Nama Kelompok : 1.Arini Sukmawati (118090009) 2.Arif Rahman F. (118090012) 3.Muhammad Reggi H. (118090013) IK-33-01.

Slides:



Advertisements
Presentasi serupa
Slide 3-1 Elmasri and Navathe, Fundamentals of Database Systems, Fourth Edition Revised by IB & SAM, Fasilkom UI, 2005 Exercises Apa saja komponen utama.
Advertisements

Mengamankan Sistem Informasi
Pemrograman Internet Mobile 7 PHP: Hypertext Preprocessors.
2. Introduction to Algorithm and Programming
Alg&Pemrog 2B Sistem Komputer Variable  Variable dapat didefinisikan sebagai bagian dari memory untuk menyimpan nilai yang telah ditentukan.  Setiap.
PERTEMUAN IV PENGANTAR APLIKASI KOMPUTER
Penerapan Health Level 7 (HL7) pada Radiology Information System (RIS)
Sistem – Sistem Bilangan, Operasi dan kode
K-Map Using different rules and properties in Boolean algebra can simplify Boolean equations May involve many of rules / properties during simplification.
Keamanan Data dan Jaringan Komputer
Edi Rosadi, SKom Perancangan Intranet dan Internet.
Mengamankan Sistem Informasi
Perancangan Database Pertemuan 07 s.d 08
1 DATA STRUCTURE “ STACK” SHINTA P STMIK MDP APRIL 2011.
BAGIAN III Lapisan Data Link.
PRAKTIKUM 3 PEMROGRAMAN BASIS DATA. Menghapus baris  Deleting rows- DELETE FROM Use the DELELE FROM command to delete row(s) from a table, with the following.
VIRUS KOMPUTER OLEH: WEMPI NAVIERA, SAB. Apa itu Virus? Virus komputer merupakan program komputer yang dapat menggandakan atau menyalin dirinya sendiri.
Oleh Agus Prihanto, ST, M.Kom
1 Pertemuan 12 Pengkodean & Implementasi Matakuliah: T0234 / Sistem Informasi Geografis Tahun: 2005 Versi: 01/revisi 1.
Electronic Engineering Polytechnic Institut of Surabaya – ITS Kampus ITS Sukolilo Surabaya Portsentry.
1 Pertemuan 7 Name and Address Conversion Matakuliah: H0483 / Network Programming Tahun: 2005 Versi: 1.0.
Memory and Storage Chapter 24 Subject: Digital System Year: 2009.
PERTEMUAN KE-6 UNIFIED MODELLING LANGUAGE (UML) (Part 2)
Bina Nusantara Mata Kuliah: K0194-Pemodelan Matematika Terapan Tahun : 2008 Aplikasi Model Markov Pertemuan 22:
Verb Tense Tense denotes the time of the action indicated by a verb. The time is not always the same as that indicated by the name of the tense.
1 Pertemuan 5 Komunikasi antar Proses / Interprocess Communication (IPC) Matakuliah: T0316/sistem Operasi Tahun: 2005 Versi/Revisi: 5 OFFCLASS01.
1 Pertemuan > > Matakuliah: >/ > Tahun: > Versi: >
Bayu Priyambadha, S.Kom.  Classes, which are the "blueprints" for an object and are the actual code that defines the properties and methods.  Objects,
9.3 Geometric Sequences and Series. Objective To find specified terms and the common ratio in a geometric sequence. To find the partial sum of a geometric.
Network Design (IP Address dan Subnetting). Tujuan Mengenal IP Address, bisa mengidentifikasinya dan bisa menggunakannya dalam membangun jaringan. Bisa.
Chapter 10 – The Design of Feedback Control Systems PID Compensation Networks.
IP Addressing Laboratorium Teknik Informatika Universitas Gunadarma Stefanus Vlado Adi Kristanto Version 1.4.
Penutup MS.ExcelProfilKesimpulan KELOMPOK 8 KA 11.2A.04 BINA SARANA INFORMATIKA JL.Cut Mutia No.88 Bekasi STATISTIKA DESKRIPTIF.
Jartel, Sukiswo Sukiswo
EIS (Executive Information Systems)
Teknik. Pemrog. Terstruktur 2
KOMUNIKASI DATA Materi Pertemuan 9.
CARA KERJA WEB Rofilde Hasudungan.
Wired and Wireless Network
DOS & DDOS PENGAMANAN SISTEM JARINGAN
Keamanan Sistem Operasi
Keamanan Sistem Operasi
INTRODUCTION TO OPERATING SYSTEM
AKT211 – CAO 08 – Computer Memory (2)
Kode Hamming.
Pertemuan <<18>> << Penemuan Fakta(01) >>
Website WEB World Wide Web www W3 A set of interconnected webpages, usually including a homepage, generally located on the same server, and prepared.
REAL NUMBERS EKSPONENT NUMBERS.
EIS (Executive Information Systems)
Pengantar Teknologi Informasi Introduction to Computers and Networks
Master data Management
Database User Account.
IPv6.
1 © 2004, Cisco Systems, Inc. All rights reserved. Module 2 Single-Area OSPF.
How to Set Up AT&T on MS Outlook ATT is a multinational company headquartered in Texas. ATT services are used by many people widely across.
How You Can Make Your Fleet Insurance London Claims Letter.
Things You Need to Know Before Running on the Beach.
Don’t Forget to Avail the Timely Offers with Uber
Keamanan Sistem Operasi
Teknik. Pemrog. Terstruktur 2
Keamanan Informasi dan Administrasi Jaringan
Keamanan Informasi Week 9. Remote connection, SSL.
THE INFORMATION ABOUT HEALTH INSURANCE IN AUSTRALIA.
Lesson 2-1 Conditional Statements 1 Lesson 2-1 Conditional Statements.
HughesNet was founded in 1971 and it is headquartered in Germantown, Maryland. It is a provider of satellite-based communications services. Hughesnet.
 Zoho Mail offers easy options to migrate data from G Suite or Gmail accounts. All s, contacts, and calendar or other important data can be imported.
Fix problems opening Norton  Fix problems opening Norton This problem can happen after you update Norton. To fix the matter, restart the computer. Fix.
If you are an user, then you know how spam affects your account. In this article, we tell you how you can control spam’s in your ZOHO.
Wednesday/ September,  There are lots of problems with trade ◦ There may be some ways that some governments can make things better by intervening.
Transcript presentasi:

Nama Kelompok : 1.Arini Sukmawati ( ) 2.Arif Rahman F. ( ) 3.Muhammad Reggi H. ( ) IK-33-01

PASSWORD ATTACK

Password cracking is the process of recovering passwords from data that has been stored in or transmitted by a computer system

●Serangan Sandi ditandai oleh serangkaian login gagal dalam waktu singkat oleh seorang penyerang. ●Pengguna akan mendapatkan catatan di layar tentang berapa banyak usaha yang gagal di account Anda. ●Dalam hal ini terjadi, Anda harus segera mengubah sandi Anda.

Passwords to access computer systems are usually stored in a database so the system can perform password verification when a user attempts to login or access a restricted resource. To preserve confidentiality of system passwords, the password verification data is typically not stored in cleartext form, but instead a one-way function is applied to the password, possibly in combination with other data, and the resulting value is stored.

When a user later attempts to authenticate by entering the password, the same function is applied to the entered value and the result is compared with the stored value. If they match, there is an extremely high likelihood the entered password was correct. For simplicity in this discussion, we will refer to the one way function employed (which may be either an encryption function or cryptographic hash) as a hash and its output as a hashed password.

If a system uses a poorly designed password hashing scheme to protect stored passwords, an attacker can exploit any weaknesses to recover even 'well-chosen' passwords. One example is the LM hash that Microsoft Windows XP and previous uses by default to store user passwords of less than 15 characters in length. LM hash converts the password into all uppercase letters then breaks the password into two 7-character fields which are hashed separately—which allows each half to be attacked individually.

Passwords can sometimes be guessed by humans with knowledge of the user's personal information. Examples of guessable passwords include: blank (none) the words "password", "passcode", "admin" and their derivatives a row of letters from the qwerty keyboard -- qwerty itself, asdf, or qwertyuiop) the user's name or login name the name of their significant other, a friend, relative or pet their birthplace or date of birth, or a friend's, or a relative's their automobile license plate number, or a friend's, or a relative's their office number, residence number or most commonly, their mobile number. a name of a celebrity they like a simple modification of one of the preceding, such as suffixing a digit, particularly 1, or reversing the order of the letters. a swear word. and so, extensively, on.

Early Unix implementations limited passwords to 8 characters and used a 12-bit salt, which allowed for 4096 possible salt values. While 12 bits was good enough for most purposes in the 1970s (although some expressed doubts even then), by 2005 disk storage had become cheap enough that an attacker can precompute the hashes of millions of common passwords, including all 4096 possible salt variations for each password, and store the precomputed values on a single portable hard drive.

Serangan Yang Sering Dipakai Hacker 1)DDoS (Distributed Denial Of Service) [classic] Distributed Denial Of Service digunakan seorang hacker untuk mengambil resource didalam network tanpa adanya autorisasi. Sebelumnya hacker harus melakukan FTP Attack. 2)IP Spoofing (Atau Source Address Spoofing) pemalsuan alamat IP hacker sehingga sasaran menganggap alamat IP hacker adalah alamat IP dari host di dalam network bukan dari luar network. Misalkan hacker mempunyai IP address type A xx.xx ketika hacker melakukan serangan jenis ini maka Network yang diserang akan menganggap IP hacker adalah bagian dari Networknya. IP Spoofing terjadi ketika seorang hacker menghack packet routing untuk mengubah arah dari data atau transmisi ke tujuan yang berbeda. Packet untuk routing biasanya di transmisikan secara transparan dan jelas sehingga membuat hacker dengan mudah untuk memodifikasi asal data ataupun tujuan dari data.

3) FTP Attack (File Transfer Protocol Attack) serangan buffer overflow yang diakibatkan oleh malformed command. tujuan menyerang FTP server ini rata-rata adalah untuk mendapatkan command shell ataupun untuk melakukan DDoS. 4) UFE (Unix Finger Exploits) Serangan ini terjadi karena kesalahan sistem Administrator yang tidak menggunakan keamanan sedikit atau sama sekali tidak. Point ini terlalu berharga untuk dilewatkan.

5) Flooding & Broadcasting (Pembanjiran server) Serangan ini digunakan dengan tools-tools untuk pembanjiran server. Misalkan TrashAttack. Tujuan serangan ini adalah untuk memperlambat kinerja server. 6) FPA (Fragmented Packet Attacks) Data-data internet yang di transmisikan melalui TCP/IP bisa dibagi lagi ke dalam paket-paket yang hanya mengandung paket pertama yang isinya berupa informasi bagian utama dari TCP/IP. Beberapa firewall akan mengizinkan untuk memroses bagian dari paket-paket yang tidak mengandung informasi alamat asal pada paket pertamanya, hal ini akan mengakibatkan beberapa type system menjadi crash.

7) Exploits Terbagi menjadi lima cara yaitu: mail floods,command manipulation, transport level attack, malicious code inserting dan social engineering.

Tanggapan: Pengaturan dan alat privasi Tanggapan
Do Not Sell My Personal Information
Tentang proyek: SlidePlayer Syarat penggunaan

© 2024 SlidePlayer.info Inc. All rights reserved.