512 menunjukkan jumlah direktori

yang terdapat di cache level 1 & 2

cache_mem 8 MB

memory yang digunakan squid

cache_swap_low 90

batas minimal squid menyimpan data cache

90% dari memori squid

cache_swap_high 95

batas maksimal squid menyimpan data cache

95% dari memori squid

cache_log /var/log/squid/cache.log

berisikan lokasi file log yang akan digunakan

oleh squid

cache_store_log /var/log/squid/store.log

cache_effective_user squid

pembatasan pada user dan group yang dapat

melakukan koneksi

cache_effective_group squid

cache_mgr [email protected]

alamat webmaster yang akan ditampilkan pada

(13)

visible_hostname administrator

nama host yang ditampilkan pada error pages

yang diterima client

dns_nameservers 208.67.222.222

208.67.220.220 domain name server yang didapatkan ISP /

menggunakan open DNS

delay_pools 2

2 buah bagian/pools yang akan dibuat

auth_param basic program

/usr/lib/squid/ncsa_auth /etc/squid/passwd

definisi metode autentikasi dan file data yang

digunakan

auth_param basic children 5

jumlah dari proses authenticator untuk

menjalankan verifikasi squid

auth_param basic concurrency 0

jumlah permintaan yang bersamaan, yang

dapat diproses dalam suatu waktu. 0 artinya

hanya bisa satu permintaan pada suatu waktu

auth_param basic realm SQUID

Proxy-Caching

dasar dari authentikasi squid yang meminta

username dan password pada halaman awal

client

auth_param basic credentialsttl 2 hours

membatasi waktu validasi seseorang

menggunakan username dan password yang

sama

auth_param basic casesensitive off mematikan

permintaan

username dan

password secara case sensitif

acl squid usr proxy_auth REQUIRED

authentikasi yang dipelukan saat user akan

terhubung pada server

acl manager proxy_auth_regex -i manager

authentikasi yang dibutuhkan untuk login

sebagai manager (pool=1). Selain manager

tidak diijinkan

http_access allow manager

delay_class 1 1

delay_parameters 1 -1/-1

delay_access 1 allow manager

delay_access 1 deny all

acl localnet src 192.168.0.0/24

IP user yang diijinkan untuk melakukan

koneksi ke server

acl forbidden_domain dstdomain

"/etc/squid/forbidden_domain"

memanggil file dan memberikan nama proses

yang akan dijalankan

acl forbidden_ip dst

"/etc/squid/forbidden_ip"

acl forbidden_word url_regex -i

"/etc/squid/forbidden_word"

acl file_limit url_regex -i

"/etc/squid/file_limit"

acl fb time MTWHFA 12:00-13:00

acl fb2 url_regex -i facebook friendster

acl SSL_ports port 443

konfigurasi port–port yang nantinya dapat

diakses pada squid proxy server

acl Safe_ports port 80 # http

acl Safe_ports port 21 # ftp

acl Safe_ports port 443 # https

acl Safe_ports port 70 # gopher

acl Safe_ports port 210 # wais

acl Safe_ports port 1025-65535 #

unregistered ports

konfigurasi port–port yang nantinya dapat

diakses pada squid proxy server

acl Safe_ports port 280 # http-mgmt

acl Safe_ports port 488 # gss-http

(14)