Keamanan Informasi Keamanan Informasi (1)

Teks penuh

(1)

Keamanan Informasi

Keamanan Informasi

Seminar – PETA HIMATIF Universitas Siliwangi 30 Mei 2013 , Oleh Nur Widiyasono

(2)

Agenda:

Agenda:

• Latar Belakang

• Masalah

• Keamanan Infrastruktur Sistem & Jaringan

– MikroTik

– Cisco System

(3)

Latar Belakang

Latar Belakang

Information-based society

Security Holes

Multi Product / Multi-System / Multi Vendor

Direct Connect to Internet

Application System base on Web like as :

e-banking, e-commerce, Electronic Data

(4)

Latar Belakang

Latar Belakang

(5)

Masalah

Masalah

• Penyalahgunaan Teknologi Informasi ;

– Seperti ; Hacking , Cracking, Anti Piracy ,

Worm Virus, Defamation, Spammers ,

DoS/DDoS

DoS/DDoS

• Masalah Internal / External Organisasi

• Tidak ada Kebijakan Organisasi tentang

(6)

• Kurangnya pemahaman/pengetahuan

tentang implementasi teknologi keamanan

informasi sehingga terjadi salah setting &

konfigurasi

(7)

Keamanan Infrastruktur Sistem

dan Jaringan Komputer

(8)

Aspek yang harus diperhatikan:

Aspek yang harus diperhatikan:

• Sisi Klien PC :

– Anti Virus + Reguler Updated

– Anti Spyware

– Updated Patch – Security holes

– Updated Patch – Security holes

– Applications Updated Patch

(9)

Lanjutan

Lanjutan

• Sisi Server:

– The right Setting & Configurations system

– Anti Virus + Regular Updated

– Access Control Levels (ACL’s)

– Access Control Levels (ACL’s)

– Updated Patch Security holes

(10)

Lanjutan

Lanjutan

• Keamanan untuk Web Server

Reference :

http://httpd.apache.org/docs/current/misc/sec

urity_tips.html

urity_tips.html

http://technet.microsoft.com/en-us/library/bb727096.aspx

(11)

Lanjutan

Lanjutan

• Keamanan untuk DNS Server:

– References:

http://www.nist.gov/cgi-bin/exit_nist.cgi?url=http://www.microsoft.com/ntse bin/exit_nist.cgi?url=http://www.microsoft.com/ntse rver/nts/downloads/recommended/

• http://linuxadministrator.pro/blog/?p=396

(12)

Lanjutan

Lanjutan

• Keamanan untuk Database Server;

– References :

• http://msdn.microsoft.com/en-us/library/bb283235.aspx

• http://blog.opensecurityresearch.com/2012/03/top-10-oracle-steps-to-secure-oracle.html

steps-to-secure-oracle.html

• http://www.databasesecurity.com/db2/secdb2-2.htm

http://www.sans.org/score/checklists/Oracle_Database_Checklist .pdf

http://searchsecurity.techtarget.com/tip/How-simple-steps-ensure-database-security

http://www.linuxforu.com/2011/05/securing-database-servers/

(13)

Lanjutan

Lanjutan

(14)

Lanjutan

Lanjutan

• Keamanan untuk Development /

Programming

– References:

http://software-•

http://software- security.sans.org/resources/paper/cissp/defining- understanding-security-software-development-life-cycle

• http://searchsecurity.techtarget.com/tip/Steps-in-the-information-security-program-life-cycle

(15)

– References :

• http://www.oe.netl.doe.gov/docs/prepare/21stepsb ooklet.pdf

• http://www.wikihow.com/Write-Secure-Software-for-the-Web

for-the-Web

(16)

ISO Standard for Security

ISO Standard for Security

ISO 27001

This is the specification for an information security management system (an ISMS) which replaced the old BS7799-2 standard

ISO 27002

This is the 27000 series standard

number of what was originally the ISO 17799 standard (which itself was

formerly known as BS7799-1)..

ISO 27003 ISO 27004 ISO 27003

This will be the official number of a new standard intended to offer

guidance for the implementation of an ISMS (IS Management System) .

ISO 27004

This standard covers information security system management

measurement and metrics, including suggested ISO27002 aligned

controls..

ISO 27005

This is the methodology independent ISO standard for information security risk management..

ISO 27006

(17)

Implementasi Policies

Implementasi Policies

Internet Security Policy

Internet/Intranet/Extranet Access Policy

Internet mail (Email) Policy

Web Security Policy

Web Security Policy

Database Access Policy

Wireless Access Policy

Remote Access Policy

(18)
(19)
(20)

MikroTik RouterOS

MikroTik RouterOS

• Fitur-fitur Security yang dimiliki adalah:

– Firewalls

– VLAN

– Access List

– Access List

– VPN

(21)
(22)

VPN

VPN

RouterOS supports various VPN methods and tunnel protocols:

• Ipsec – tunnel and transport mode, certificate or PSK, AH and ESP

security protocols

• Point to point tunneling (OpenVPN, PPTP, PPPoE, L2TP)

PPTP, PPPoE, L2TP)

• Advanced PPP features (MLPPP, BCP)

• Simple tunnels (IPIP, EoIP)

• 6to4 tunnel support (IPv6 over IPv4 network)

• VLAN – IEEE802.1q Virtual LAN support, Q-in-Q support

(23)

Wireless

Wireless

• IEEE802.11a/b/g/n wireless client and access point • Nstreme and Nstreme2 proprietary protocols

• Client polling • RTS/CTS

• Wireless Distribution System (WDS) • Virtual AP

• WEP, WPA, WPA2 encryption • Access control list

• Wireless client roaming

• WMM

(24)

Web Proxy

Web Proxy

• Regular HTTP proxy • Transparent proxy

• Access list by source, destination, URL and requested method (HTTP firewall)

• Cache access list to specify which • Cache access list to specify which

objects to cache, and which not. • Direct Access List to specify which

resources should be accessed

directly, and which - through another proxy server

• Logging facility

• SOCKS proxy support • Parent proxy support

(25)

Case :

Case :

• Hacking Situs SBY

– Ref :

http://www.tempo.co/read/news/2013/04/12/0

72472937/Begini-Cara-Wildan-Meretas-Situs-Presiden-SBY

Sql Injections

(26)

Case:

Case:

• Defamation : (Pencemaran Nama Baik)

– Prita Laura Vs RS Omni

• Ref :

http://www.tribunnews.com/2012/09/17/ma-e-mail-prita-– http://www.tribunnews.com/2012/09/17/ma-e-mail-prita-ke-rs-omni-bukan-pencemaran-nama-baik

(27)

Cisco – PIX Firewalls

Cisco – PIX Firewalls

http://www.cisco.com/en/US/docs/security/

(28)

Figur

Memperbarui...

Referensi

Memperbarui...

Related subjects : Keamanan Informasi