Successfully reported this slideshow.
Your SlideShare is downloading. ×

Fools your enemy with MikroTik

Oct. 16, 2016
5 likes 1,571 views
Ad
Ad
Ad
Ad
Ad
Ad
Ad
Ad
Ad
Ad
Ad
Upcoming SlideShare
PPPoE With Mikrotik and Radius
PPPoE With Mikrotik and Radius
Loading in …3
×

Check these out next

Network Monitoring System
Rofiq Fauzi
Mikrotik Network Simulator (MUM Presentation Material 2013)
Rofiq Fauzi
Wireless Project Using CAPsMAN
Aidan Venn MSc
PPPoE With Mikrotik and Radius
Dashamir Hoxha
MTCNA - MikroTik Certified Network Associate - v2
Yaser Rahmati
Mikrotik aradial-configuration-guide
backtrack78
Using mikrotik with radius
Achmad Mardiansyah
Mikro tik advanced training
Jignesh H. Bhalsod
1 of 46 Ad

Fools your enemy with MikroTik

Oct. 16, 2016
5 likes 1,571 views

Download to read offline

Internet

With the emerging security threat nowadays, we should know how to detect and analyze every possible threat to your network.

Just with simple solution we could make our MikroTik to became a powerful tool to fool the hacker.

MikroTik as Low Interaction HoneyPot.

With the emerging security threat nowadays, we should know how to detect and analyze every possible threat to your network.

Just with simple solution we could make our MikroTik to became a powerful tool to fool the hacker.

MikroTik as Low Interaction HoneyPot.

Internet
Advertisement

Recommended

PPPoE With Mikrotik and Radius
Dashamir Hoxha
16.7k views
12 slides
Open ssl certificate (https) for hotspot mikrotik
Aldi Nor Fahrudin
15.1k views
20 slides
MikroTik Security
Rofiq Fauzi
4.5k views
49 slides
Mikrotik router backup and restore process
Titas Sarker
3k views
12 slides
MikroTik Hotspot 2.0 (IEEE 802.11u) - MUM Jakarta 2016
Rofiq Fauzi
1.7k views
40 slides
BGP Security (Mum presentation 2016)
Rofiq Fauzi
1.2k views
34 slides
Mikrotik Hotspot User Manager
KHNOG
9.8k views
22 slides
Mikrotik RouterOS Security Audit Checklist by Akbar Azwir
Akbar Azwir, MM, PMP, PMI-SP, PSM I, CISSP
2.7k views
15 slides
Advertisement

More Related Content

Slideshows for you (20)

Network Monitoring System
Rofiq Fauzi
2.9k views
Mikrotik Network Simulator (MUM Presentation Material 2013)
Rofiq Fauzi
51.2k views
Wireless Project Using CAPsMAN
Aidan Venn MSc
1.9k views
PPPoE With Mikrotik and Radius
Dashamir Hoxha
16.5k views
MTCNA - MikroTik Certified Network Associate - v2
Yaser Rahmati
5k views
Mikrotik aradial-configuration-guide
backtrack78
2.3k views
Using mikrotik with radius
Achmad Mardiansyah
2.1k views
Mikro tik advanced training
Jignesh H. Bhalsod
4.7k views
Workshop IPv6 APJII Jawa Barat
Faisal Reza
2.8k views
MikroTik BGP Security - MUM 2014 (rofiq fauzi)
Rofiq Fauzi
3.7k views
HOTSPOT on MikroTik Router
KHNOG
811 views
Running BGP with Mikrotik
GLC Networks
112 views
MQTT security
Anthony Chow
1.5k views
MikroTik Internet Route Filter
Teav Sovandara
101 views
BGP on mikrotik
Achmad Mardiansyah
6.4k views
MTCNA
gurubelajarmandiri
9.5k views
Mikrotik basic configuration
Tola LENG
5.6k views
Mikrotik Hotspot
GLC Networks
235 views
OpeVPN on Mikrotik
GLC Networks
121 views
Mikrotik Tutorial
Md Sohrab Hossain Sourav
1.6k views
Network Monitoring System
Rofiq Fauzi
2.9k views
62 slides
Mikrotik Network Simulator (MUM Presentation Material 2013)
Rofiq Fauzi
51.2k views
27 slides
Wireless Project Using CAPsMAN
Aidan Venn MSc
1.9k views
25 slides
PPPoE With Mikrotik and Radius
Dashamir Hoxha
16.5k views
54 slides
MTCNA - MikroTik Certified Network Associate - v2
Yaser Rahmati
5k views
292 slides
Mikrotik aradial-configuration-guide
backtrack78
2.3k views
30 slides

Viewers also liked (17)

MikroTik Firewall : Securing your Router with Port Knocking
Akbar Azwir, MM, PMP, PMI-SP, PSM I, CISSP
25.9k views
CAPsMANv2 | Wireless APs Controller by MikroTik
Dobri Boyadzhiev
7.8k views
Detecting network virus using mikrotik
Achmad Mardiansyah
6.1k views
MikroTik MTCNA
Ali Layth
8k views
MUM Madrid 2016 - Mikrotik y Suricata
Fajar Nugroho
759 views
Hotspot on Mikrotik Router
KHNOG
1.5k views
(Mikrotik)MTCNA presentation Material-IDN
Andry Ansah
7.8k views
Trabajo Practico Nº 1.IFTS Nº1.
CELESTE UCCI
128 views
Access point redundancy, by Lorenzo Busatti - MikroTik MUM USA Las Vegas 2011
Lorenzo Busatti
241 views
Gerência fácil com RoMON
Pietro Scherer
485 views
AfterGlow
Raffael Marty
21.8k views
Mikrotik
Michał Ruta
401 views
Microsoft Office356 - prezentacja mozliwosci
Michał Ruta
528 views
mikrotik
dewi aulia
324 views
Choosing MikroTik for Your Network
Faisal Reza
4.3k views
Presentation DHCP Server
Andry Ansah
388 views
Presentation Installasi,Configuration,Troubleshot IIS Web Server
Andry Ansah
232 views
MikroTik Firewall : Securing your Router with Port Knocking
Akbar Azwir, MM, PMP, PMI-SP, PSM I, CISSP
25.9k views
28 slides
CAPsMANv2 | Wireless APs Controller by MikroTik
Dobri Boyadzhiev
7.8k views
41 slides
Detecting network virus using mikrotik
Achmad Mardiansyah
6.1k views
24 slides
MikroTik MTCNA
Ali Layth
8k views
303 slides
MUM Madrid 2016 - Mikrotik y Suricata
Fajar Nugroho
759 views
58 slides
Hotspot on Mikrotik Router
KHNOG
1.5k views
15 slides
Advertisement

Similar to Fools your enemy with MikroTik (20)

Introduction to ThousandEyes
ThousandEyes
91 views
Access RouterOS using Multi-Factor Authentication
Didiet Kusumadihardja
435 views
Luca, Marius Alexandru „BitDefender apsaugos sprendimai organizacijoms“ (Rumu...
Lietuvos kompiuterininkų sąjunga
1.9k views
Optimizing and Troubleshooting Digital Experience for a Hybrid Workforce
ThousandEyes
18 views
EMEA Optimizing and Troubleshooting Digital Experience for a Hybrid Workforce
ThousandEyes
62 views
December Patch Tuesday 2020
Ivanti
903 views
Optimizing and Troubleshooting Digital Experience for a Hybrid Workforce
ThousandEyes
111 views
Ketan H Murudkar
Ketan Murudkar
261 views
Advanced Security on Kubernetes with Istio
Shunsuke Miyoshi
198 views
Thamim
thamimul ansari
77 views
BlueHat v18 || Modern day entomology - examining the inner workings of the bu...
BlueHat Security Conference
662 views
Itn instructor ppt_chapter1 exploring the network smartskills
Tiago Monteiro
915 views
Cisco @ Conference Board of Canada: Connecting Education with the 21st century
Marc Lijour, OCT, BSc, MBA
581 views
CV_Nitin
Nitin Shingane
115 views
Andrea Zwirner - Magento security and hardening strategies
Meet Magento Italy
716 views
UTHAYAKUMAR RESUME
Uthaya Kumar
85 views
Patch Tuesday for January 2020
Ivanti
263 views
Resume
jitendra meshram
144 views
Ivanti Patch Tuesday for March 2020
Ivanti
1k views
The Boring Security Talk - Azure Global Bootcamp Melbourne 2019
kieranjacobsen
539 views
Introduction to ThousandEyes
ThousandEyes
91 views
38 slides
Access RouterOS using Multi-Factor Authentication
Didiet Kusumadihardja
435 views
29 slides
Luca, Marius Alexandru „BitDefender apsaugos sprendimai organizacijoms“ (Rumu...
Lietuvos kompiuterininkų sąjunga
1.9k views
30 slides
Optimizing and Troubleshooting Digital Experience for a Hybrid Workforce
ThousandEyes
18 views
30 slides
EMEA Optimizing and Troubleshooting Digital Experience for a Hybrid Workforce
ThousandEyes
62 views
30 slides
December Patch Tuesday 2020
Ivanti
903 views
41 slides

More from Didiet Kusumadihardja (6)

Manajemen wireless rogue
Didiet Kusumadihardja
191 views
Personally identifiable information
Didiet Kusumadihardja
1.6k views
Didiet Cyber Security Consultant Portfolio - English
Didiet Kusumadihardja
151 views
Adequate password policy
Didiet Kusumadihardja
554 views
Notifikasi penggunaan sistem
Didiet Kusumadihardja
420 views
Didiet Cyber Security Consultant Portfolio - Bahasa Indonesia
Didiet Kusumadihardja
856 views
Manajemen wireless rogue
Didiet Kusumadihardja
191 views
11 slides
Personally identifiable information
Didiet Kusumadihardja
1.6k views
12 slides
Didiet Cyber Security Consultant Portfolio - English
Didiet Kusumadihardja
151 views
15 slides
Adequate password policy
Didiet Kusumadihardja
554 views
15 slides
Notifikasi penggunaan sistem
Didiet Kusumadihardja
420 views
13 slides
Didiet Cyber Security Consultant Portfolio - Bahasa Indonesia
Didiet Kusumadihardja
856 views
15 slides
Advertisement

Recently uploaded (20)

Chapter 1 Introduction to Project Management.ppt
AhmadTawfigAlRadaide
2 views
Treatment of diabetes.docx
write31
0 views
Psychopathology of the condition the pharmacologic agents.docx
write4
0 views
loadforecasting-190205135237.pptx
LucasMogaka
1 view
Used to, past events (2).pptx
Mauricio677781
0 views
Variable and Arguments_4.pptx
Rohit Radhakrishnan
407 views
how_to_migrate_from_universal_anaytics_to_google_analytics_4_ga4_a_definitive...
sarah david
0 views
2 Laymans Course - LAMP V2.pptx
ssuser2f0fb0
2 views
Ashok Prasad (Abhishek)
hephziraj
5 views
how_to_migrate_from_universal_anaytics_to_google_analytics_4_ga4_a_definitive...
sarah david
0 views
November 2022 Calendar
DanielAzraie2
1 view
ch 3.ppt
AhmadTawfigAlRadaide
2 views
Ashok Prasad
hephziraj
5 views
SAT DNS.pptx
ismailhanzari
2 views
Significant developments in health care informatics.docx
write5
3 views
tecnología
SantiagoMercadoRiver
4 views
Public Health 101 Series from.docx
write4
0 views
Chaos Engineering - Geert van der Cruijsen.pdf
Geert van der Cruijsen
15 views
Reflect on your general education capstone experience.docx
write12
3 views
Revolutionary project.pdf
MohitSingh261735
0 views
Chapter 1 Introduction to Project Management.ppt
AhmadTawfigAlRadaide
2 views
52 slides
Treatment of diabetes.docx
write31
0 views
1 slide
Psychopathology of the condition the pharmacologic agents.docx
write4
0 views
2 slides
loadforecasting-190205135237.pptx
LucasMogaka
1 view
28 slides
Used to, past events (2).pptx
Mauricio677781
0 views
7 slides
Variable and Arguments_4.pptx
Rohit Radhakrishnan
407 views
28 slides

Fools your enemy with MikroTik

  1. 1. Fools your enemy with Mikrotik BY: DIDIET KUSUMADIHARDJA MIKROTIK USER MEETING (MUM) 2016 JAKARTA, INDONESIA 14 OCTOBER 2016
  2. 2. About Me Didiet Kusumadihardja 1. IT Security Specialist  PT. Mitra Solusi Telematika 2. Trainer & IT Consultant  Arch Networks MTCNA, MTCINE, MTCWE, MTCUME, MTCTCE, MTCRE Didiet Kusumadihardja - didiet@arch.web.id 2
  3. 3. PT. Mitra Solusi Telematika Didiet Kusumadihardja - didiet@arch.web.id 3 Gedung TMT 2. GF Jl. Cilandak KKO Jakarta
  4. 4. Global IT Security Incident Didiet Kusumadihardja - didiet@arch.web.id 4
  5. 5. Global IT Security Incident 2014 Didiet Kusumadihardja - didiet@arch.web.id 5 Entire Network Canceled
  6. 6. Global IT Security Incident 2015 Didiet Kusumadihardja - didiet@arch.web.id 6 3 Tahun di Hack ( 2012 – 2015)
  7. 7. Global IT Security Incident 2016 Didiet Kusumadihardja - didiet@arch.web.id 7 500 Juta Account 3 Miliar Account ??? Source: Tech Times
  8. 8. Indonesia IT Security Incident Didiet Kusumadihardja - didiet@arch.web.id 8
  9. 9. Didiet Kusumadihardja - didiet@arch.web.id 9 Source: Akamai INDONESIA IS SAFE?
  10. 10. Indonesia IT Security Incident 2013 Didiet Kusumadihardja - didiet@arch.web.id 10 polri.go.id 2013 Deface Motive: Fame?
  11. 11. Indonesia IT Security Incident 2016 Didiet Kusumadihardja - didiet@arch.web.id 11 Teman Ahok DDoS Attack Motive: Politics?
  12. 12. Indonesia IT Security Incident 2016 Didiet Kusumadihardja - didiet@arch.web.id 12 Videotron Kebayoran Baru Jakarta Selatan Motive: Curiosity?
  13. 13. Source: Carnegie Mellon UniversityDidiet Kusumadihardja - didiet@arch.web.id 13 IT Security Trends Gak Perlu Pinter Buat Hacking
  14. 14. Hacking Tools Example Didiet Kusumadihardja - didiet@arch.web.id 14 Cain & Abel Kali Linux
  15. 15. Didiet Kusumadihardja - didiet@arch.web.id 15 Source: SCMagazine Modern Business Cybercrime as a Service (CaaS)
  16. 16. How Hackers do it? Didiet Kusumadihardja - didiet@arch.web.id 16
  17. 17. Hacking Phase 1.Reconnaissance 2.Scanning 3.Gaining Access 4.Maintaining Access 5.Clearing Tracks Source: Ethical Hacking by EC-CouncilDidiet Kusumadihardja - didiet@arch.web.id 17
  18. 18. Hacking Phase (Cont’d) 1.Reconnaissance 2.Scanning 3.Gaining Access 4.Maintaining Access 5.Clearing Tracks Information Gathering OS Detail Open Port Version Device Type Application Vulnerability Exploit Vulnerability Escalate Privilege Backdoors Delete/overwrite Event/Logs Data harvesting Didiet Kusumadihardja - didiet@arch.web.id 18
  19. 19. Hacking Phase Analogy 1.Reconnaissance 2.Scanning 3.Gaining Access 4.Maintaining Access 5.Clearing Tracks Didiet Kusumadihardja - didiet@arch.web.id 19
  20. 20. When we fools them? 1.Reconnaissance 2.Scanning 3.Gaining Access 4.Maintaining Access 5.Clearing Tracks Didiet Kusumadihardja - didiet@arch.web.id 20
  21. 21. Why at Scanning Phase? Didiet Kusumadihardja - didiet@arch.web.id 21 TELNET SSH
  22. 22. Scanning Tools SoftPerfect Network Scanner The Dude Didiet Kusumadihardja - didiet@arch.web.id 22
  23. 23. How to fools them? Didiet Kusumadihardja - didiet@arch.web.id 23
  24. 24. Use a bait Didiet Kusumadihardja - didiet@arch.web.id 24 Honey Pot Hacker Bait
  25. 25. Web Server Example Web Server HTTP HTTPS = Didiet Kusumadihardja - didiet@arch.web.id 25
  26. 26. Confuse your enemy Didiet Kusumadihardja - didiet@arch.web.id 26 HTTP HTTPS
  27. 27. Server Farm Network Example 192.168.1.2  DNS Server 192.168.1.5  Web Server 192.168.1.10  DB Server 192.168.1.15  Mail Server SERVER X Didiet Kusumadihardja - didiet@arch.web.id 27 192.168.1.0/24
  28. 28. Confuse your enemy 192.168.1.1  Fake Server 1 192.168.1.2  DNS Server 192.168.1.3  Fake Server 2 192.168.1.4  Fake Server 3 192.168.1.5  Web Server 192.168.1.6  Fake Server 4 192.168.1.7  Fake Server 5 192.168.1.8  Fake Server 6 192.168.1.9  Fake Server 7 192.168.1.10  DB Server 192.168.1.11  Fake Server 8 192.168.1.12  Fake Server 9 192.168.1.13  Fake Server 10 192.168.1.14  Fake Server 11 192.168.1.15  Mail Server Didiet Kusumadihardja - didiet@arch.web.id 28 192.168.1.0/24
  29. 29. How we do it with Mikrotik? Didiet Kusumadihardja - didiet@arch.web.id 29
  30. 30. NAT (Network Address Translation) Didiet Kusumadihardja - didiet@arch.web.id 30
  31. 31. Fake NAT Didiet Kusumadihardja - didiet@arch.web.id 31
  32. 32. Fake Ports at your Web Server HTTP & HTTPS to Legitimate Server Other Ports to Fake Server Didiet Kusumadihardja - didiet@arch.web.id 32
  33. 33. Simple NAT for Web Server INTERNET ROUTER WEB SERVER 192.168.2.3 Chain Action NAT (Port Mapping) Didiet Kusumadihardja - didiet@arch.web.id 33
  34. 34. Add Additional NAT for Bait Web Server 192.168.2.3 Fake Server (Honey Pot) 192.168.2.4 Didiet Kusumadihardja - didiet@arch.web.id 34 Chain Action
  35. 35. Fake Server at your Server Farm Network Only one legitimate server Others are Fake Server Didiet Kusumadihardja - didiet@arch.web.id 35
  36. 36. Another Example Web Server 192.168.2.3 Fake Server (Honey Pot) 192.168.2.4 Didiet Kusumadihardja - didiet@arch.web.id 36 Chain Action
  37. 37. Combine with Honey Pot Didiet Kusumadihardja - didiet@arch.web.id 37 KFSensor Others HoneyPot: Honeyd, Kippo, Dionaea, Nepenthes
  38. 38. What Hacker See (NMAP) Before After Didiet Kusumadihardja - didiet@arch.web.id 38 Nmap / Zenmap
  39. 39. What Hacker See (SoftPerfect NetScan) Before After Didiet Kusumadihardja - didiet@arch.web.id 39 SoftPerfect Network Scanner
  40. 40. I don’t want to use HoneyPot Didiet Kusumadihardja - didiet@arch.web.id 40 Step 1: Chain Step 2: Action
  41. 41. What we see, If someone PING Didiet Kusumadihardja - didiet@arch.web.id 41 SRC-MAC ADDRESS SRC-IP ADDRESS
  42. 42. What we see, If someone NMAP Didiet Kusumadihardja - didiet@arch.web.id 42 Mikrotik LOG:
  43. 43. The Dude, Hotspot & Userman Didiet Kusumadihardja - didiet@arch.web.id 43 IP Address  MAC Address  User ID  Person
  44. 44. Use Case 1 Didiet Kusumadihardja - didiet@arch.web.id 44 Internet Café (WARNET) University Office Insider Threat
  45. 45. Use Case 2 Didiet Kusumadihardja - didiet@arch.web.id 45 Analytics For Fun Learn hacking method from hacker / script kiddies Research http://public.honeynet.id (Low Interaction Honeypot) (High Interaction Honeypot)
  46. 46. Thank you . . Question? DIDIET KUSUMADIHARDJA didiet@arch.web.id http://didiet.arch.web.id/ https://www.facebook.com/ArchNetID/ Didiet Kusumadihardja - didiet@arch.web.id 46

Editor's Notes

  • GREETINGS!

×