Your SlideShare is downloading. ×
Network security
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Network security

1,173

Published on

Technical Workshop Materials about Network Security for BBPT

Technical Workshop Materials about Network Security for BBPT

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
1,173
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
69
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. NETWORK SECURITYTEKNIS PELATIHAN KEAMANAN INFORMASI AHMAD MUAMMAR !(C)2011 | @Y3DIPS
  • 2. AGENDANETWORK LAYERINTERNET PROTOCOL IPV 4 IPV 6 IPSECNETWORK PACKET INSPECTION AHMAD MUAMMAR !(C)2011 | @Y3DIPS
  • 3. AGENDAATTACKING IP V4 PASSIVE ACTIVECOMMON TYPES OF ATTACK + HANDS ON EAVESDROPPING SNIFFER ATTACK AHMAD MUAMMAR !(C)2011 | @Y3DIPS
  • 4. AGENDACOMMON TYPES OF ATTACK SPOOFING TUNNELING MAN-IN-THE-MIDDLE (MITM) ATTACK DENIAL OF SERVICE ATTACKDEFENCE AHMAD MUAMMAR !(C)2011 | @Y3DIPS
  • 5. NETWORK LAYER NO. 3 FROM OSI MODEL PROVIDES THE FUNCTIONAL AND PROCEDURAL MEANS OF TRANSFERING VARIABLE LENGTH DATA SEQUENCES FROM SOURCE HOST TO A DESTINATION ON ONE NETWORK TO ANOTHER, WHILE MAINTAINING THE QOS REQUESTED BY TRANSPORT LAYER FUCTION: PATH DETERMINATION AND LOGICAL ADRESSING; DATA UNIT : PACKET/DATAGRAM IP (IPV4, IPV6), ICMP, IPSEC, IGMP, IPX, APPLE TALK[1]: WIKIPEDIA.ORG AHMAD MUAMMAR !(C)2011 | @Y3DIPS
  • 6. OSI 7 LAYER[1]: WIKIPEDIA.ORG AHMAD MUAMMAR !(C)2011 | @Y3DIPS
  • 7. INTERNET PROTOCOL RESPONSIBLE FOR ADDRESSING HOSTS AND ROUTING DATAGRAM (PACKETS) FROM A SOURCE HOST TO DESTINATION HOST ACCROSS ONE OR MORE IP NETWORK.[1]: WIKIPEDIA.ORG AHMAD MUAMMAR !(C)2011 | @Y3DIPS
  • 8. IPV4 FOURTH REVISION IN THE DEVELOPMENT OF IP AND THE FIRST VERSION OF THE PROTOCOL WIDELY DEPLOYED CONNECTIONLESS, NOT GUARANTEE DELIVERY, NOT ASSURING PROPER SEQUENCE OR AVOIDANCE OF DUPLICATE DELIVERY, 32 BIT = 192.168.0.1 IPSEC IS OPTIONAL[1]: WIKIPEDIA.ORG AHMAD MUAMMAR !(C)2011 | @Y3DIPS
  • 9. IPV 6SUCCESSOR OF IPV4 WITH MORE “BETTER”IMPROVEMENTS NEW PACKET HEADER MULTICAST (MULTIPLE DESTINATION IN SINGLE OPERATION) STATELESS ADDRESS AUTO CONFIGURATION LARGER ADDRESS SPACE 128 BIT = 2001:0db8:85a3:0000:0000:8a2e:0370:7334 IPSEC SUPPORT IS MANDATORY AHMAD MUAMMAR !(C)2011 | @Y3DIPS
  • 10. IPSECPROTOCOL SUITE FOR SECURING INTERNET PROTOCOL(IP) COMMUNICATIONS BY AUTHENTICATING ANDENCRYPTINH EACH IP PACKET OF A COMMUNICATIONSESSION.END-TO-END SECURITY SCHEMEPROTECT ANY APPLICATION TRAFFIC ACCROSS IPNETWORKAUTHENTICATION HEADER (AH), ENCAPSULATINGSECURITY PAYLOAD (ESP), SECURITY ASSOCIATIONS(SA) AHMAD MUAMMAR !(C)2011 | @Y3DIPS
  • 11. IPV4 V.S IPV6 AHMAD MUAMMAR !(C)2011 | @Y3DIPS
  • 12. NETWORK PACKET INSPECTION AHMAD MUAMMAR !(C)2011 | @Y3DIPS
  • 13. HANDS ONWIRESHARK PACKET INSPECTION AHMAD MUAMMAR !(C)2011 | @Y3DIPS
  • 14. ATTACKING IPV4SECURITY ISSUE LIES ON INTERNET PROTOCOL(NETWORK LAYER), NO AUTH AND ENCRYPTIONIPSEC OPTIONALUPPER LAYER, CREATED WITHOUT SECURITYCONSIDERATIONS, TCP PROTOCOLS: FTP, TELNET, SMTP, POP3 AHMAD MUAMMAR !(C)2011 | @Y3DIPS
  • 15. ATTACKING IPV4PASSIVE : NETWORK PACKET INFORMATION MIGHT BEMONITORED;ACTIVE: NETWORK PACKET INFORMATION IS ALTEREDIN INTENT TO MODIFY, CORRUPT, OR DESTROY TEHDATA OR THE NETWORK. AHMAD MUAMMAR !(C)2011 | @Y3DIPS
  • 16. EAVESDROPPINGTHE MAJORITY OF NETWORK COMMUNICATIONS OCCURIN UNSECURED OR “CLEARTEXT” FORMATTHE ABILITY TO MONITOR THE NETWORKCOMMUNICATION IS THE BIGGEST SECURITY PROBLEMSTHAT WE’VE FACEDHUB NETWORK DEVICE, ACCESS TO THE GATEWAY/ROUTER DEVICE AHMAD MUAMMAR !(C)2011 | @Y3DIPS
  • 17. SNIFFER ATTACKSNIFFER IS AN APPLICATION OR DEVICE THAT CAN READ,MONITOR, AND CAPTURE NETWORK PACKET. IF PACKET NOT ENCRYPTED THE ATTACKER CAN VIEW FULL DATA INSIDE THE PACKET IF PACKET ENCRYPTED THE ATTACKER NEED TO CREATE/USE/HAVE A VALID KEYTUNNEL ONLY PACKET CAN ALSO BE BROKEN OPEN ANDREAD AHMAD MUAMMAR !(C)2011 | @Y3DIPS
  • 18. SNIFFER ATTACKTCPDUMPWIRESHARK (FORMERLY ETHEREAL)ETTERCAPCAIN AND ABELDSNIFF AHMAD MUAMMAR !(C)2011 | @Y3DIPS
  • 19. HANDS ONWIRESHARK RECOVERY AHMAD MUAMMAR !(C)2011 | @Y3DIPS
  • 20. SPOOFING SPOOF = MASQUEARADE[1] IS A SITUATION IN WHICH A PROGRAM SUCCESSFULLY MASQUARADES AS ANOTHER BY FALSIFYING DATA AND THEREBY GAINING AN ILLEGITIMATE ADVANTAGE[2][1]: RFC4949[2]: WIKIPEDIA.ORG AHMAD MUAMMAR !(C)2011 | @Y3DIPS
  • 21. SPOOFING IPSPOOFING, E.G: MODIFY SOURCE ADDRESS A COMMON MISCONCEPTION: IP SPOOFING CAN BE USED TO HIDE IP ADDRESS WHILE SURFING THE INTERNET, CHATTING, ON-LINE, AND SO FORTH. THIS IS GENERALLY NOT TRUE. FORGING THE SOURCES IP ADDRESS CAUSES THE RESPONSES TO BE MISDIRECTED, MEANING CANNOT CREATE NORMAL NETWORK CONNECTION.[1] USUALLY COMBINE WITH NETWORK DOS/DDOS ATTACK[1]: ISS.NET AHMAD MUAMMAR !(C)2011 | @Y3DIPS
  • 22. HANDS ON MAC SPOOFINGIFCONFIG (IFACE) HW ETHER (NEW MAC) AHMAD MUAMMAR !(C)2011 | @Y3DIPS
  • 23. TUNNELING TUNNEL IS A COMMUNICATION CHANNEL CREATED IN A COMPUTER NETWORK BY ENCAPSULATING (I.E., LAYERING) A COMMUNICATION PROTOCOL’S DATA PACKETS IN (I.E., ABOVE) A SECOND PROTOCOL THAT NORMALLY WOULD BE CARRIED ABOVE, OR AT THE SAME LAYER AS, THE FIRST ONE. [1] HTTP, SSH, DNS, ICMP SSH FOO@DOO -D PORT[1]: RFC4949 AHMAD MUAMMAR !(C)2011 | @Y3DIPS
  • 24. HANDS ONHTTP OVER SSH (SSH TUNNELING) AHMAD MUAMMAR !(C)2011 | @Y3DIPS
  • 25. MAN-IN-THE-MIDDLEA FORM OF ATTACK IN WHICH THE ATTACKER MAKESINDEPENDENT CONNECTIONS WITH THE VICTIMS ANDRELAYS MESSAGES BETWEEN THEM, MAKING THEMBELIEVE THAT THEY ARE TALKING DIRECTLY TO EACHOTHER , WHEN IN FACT THE ENTIRE CONVERSATIONCONTROLLED BY THE ATTACKER.ATTACKER IMPERSONATE EACH ENDPOINT TO THESATISFACTION OF THE OTHER AHMAD MUAMMAR !(C)2011 | @Y3DIPS
  • 26. MAN-IN-THE-MIDDLE AHMAD MUAMMAR !(C)2011 | @Y3DIPS
  • 27. HANDS ONMAN-IN-THE-MIDDLE (MITM) USING CAIN ABEL AHMAD MUAMMAR !(C)2011 | @Y3DIPS
  • 28. DENIAL OF SERVICE THE PREVENTION OF AUTHORIZED ACCESS TO A SYSTEM RESOURCE OR THE DELAYING OF SYSTEM OPERATIONS AND FUNCTION. [1] PING OF DEATH (ICMP FLOODING), SYNFLOOD DISTRIBUTED DOS, BOT NET[1]: RFC4949 AHMAD MUAMMAR !(C)2011 | @Y3DIPS
  • 29. DENIAL OF SERVICEDOS ATTACKER MAY: ATTEMPT TO FLOOD A NETWORK, THEREBY PREVENTING LEGITIMATE NETWORK TRAFFIC ATTEMPT TO DISRUPT CONNECTIONS BETWEEN TWO MACHINES, THEREBY PREVENTING ACCESS TO SERVICE ATTEMPT TO PREVENT PARTICULAR INDIVIDUAL FROM ACCESING A SERVICE ATTEMPT TO DISRUPT SERVICE TO A SPECIFIC SYSTEM. AHMAD MUAMMAR !(C)2011 | @Y3DIPS
  • 30. DENIAL OF SERVICE AHMAD MUAMMAR !(C)2011 | @Y3DIPS
  • 31. HANDS ON EXAMPLE DOS AHMAD MUAMMAR !(C)2011 | @Y3DIPS
  • 32. DEFENCEEDUCATE USERUSING IPSEC (IPV6)IMPLEMENT BEST POLICYCONFIGURING FIREWALL, IDS, IPSREGULARLY AUDITS AHMAD MUAMMAR !(C)2011 | @Y3DIPS
  • 33. DISCUSSION AHMAD MUAMMAR !(C)2011 | @Y3DIPS
  • 34. NETWORK SECURITYTEKNIS PELATIHAN KEAMANAN INFORMASI AHMAD MUAMMAR !(C)2011 | @Y3DIPS

×