Friday, September 30, 2022

Beberapa contoh CSIRT


Posted by Hadi Syahrial at 6:49 PM 0 comments

Wednesday, September 28, 2022

Jalur Masuk Serangan Siber Pada Rumah Sakit

Akses Internet: Jalur masuk serangan bisa melalui jaringan komputer yang terhubung dengan Internet, jaringan rumah sakit yang sudah terpindai dan terpetakan oleh peretas dan perangkat lunak back-door sudah terpasang di jaringan komputer rumah sakit. 

Jaringan Wireless: Jika rumah sakit menggunakan perangkat-perangkat medis aktif nirkabel yang sudah terpindai dan terpetakan oleh peretas dapat dijadikan jalur masuk serangan oleh peretas.

Ancaman orang dalam: Kejahatan yang disengaja atau tidak disengaja oleh orang dalam yang sering berperilaku kriminal.

Serangan akses langsung: Mendapatkan akses fisik ke perangkat medis aktif.

Removable media: USB, floppy, CD, laptop, dan apapun yang dapat terhubung langsung ke perangkat medis aktif.

Email: Malware seperti virus, Trojan horse atau worm yang dikirim melalui email phishing.

Jaringan lain: Jaringan lain yang terhubung ke jaringan rumah sakit dapat menjadi salah satu cara untuk mengakses perangkat medis aktif. Contohnya jika seorang peretas telah mendapatkan akses ke mesin C-arm X-ray, dia dapat berpindah melintasi jaringan untuk menginfeksi perangkat medis aktif lainnya.  

Supply chain: Jika perangkat medis aktif dibuat di luar negeri, kemungkinan besar ada beberapa program perangkat lunak tersembunyi yang tidak diketahui.

Pemasangan atau penggunaan peralatan yang tidak tepat: Kegiatan yang disengaja atau tidak disengaja seperti pencurian peralatan medis dan sistem yang dibiarkan tanpa keamanan.

Cyber-drone: Drone dapat memantau rumah sakit dengan meretas sinyal nirkabel seperti dari printer jaringan yang ada di sana (dengan kata sandi bawaan).

Lainnya: Ide-ide baru yang muncul oleh peretas.


Posted by Hadi Syahrial at 12:04 PM 0 comments

Thursday, July 21, 2022

Layanan-layanan CSIRT menurut FIRST CSIRT (https://www.first.org/standards/frameworks/csirts/csirt_services_framework_v2.1)






Posted by Hadi Syahrial at 2:17 PM 0 comments

Thursday, September 16, 2021

Isu-isu keamanan pada sistem IoT yang perlu mendapatkan perhatian para pengguna.

Dalam pengembangan dan penerapan IoT perlu mempertimbangkan aspek keamanan, karena pada IoT terdapat beberapa peralatan yang saling terhubung. Pada umumnya arsitektur IoT terdiri dari tiga lapisan sebagai berikut:

1. Lapisan persepsi, merupakan peralatan fisik IoT itu sendiri seperti sensor, aktuator, smart things, dan lain-lain.

2. Lapisan jaringan, merupakan infrastruktur komunikasi untuk peralatan-peralatan, server dan pengguna.

3. Lapisan aplikasi, merupakan perangkat lunak yang dapat menggunakan data yang didapat dari peralatan-peralatan IoT dan mengelola mereka dalam memberikan layanan untuk pengguna. 

Beberapa organisasi telah melakukan penelitian terhadap isu-isu keamanan pada IoT, salah satunya adalah OWASP Internet of Things (IoT) Top 10 yang diterbitkan oleh Open Web Application Security Project. 

Menurut OWASP IoT Top 10 2018 (https://wiki.owasp.org/index.php/OWASP_Internet_of_Things_Project#tab=IoT_Top_10), isu-isu keamanan pada IoT adalah sebagai berikut:

I1 Weak Guessable, or Hardcoded Passwords

I2 Insecure Network Services

I3 Insecure Ecosystem Interfaces

I4 Lack of Secure Update Mechanism

I5 Use of Insecure or Outdated Components

I6 Insufficient Privacy Protection

I7 Insecure Data Transfer and Storage

I8 Lack of Device Management

I9 Insecure Default Settings

I10 Lack of Physical Hardening



Posted by Hadi Syahrial at 1:54 PM 0 comments

Thursday, July 10, 2014

10 Visual Content Tools

1. Canva
2. PlaceIt
3. HubSpot
4. Death to the Stock Photo
5. NounProject
6. 55 Free Content Creation Templates
7. Google Fonts
8. Skitch
9. ColorPicker
10. GIFBrewery

http://blog.hubspot.com/marketing/visual-content-creation-tools?utm_campaign=blog-rss-emails&utm_source=hs_email&utm_medium=email&utm_content=13407664
Posted by Hadi Syahrial at 2:24 PM 0 comments

Wednesday, April 30, 2014

Materi Dasar Cybersecurity

http://www.globalknowledge.com/training/course.asp?pageid=9&courseid=13526&country=United+States

Course Outline

1. Cybersecurity Introduction, Job Roles, and Functions

  • Security Fundamentals
    • Security Importance
    • Human Influence
  • Vulnerabilities
    • Typical Attack Sequence
    • Social Engineering
    • Footprinting
    • Well-Known Parts
    • Port Scanning
    • Password/Passphrase Vulnerabilities
    • Track Covering

2. Social Media Concerns

  • Social Media
    • Types
    • Vulnerabilities
    • Social Networking Sites
    • Social Engineering
  • Phishing
    • Phishing via E-mail
  • Online Attacks
    • Statistical Data
    • Security Breach Sources

3. Cyber Awareness

  • CNCI
    • Definition and Purpose of CNCI
    • CNCI Initiative Details
  • Legalities
    • Laws and Rules
    • Legal Compliance
  • Cyber Attacks
    • Malware
    • Viruses
    • Worms
    • Logic Bombs
    • Botnet
    • Trojan Horse
    • OSI Model
    • DNS

4. Cyber Services

  • Cyber Threats
    • Denial of Service Vulnerabilities
  • Server Hardening
    • Web Server Hardening
    • Mail Server Hardening
    • FTP Server Hardening
    • DNS Server Hardening
    • Other Servers
    • Workstation Considerations
    • Network Appliances
    • Wireless Access Hardening
    • VLAN Security
    • Software Attacks

5. Risk Management and Assessment

  • Risk Management
  • Risk Management Process
    • Steps
    • ALE Formula
    • CRAMM Process
    • Risk Management Lifecycle
    • Protected Assets
    • CIA Triad
  • Threat Determination Process
  • Risk Assessment
    • Scenarios
    • Criticality
    • Prioritization
  • Risk Management Lifecycle
    • Steps
    • Policy
    • Assessment
    • Baselines and ePolicy
  • Vulnerabilities
    • Vulnerability Categories
    • Self-Assessment
    • Weak Links in Security
    • Technical Controls
    • Due Care
    • Insurance against Losses

6. Security Policy Management

  • Security Policies
    • Security Policy Definition
    • Security Policy Use
    • Security Policy Importance
    • Legal Issues
    • Policy Example
    • Policy References
    • Policies, Guides, Standards, Procedures, and Controls
  • Coverage Matrix
    • Preparing a Coverage Matrix
    • Example Security Coverage Matrix
    • Granular View of a Security Matrix
  • Basic Policies

7. Vulnerability Assessment and Tools

  • Vulnerability Testing
  • Penetration Testing
    • Risks of Penetration Testing
    • Methodologies
    • Testing
    • Technology Testing Tools

8. Business Continuity Planning

  • Disaster Types
  • Disaster Recovery Plan
    • Goals
    • Steps for Creation
    • Contents
    • Design Requirements
    • Priorities
    • Recovery Strategies
    • High Availability Considerations
    • Data Collection
    • Written Plan Documentation
    • Plan Testing Sequence
  • Business Continuity Planning
  • Business Continuity Planning Process
    • BCP Process Steps
    • Controls

9. Host Security

  • Types of Hosts
    • General Configuration Guidelines
  • Clean Systems
  • Unnecessary Services
    • Rules to Follow
    • Warning Banners
  • Limiting Access
    • Administrators
    • Users
    • Configuring and Logging
    • Security Patches
  • Security Baselines
    • Traffic Filtering
  • Monitoring

10. Architectural Integration

  • General Security Integration
  • Services
    • Needs
  • Security Zones
    • Filtering
    • Screened Subnets
    • Trusted Zones
  • Devices
    • Routers
    • Firewalls
    • DMZ Hosts
  • Extenuating Circumstances
    • Business-to-Business
    • Exceptions to Policy
    • Special Services and Protocols
    • Configuration Management
  • Development
    • Certification and Accreditation
    • Common Criteria

11. Authentication and Cryptography

  • Authentication
    • Identification
    • Issues
  • Cryptosystems
    • Elements
    • Password Protocols
    • Hashes
    • Kerberos
    • Symmetric Encryption
    • Asymmetric Encryption
    • Digital Signatures
  • Certificate Services
    • Certificate Authorities
    • Registration Authorities
    • Models
    • Policies
    • Lifecycle
    • Distribution

12. Securing Communications

  • Terminology
    • Tunnels
    • Applying Cryptography to OSI Model
  • Securing Services
    • E-Mail
    • FTP and Telnet
  • Transport
    • SSL and TLS
    • Gateway-to-Gateway VPN
    • IPSec
  • Wireless
    • Wireless Weakness
    • Wireless Security
  • Steganography and NTFS Data Streams
    • Steganography
    • NTFS Alternate Data Streams

13. Intrusion Detection and Prevention Systems

  • Intrusion
    • Definition
  • Defense in Depth
    • Perimeter Router
    • Firewall Monitoring
    • Network Device Logging
    • Host Monitoring
    • Events Correlation
  • IDS/IPS
    • Placement of IDS Monitors and Sensors
    • Monitoring
    • Host-Based and Network-Based Differences
    • Policy Management
    • Behavioral Signatures
  • IDS/IPS Weakness
    • Encryption
    • Coverage
    • Overwhelmed
    • False Positives
    • Incorrect Configuration

14. Cyber Challenge Activities

  • Network Analysis Review

15. Forensic Analysis

  • Incident Handling
    • Response
    • Time and Reaction Sensitivity
    • Issues for Consideration
    • Response Procedures
    • Evidence
  • Logging
    • Process
    • Log Analysis Tools

16. Cyber Evolution

  • Cyber Organization
    • Cyber Forces
    • Internet Leadership
    • Internet Defenders
  • Cyber Future
    • Future Challenges
    • Evolving Needs
    • Cyber Maturity Barriers
    • Einstein 2 and Future
    • Goals

Labs

Lab 1: Social Media

  • Phishing and Spyware
  • Windows Activation
  • Antivirus Notice
  • Commercial Web Site

Lab 2: Cyber Awareness

  • Scanning with Nmap
  • Scanning with Zenmap

Lab 3: Cyber Services

  • Telnet Banner Grabbing
  • FTP Banner Grabbing
  • SMTP Banner Grabbing
  • Netcat

Lab 4: Risk Assessment

  • Use Nessus to Identify Assets and Threats
  • Asset Worksheet Completion

Lab 5: Business Continuity Plan

  • Team Members/Key Contacts
  • Team Status Reporting
  • Priority IT Systems
  • IT System Backup Details
  • Recovery Process

Lab 6: Vulnerability Assessments and Audits

  • Mapping Site Content Using Teleport Pro
  • Using Cheops for Graphical Display of Network
  • Working with LANguard

Lab 7: Host Security - Malware

  • Connecting Remotely
  • RECUB Service

Lab 8: Authentication and Cryptography

  • Perform activities using Ettercap utility
  • Perform and Witness a Man in the Middle (MITM) Attack

Lab 9: Cryptographic Attacks

  • Using Steganographic Tools
  • Advanced NTFS File Streaming

Lab 10: SNORT (Eagle X IDS) Install

  • Installing Eagle X
  • Configuring Eagle X
  • Configure Rule to Ignore Hosts in SNORT

Lab 11: Cyber Challenge Activities

  • Identifying Assets and Threats
  • Completing Asset Worksheet

Lab 12: Forensics Analysis IIS Event Log Analysis

  • Identifying Common Attacks through IIS Log Analysis
Posted by Hadi Syahrial at 2:19 PM 0 comments

Monday, April 28, 2014

Ini 10 tools gratis untuk admin server.

Ini 10 tools gratis untuk admin server.
http://lp.netwrix.com/top_10_free_tools_that_it_pros_love.html?cID=70170000000l24j

Silahkan dicoba!
Posted by Hadi Syahrial at 2:42 PM 0 comments
Subscribe to: Posts (Atom)