Presentasi sedang didownload. Silahkan tunggu

Presentasi sedang didownload. Silahkan tunggu

Proses Serangan terhadap Jaringan Komputer. Reconnaissance dan footprinting Scanning Enumerasi Mendapatkan Akses Eskalasi Membuat Backdoor dan menyembunyikan.

Presentasi serupa


Presentasi berjudul: "Proses Serangan terhadap Jaringan Komputer. Reconnaissance dan footprinting Scanning Enumerasi Mendapatkan Akses Eskalasi Membuat Backdoor dan menyembunyikan."— Transcript presentasi:

1 Proses Serangan terhadap Jaringan Komputer

2 Reconnaissance dan footprinting Scanning Enumerasi Mendapatkan Akses Eskalasi Membuat Backdoor dan menyembunyikan jejak

3

4 Reconnaissance Fase persiapan awal Mencari informasi sebanyak-banyaknya mengenai target/korban sebelum melakukan serangan Informasi bisa didapat dari target/korban maupun tempat lain yg terkait dengan terkait/korban

5 footprinting Cetak biru dari profile korban/target Fase ini memakan waktu 90% dari attacker dalam melakukan aksinya (10% untuk menyerang target) Foot-printing perlu dibuat secara sistematik untuk memastikan semua informasi yg terkumpul dan akan digunakan terkait dengan target

6

7 Registrant: PT Kompas Media Nusantara Jalan Palmerah Selatan Jakarta, Jakarta ID Domain name: KOMPAS.COM Administrative Contact: Division, Internet Jalan Palmerah Selatan Jakarta, Jakarta ID 1(888) Technical Contact: Administration, VIC DNS P.O. Box Knoxville, TN US Fax: Registration Service Provider: Virtual Interactive Center, (fax) Please contact us for domain login/passwords, DNS/Nameserver changes, and general domain support questions. Registrar of Record: TUCOWS, INC. Record last updated on 09-Dec Record expires on 17-Dec Record created on 18-Dec Domain servers in listed order: NS.VIC.COM NS2.VIC.COM Domain status: ACTIVE KOMPAS.COM

8 Scanning Scanning can be compared to a thief checking all the doors and windows of a house he wants to break into. Scanning- The art of detecting which systems are alive and reachable via the internet and what services they offer, using techniques such as ping sweeps, port scans and operating system identification, is called scanning. The kind of information collected here has to do with the following: 1) TCP/UDP services running on each system identified. 2) System architecture (Sparc, Alpha, x86) 3) Specific IP address of systems reachable via the internet. 4) Operating System type.

9 PING SWEEPS ICMP SWEEPS ICMP ECHO request ICMP ECHO reply Target alive Intruder Querying multiple hosts – Ping sweep is fairly slow Examples UNIX – fping and gping WINDOWS - Pinger

10 Broadcast ICMP Intruder Network ICMP ECHO request ICMP ECHO reply Can Distinguish between UNIX and WINDOWS machine UNIX machine answers to requests directed to the network address. WINDOWS machine will ignore it.

11 PING SWEEPS NON – ECHO ICMP Example ICMP Type 13 – (Time Stamp) Originate Time Stamp - The time the sender last touched the message before sending Receive Time Stamp - The echoer first touched it on receipt. Transmit Time Stamp - The echoer last touched on sending it.

12 PING Sweeps TCP Sweeps Server Client C(SYN:PortNo & ISN) S (SYN & ISN) + ACK[ C (SYN+!) ] RESET (not active) S(ISN+1) When will a RESET be sent? When RFC does not appear correct while appearing. RFC = (Destination (IP + port number) & Source( IP & port number))

13 Port Scanning Types TCP Connect() Scan SYN packet SYN/ACK listening RST/ACK (port not listening) SYN/ACK A connection is terminated after the full length connection establishment process has been completed

14 14 Enumeration Enumeration extracts information about: –Resources or shares on the network –User names or groups assigned on the network –Last time user logged on –User’s password Before enumeration, you use Port scanning and footprinting –To Determine OS being used Intrusive process


Download ppt "Proses Serangan terhadap Jaringan Komputer. Reconnaissance dan footprinting Scanning Enumerasi Mendapatkan Akses Eskalasi Membuat Backdoor dan menyembunyikan."

Presentasi serupa


Iklan oleh Google