Professional Documents
Culture Documents
TRANSPORT LAYER
Layer Transport bertugas melakukan sesi
komunikasi antara komputer dalam
jaringan. Menenrukan bagaimana data
ditransmisikan.
Cont
User Datagram Protocol
UDP merupakan connectionless communication, bekerja tidak menjamin
data sampai ditujuan secara utuh.
Normalnya untuk mentransmisikan data dalam jumlah kecil pada satu
waktu.
Reliabilitasnya/penjaminan data sampai pada penerima tergantung dari
aplikasi.
karakteristik
UDP
UDP merupakan protokol connectionless, artinya tidak ada
sesi komunikasi awal ketika data ditransmisikan.
UDP merupakan unreliable protokol. Berarti pesan yang
dikirim tanpa ada nomor urut dan tanpa acknowledgment
dari penerima shg pengirim tidak pernah tahu apakah pesa
sudah diterima penuh atau tidak. Untuk masalah ini
ditangani oleh aplikasi
Jika terjadi Lost paket data harus di-retrieve oleh layer
diatasnya (aplikasi).
Biasanya message UDP ditransmisikan secara regular dalam
interval waktu tertentu atau setelah ditentukan batas waktu
habis
Hanya membutuhkan sedikit resource memori dan processor
Contoh aplikasi yang menggunakan Protocol UDP Domain
Name System(DNS) dan Dynamic Host Configuration
Protocol(DHCP).
UDP
Biasa digunakan untuk
aplikasi streaming
multimedia
loss tolerant
rate sensitive
Penggunaan UDP
lain untuk:
Length, in
bytes of UDP
yang
segment,
including
header
DNS
SNMP
Bila ingin melakukan reliable
transfer menggunakan UDP:
tambahkan reliability di layer
aplikasi
application-specific error
recover!
32 bits
source port #
length
dest port #
checksum
Application
data
(message)
TCP: Overview
point-to-point:
Satu pengirim utk satu
penerima
application
writes data
application
reads data
TCP
send buffer
TCP
receive buffer
connection-oriented:
Ada handshaking
sebelum pertukaran data
flow controlled:
sender will not overwhelm
receiver
socket
door
segment
source port #
dest port #
sequence number
acknowledgement number
head not
UA P R S F
len used
checksum
counting
by bytes
of data
(not segments!)
# bytes
rcvr willing
to accept
application
data
(variable length)
Host A
User
types
C
Host B
host ACKs
receipt of
C, echoes
back C
host ACKs
receipt
of echoed
C
time
10
X
loss
Host B
Seq=92 timeout
Seq=100 timeout
timeout
time
Host A
Host B
time
premature timeout,
cumulative ACKs
12
Mencegah pengirim
membanjiri penerima
dengan data (shg
buffer tidak overflow)
RcvBuffer = Ukuran buffer TCP Receive
RcvWindow = sisa Buffer space
receiver buffering
13
Application Layer
voice over IP
e-mail
real-time video
web
conferencing
instant messaging
grid computing
remote login
P2P file sharing
multi-user network
games
streaming stored video
clips
Tools
High
Staged
distributed
attack tools
www attacks
automated probes/scans
GUI
sniffers
Intruder
Knowledge
sweepers
back doors
network mgmt. diagnostics
disabling audits
hijacking
sessions
burglaries
Attack
Sophistication
Intruders
password guessing
Low
1980
1985
1990
1995
2004
Second Day
Talk about Miscellanous !!
Legality
Footprinting
Scanning
Enumeration
Trojan and backdoor
Sniffer
Sql Injection
CYBER CRIME
User Zone
Server Zone
User Zone
Server Zone
DP
DP
User Zone
Download files
Execute files
Delete files
Update itself
Get uptime information
Server Zone
User Zone
Random IPs
Server Zone
From: Spoofed
Subject:
User Zone
Server Zone
Find Email Addresses
.wab
.adb
.tbb
.dbx
hello
hi
error
status
.asp
php
.sht
.htm
Mail Transaction Failed
Mail Delivery System
SERVER REPORT
(No Subject)
(random alphabets)
Spyware Infection
A - Downloading programs
Kazaa / screensavers / windows utilities
Download managers / file sharing sw / demo
software
User Zone
C/D
Random IPs
Server Zone
Proteksinya Nihhh!!!
Firewall Technology
User Zone
Server Zone
Gateway Anti-Virus
Scan through unlimited files sizes
Scan through unlimited connections
Scan over more protocols than any
similar solution
SonicWALL IPS/GAV
Dynamic Updates
DPI
DPI
User Zone
Protection:
DPI
Dept Zone
Server Zone
OK !!!!!
What is SSL?
The SSL protocol runs above TCP/IP and below higherlevel protocols such as HTTP or IMAP. It uses TCP/IP
on behalf of the higher-level protocols, and in the
process allows an SSL-enabled server to authenticate
itself to an SSL-enabled client, allows the client to
authenticate itself to the server, and allows both
machines to establish an encrypted connection.
Privacy
Encrypt message so it cannot be read
Use conventional cryptography with
shared key
DES, 3DES
RC2, RC4
IDEA
2 private keys
one for client browser
one for server (http server)
80
443
25
110
465
Secure Sockets
Layer
Transport
Network
Link
995
SSL Architecture
SSL session
SSL connection
a transient, peer-to-peer, communications link
associated with 1 SSL session
IPSec Needs!!
the most serious involving:
IP spoofing
intruders creating packets with false
address then taking advantages of OS
exploits
IPSec
Generally IP Security mechanisms
provides
authentication
confidentiality
key management
IPSec Uses
Benefits of IPSec
in a firewall/router provides strong security
to all traffic crossing the perimeter
is resistant to bypass
is below transport layer, hence transparent
to applications
can be transparent to end users
can provide security for individual users if
desired
additionally in routing applications:
assure that router advertisments come from
authorized routers
neighbor advertisments come from authorized
routers
insure redirect messages come from the router to
which initial packet was sent
insure no forging of router updates
IP Security Architecture
RFC 2401 (Primary RFC)
specification is quite complex
defined in numerous RFCs
incl. RFC
2401/2402/2406/2408
many others, grouped by
category
IPSec Services
Two protocols are used to provide
security:
Authentication Header Protocol (AH)
Encapsulation Security Payload (ESP)
Access control
Connectionless integrity
Data origin authentication
Rejection of replayed packets
a form of partial sequence integrity
Confidentiality (encryption)
Limited traffic flow confidentiality
Security Chain
a one-way relationship between
sender & receiver that affords
security for traffic flow
defined by 3 parameters:
Security Parameters Index (SPI)
a bit string
IP Destination Address
only unicast allowed
could be end user, firewall, router
Security Chain
has a number of other parameters
seq no, AH & EH info, lifetime etc
Authentication Header
provides support for data integrity & authentication of IP
packets
end system/router can authenticate user/app
prevents address spoofing attacks by tracking sequence numbers
AH architecture
Iki ESP!!!
VPN Tunneling
INTRODUCTION
What is a VPN?
Introduction to VPN
Introduction (continued):
Four Categories:
Trusted VPN
Secure VPN
Hybrid VPN
Provider-provisioned VPN
VPN TOPOLOGY
How does a VPN work?
Greater scalability
Easy to add/remove users
Reduced long-distance telecommunications costs
Mobility
Security
Tunneling
allows senders to encapsulate their data in
IP packets that hide the routing and
switching infrastructure of the Internet
to ensure data security against unwanted
viewers, or hackers.
VPN COMPONENTS
What are the components of
VPN?
VPN Components
Protocols
Security
Appliances
Point-to-Point Tunneling
Protocol (PPTP)
Voluntary tunneling method
Uses PPP (Point-to-Point
Protocol)
Example of packet
encapsulation
Honey POT
1. Cari DNS yang tercepat untuk DNS kamu, caranya kamu unduh dulu DNS
Bechmark (https://www.grc.com/dns/benchmark.htm)
Klik name server > Run Benchmark biarkan proses berjalan sampai selesai,
jika sudah selesai perhatikan tanda bulat, cari yang warna hijau penuh,
perhatikan nomor Dnsnya disamping kiri dan catat ( kamu perlu dua nomor
DNS untuk Alternative DNS )
2. Buka Start menu > Setting > Network Connection > Open, klik kanan local
Area Connection > Properties,Pilih InternetProtocol > Double Click
Centang Use Following DNS Server Addresses, isi kan dua Dns Yang kamu
Catat Tadi Klik Ok, Lalu Tutup
3. Tutup Browser kamu Klik Kanan Local Area Connection Klik Repair
4. Klik Start>Run>tulis gpedit.msc Bila sudah terbuka Folder Group Policy
nya Klik administrative Templete >Qos Packet Scheduler> Klik dua kali Limit
Resevable bandwith >setting Enable ubah Bandwidth Limit, Kalo saya 0%
Penipu cantik
How to Prevent!!!!
SOCIAL ATTITUDE
Think before you click
Keep your computer clean