Download - 05 tk3193-sniffing & dos
![Page 1: 05 tk3193-sniffing & dos](https://reader034.vdocuments.pub/reader034/viewer/2022050812/5a64ceac7f8b9a88148b54b9/html5/thumbnails/1.jpg)
SETIA JULI IRZAL ISMAIL,[email protected]
TK 3193-KEAMANAN JARINGAN Semester Ganjil 2017/2018
SNIFFING & DOS
Hanya dipergunakan untuk kepentingan pengajaran di lingkungan Telkom University
![Page 2: 05 tk3193-sniffing & dos](https://reader034.vdocuments.pub/reader034/viewer/2022050812/5a64ceac7f8b9a88148b54b9/html5/thumbnails/2.jpg)
SNIFFINGlogin:
asep
passwd:########
SNIFFERAsep Server
![Page 3: 05 tk3193-sniffing & dos](https://reader034.vdocuments.pub/reader034/viewer/2022050812/5a64ceac7f8b9a88148b54b9/html5/thumbnails/3.jpg)
SNIFFING
Sniffing merupakan usaha untuk
membaca dan menganalisa
paket yang lewat di jaringan
menggunakan program packet
sniffing
![Page 4: 05 tk3193-sniffing & dos](https://reader034.vdocuments.pub/reader034/viewer/2022050812/5a64ceac7f8b9a88148b54b9/html5/thumbnails/4.jpg)
SNIFFING (2)
Paket Broadcast
Ethernet
Sniffing password
Email - plaintext
![Page 5: 05 tk3193-sniffing & dos](https://reader034.vdocuments.pub/reader034/viewer/2022050812/5a64ceac7f8b9a88148b54b9/html5/thumbnails/5.jpg)
Target SNIFFING
•passwords•email• Informasi e-banking • Informasi rahasia• low-level protocol info •hardware addresses• IP addresses•routing, etc
![Page 6: 05 tk3193-sniffing & dos](https://reader034.vdocuments.pub/reader034/viewer/2022050812/5a64ceac7f8b9a88148b54b9/html5/thumbnails/6.jpg)
Pencegahan Sniffing
•Segmentasi jaringan •Bridges•switches•Mencegah transmisi password•Membatasi akses ke perangkat jaringan•Enkripsi password•Kerberos, PGP
![Page 7: 05 tk3193-sniffing & dos](https://reader034.vdocuments.pub/reader034/viewer/2022050812/5a64ceac7f8b9a88148b54b9/html5/thumbnails/7.jpg)
Spoofing
Asep Beni Deden
Deden apa kabar ?
Ya saya sehat
![Page 8: 05 tk3193-sniffing & dos](https://reader034.vdocuments.pub/reader034/viewer/2022050812/5a64ceac7f8b9a88148b54b9/html5/thumbnails/8.jpg)
Spoofing
spoofing (fooling, deceiving), penyerang berpura-pura menjadi user lain
![Page 9: 05 tk3193-sniffing & dos](https://reader034.vdocuments.pub/reader034/viewer/2022050812/5a64ceac7f8b9a88148b54b9/html5/thumbnails/9.jpg)
Macam Spoofing
•ARP Spoofing/MAC Spoofing• IP Spoofing•Email Spoofing•Web Spoofing
![Page 10: 05 tk3193-sniffing & dos](https://reader034.vdocuments.pub/reader034/viewer/2022050812/5a64ceac7f8b9a88148b54b9/html5/thumbnails/10.jpg)
Pertahanan
• IP Spoofing•Menerapkan rules firewall yang baik•Membatasi akses ke perangkat jaringan•Monitor dengan arpwatch• Konfigurasi ulang router (disable source routing)
•Web spoofing• Certificate• Secure page•Matikan java, javascript dan active x• Perhatikan address bar
![Page 11: 05 tk3193-sniffing & dos](https://reader034.vdocuments.pub/reader034/viewer/2022050812/5a64ceac7f8b9a88148b54b9/html5/thumbnails/11.jpg)
DOS attack
• DoS (denial-of-service) adalah serangan terhadap sebuah komputer atau server di dalam jaringan dengan cara menghabiskan sumber (resource) yang dimiliki oleh komputer tersebut sampai komputer tersebut tidak dapat menjalankan fungsinya dengan benar sehingga secara tidak langsung mencegah pengguna lain untuk memperoleh akses layanan dari komputer yang diserang
![Page 12: 05 tk3193-sniffing & dos](https://reader034.vdocuments.pub/reader034/viewer/2022050812/5a64ceac7f8b9a88148b54b9/html5/thumbnails/12.jpg)
Cara kerja DOS attack
•Traffic Flooding•Request Flooding
![Page 13: 05 tk3193-sniffing & dos](https://reader034.vdocuments.pub/reader034/viewer/2022050812/5a64ceac7f8b9a88148b54b9/html5/thumbnails/13.jpg)
Jenis DOS attack
•Buffer Overflow•Syn Attack•Teardrop•Smurf Attack• Icmp Flooding
![Page 14: 05 tk3193-sniffing & dos](https://reader034.vdocuments.pub/reader034/viewer/2022050812/5a64ceac7f8b9a88148b54b9/html5/thumbnails/14.jpg)
tools
•Bonk•Land•Smurf•Snork •Winnuke•Teardrop
![Page 15: 05 tk3193-sniffing & dos](https://reader034.vdocuments.pub/reader034/viewer/2022050812/5a64ceac7f8b9a88148b54b9/html5/thumbnails/15.jpg)
DDOS
• Distributed Denial Of Service (DDos) adalah serangan denial of service yang menggunakan banyak host penyerang (baik itu menggunakan komputer yang didedikasikan untuk melakukan penyerangan atau komputer yang "dipaksa" menjadi zombie) untuk menyerang satu buah host target dalam sebuah jaringan.
![Page 16: 05 tk3193-sniffing & dos](https://reader034.vdocuments.pub/reader034/viewer/2022050812/5a64ceac7f8b9a88148b54b9/html5/thumbnails/16.jpg)
DDOS
![Page 17: 05 tk3193-sniffing & dos](https://reader034.vdocuments.pub/reader034/viewer/2022050812/5a64ceac7f8b9a88148b54b9/html5/thumbnails/17.jpg)
Tools DDOS
•TFN•TFN2K•Trinoo•Stacheldraht
![Page 18: 05 tk3193-sniffing & dos](https://reader034.vdocuments.pub/reader034/viewer/2022050812/5a64ceac7f8b9a88148b54b9/html5/thumbnails/18.jpg)
Penanggulangan DDOS
•Membatasi lalu lintas jaringan• Intrusion Detection System•Tool Audit Host dan Jaringan
![Page 19: 05 tk3193-sniffing & dos](https://reader034.vdocuments.pub/reader034/viewer/2022050812/5a64ceac7f8b9a88148b54b9/html5/thumbnails/19.jpg)
REFERENSI
1.Engebretson, P. (2011). The Basic of Hacking and Penetration Testing: Ethical Hacking and Penetration Testing Made Easy. Syngress.
2.Singh, S. (1999). Code Book- The Science of Secrecy from Ancient Egypt to Quantum Cryptography. Anchorbooks.
3.Stallings, W. (2010). Network Security Essentials:Applications and Standards 4th Edition. Prentice Hall.
4.Wheeler, E. (2011). Security Risk Management: Building an Information Security Risk Management Program from the Ground up. Elsevier.
5.Beale, J. (2007). Snort IDS and IPS Toolkit. Syngress.6.Harris, S. (2010). CISSP All in One Exam Guide, 5th Edition. McGraw
Hill.7.Rash, M. (2007). Linux Firewalls: Attack Detection and Response
with Iptables, psad and fwsnort. No Starch.8.Walker, M. (2010). CEH Certified Ethical Hacker All-in-One. McGraw
Hill.