Hasil Pencarian  ::  Simpan CSV :: Kembali

"In many penetration tests, there is a lot of useful information to be gathered from the radios used by organizations. These radios can include two-way radios used by guards, wireless headsets, cordless phones and wireless cameras. Wireless Reconnaissance in Penetration Testing describes the many ways that a penetration tester can gather and apply the information available from radio traffic. Stopping attacks means thinking like an attacker, and understanding all the ways that attackers gather information, or in industry terms profile, specific targets. With information from what equipment to use and how to find frequency information, to tips for reducing radio information leakage, to actual case studies describing how this information can be used to attack computer systems, this book is the go-to resource for penetration testing and radio profiling. Author Matthew Neely is a respected and well-known expert and speaker on radio reconnaissance and penetration testingIncludes real-world case studies of actual penetration tests using radio profiling. Covers data leakage, frequency, attacks, and information gathering."

"Nilai Superframe Order Dan Beacon Order pada protokol IEEE 802.15.4 untuk menentukan besarnya paket data yang bisa ditransmisikan dalam setiap Superframe dan juga lamanya masa tidak aktif dalam setiap Superframe. Jaringan multihop mempunyai ketersedian bandwith yang bagus sehingga digunakan pada penelitian ini. Penelitian ini menggunakan simulasi NS2 untuk menganalisis pengaruh nilai Beacon Order dan nilai Superframe Order terhadap kinerja jaringan nirkabel multihop yang memiliki topologi pohon pada protokol IEEE 802.15.4. Kinerja jaringan telah dievaluasi secara rinci pada throughput rata-rata, delay rata-rata, delivery ratio dan persentase dari energi rata-rata yang digunakan terhadap variasi nilai Beacon Order dan nilai Superframe Order. Nilai Beacon Order dan nilai Superframe Order optimum yang diperoleh dari eksperimen adalah 9.

---

Superframe order value and beacon order value on IEEE 802.15.4 protocol determine the number of data packets that can be transmitted in each Superframe and also the length of the inactive period in each Superframe. Multihop networks with good bandwidth availability are used in this study. This study uses NS2 simulation to analyze the influence of the Beacon Order value and Superframe Order value to the performance of multihop wireless networks with a tree topology base on IEEE 802.15.4 protocol. The performance of the network which have been evaluated in detail are the average throughput, average delay, delivery ratio and the percentage of the average energy used towards the variation of the Beacon Order value and Superframe Order value. The optimum number of Beacon Order and Superframe Order found from the experiment is 9."

"Many organisations are transforming their businesses through the development of information and communications technologies. The security of this e-commerce is now a key enabler for businesses and this book presents an overview of current and future infrastructures for e-business including XML security mechanisms and next generation Public Key Infrastructures (PKI), as well as digital archiving and wireless security which is set to be a huge growth area with the full rollout of 3G mobile networks. TETRA security, firewalls and Virtual Private Network (VPN) technologies are all discussed to provide business solutions for end-to-end secure networking. This book is essential reading for IT and security professionals as well managers involved in the implementation of e-businesses."

"This book covers issues related to 5G network security. The authors start by providing details on network architecture and key requirements. They then outline the issues concerning security policies and various solutions that can handle these policies. Use of SDN-NFV technologies for security enhancement is also covered. The book includes intelligent solutions by utilizing the features of artificial intelligence and machine learning to improve the performance of the 5G security protocols and models. Optimization of security models is covered as a separate section with a detailed information on the security of 5G-based edge, fog, and osmotic computing. This book provides detailed guidance and reference material for academicians, professionals, and researchers.Presents extensive information and data on research and challenges in 5G networks; Covers basic architectures, models, security frameworks, and software-defined solutions for security issues in 5G networks; Provides solutions that can help in the growth of new startups as well as research directions concerning the future of 5G networks."

"ABSTRAKJaringan nirkabel atau wireless adalah salah satu media atau sistem transmisi data yang menggunakan gelombang radio sebagai media transmisinya dan sebuah pengembangan dari jaringan komputer yang sebelumnya menggunakan kabel sebagai media penghubungnya. Nirkabel memanfaatkan udara/gelombang elektromagnetik sebagai media lalu lintas pertukaran data. Namun seiring perkembangannya, keamanan pada jaringan nirkabel ternyata cukup rentan, dan memberikan potensi yang cukup tinggi bagi para hacker. Keamanan jaringan mempunyai dampak yang besar bagi dunia terhadap penggunaannya, seluruh informasi dapat dikirimkan dan diterima tanpa menggunakan kabel. Jaringan nirkabel menyediakan semua fungsi yang sama seperti jaringan kabel tanpa adanya perangkat fisik. Tujuan utama dari studi ini ialah mendemonstrasikan dan menganalisis jenis variasi serangan yang dapat ditemui saat menggunakan jaringan nirkabel sekaligus mitigasi terhadap serangan yang terjadi. Jaringan nirkabel memiliki banyak celah dalam penggunaannya. Pada studi kali ini akan digunakan software yaitu Kali Linux 3.0 adalah open source yang digunakan untuk melakukan uji penetrasi. Uji penetrasi akan dilakukan menggunakan beberapa metode yang nantinya studi ini akan memeberikan edukasi kepada setiap orang agar lebih berhati-hati dalam mengakses jaringan nirkabel di rumah maupun tempat umum.

---

ABSTRACTWireless or wireless network is one media or data transmission system that uses radio waves as transmission media and is a development of a computer network that previously used the cable as a connector. Wireless utilize air electromagnetic waves as a medium of traffic exchange data. But over the development of security on wireless networks was quite vulnerable, and provide a high enough potential for hackers. Network security has a major impact on the world for its use, all information can be sent and received without the use of cables. Wireless networks provide all the same functions as cable networks in the absence of physical devices. The main purpose of this study is to demonstrate and analyze the types of attack variations that can be encountered when using wireless networks and also how to mitigate them. Wireless networks have many loopholes in its use. In this study will be used software that is Kali Linux 3.0 is open source used to do penetration test. The penetration test will be conducted using several methods that will provide education for everyone to be more careful in accessing wireless networks at home and public places. "

"Machine generated contents note: Chapter 0: Introduction Chapter 1: Introduction to Command Shell Scripting Chapter 2: Introduction to Python Chapter 3: Introduction to Perl Chapter 4: Introduction to Ruby Chapter 5: Introduction to Web Scripting with PHP Chapter 6: Manipulating Windows with PowerShell Chapter 7: Scanner Scripting Chapter 8: Information Gathering Chapter 9: Exploitation Scripting Chapter 10: Post-Exploitation Scripting Appendix: Subnetting and CIDR Addresses"

"Professional penetration testing walks you through the entire process of setting up and running a pen test lab. Penetration testing—the act of testing a computer network to find security vulnerabilities before they are maliciously exploited—is a crucial component of information security in any organization. With this book, you will find out how to turn hacking skills into a professional career. Chapters cover planning, metrics, and methodologies; the details of running a pen test, including identifying and verifying vulnerabilities; and archiving, reporting and management practices.Author Thomas Wilhelm has delivered penetration testing training to countless security professionals, and now through the pages of this book you can benefit from his years of experience as a professional penetration tester and educator. After reading this book, you will be able to create a personal penetration test lab that can deal with real-world vulnerability scenarios."

"Ancaman keamanan terhadap website biasa dihasilkan melalui celah yang memungkinkan pengguna lain melakukan tindak kejahatan. Untuk pemeliharaan keamanan website yang baik, deteksi kerentanan website dapat dilakukan dengan prosedur vulnerability identification dan penetration testing. Penetration Testing Execution Standard (PTES) digunakan pada penelitian ini sebagai kerangka kerja atau framework penetration testing dengan tujuan untuk mendapatkan hasil akhir berupa kerentanan yang dapat mengganggu keamanan website. Terdapat tujuh tahapan yang akan dilakukan pada framework PTES yaitu Pre-engagement Interactions, Intelligence Gathering, Threat Modeling, Vulnerability Analysis, Exploitation, Post Exploitation, dan Reporting. Penetration testing ini juga menerapkan metode blackbox testing. Blackbox testing adalah metode pengujian yang dilakukan tanpa mengetahui informasi apa pun mengenai sistem website. Ditemukan tiga kerentanan dengan tingkat risiko tinggi pada website redstorm setelah melakukan penetration testing dengan framework PTES dan metode blackbox testing, yaitu PII Disclosure, SQL Injection, dan SQL Injection-SQLite. Hasil ini menekankan perlunya penguatan keamanan website dan penerapan langkah-langkah mitigasi yang sesuai untuk melindungi data sensitif dan melawan potensi serangan. Selain itu, penelitian ini menegaskan efektivitas dan relevansi kerangka kerja PTES dalam mengidentifikasi kerentanan keamanan sistem. Implikasi dari temuan ini memberikan kontribusi bagi pengembangan kebijakan keamanan informasi dan penelitian tentang keamanan siber yang lebih lanjut.

---

Security threats to common websites are generated by gaps that allow other users to commit criminal acts. For good website security maintenance, website vulnerability detection can be done with vulnerability identification and penetration testing procedures. The Penetration Testing Execution Standard (PTES) is used in this research as a framework for penetration testing with the aim of obtaining the final result of vulnerabilities that can interfere with the operation of the website. There are seven stages that will be performed on the PTES framework: Pre-engagement Interactions, Intelligence Gathering, Threat Modeling, Vulnerability Analysis, Exploitation, Post-exploitation, and Reporting. The penetration test also uses the blackbox testing method. Blackbox testing is a test method that is performed without knowing any information about the website system. Three high-risk vulnerabilities were found on Redstorm websites after performing penetration testing with the PTES framework and blackbox testing methods, namely PII Disclosure, SQL Injection, and SQL injection-SQLite. The results emphasize the need to strengthen website security and implement appropriate mitigation measures to protect sensitive data and counter potential attacks. In addition, the study confirms the effectiveness and relevance of the PTES framework in identifying system security vulnerabilities. The implications of these findings contribute to the development of information security policies and further research on cybersecurity."

"Pengujian penetrasi merupakan suatu langkah penting yang diambil untuk meningkatkan keamanan sebuah website, terutama bagi suatu perusahaan. Terdapat beberapa kerangka kerja dan metodologi untuk uji penetrasi, salah satunya adalah Information Systems Security Assessment Framework (ISSAF). ISSAF merupakan sebuah kerangka kerja yang komprehensif dengan keunggulan pada domain coverage sehingga memungkinkan pengujian bukan hanya dari luar sistem, namun juga masuk ke dalam sistem. Penelitian ini menunjukan tahapan uji penetrasi menggunakan kerangka kerja ISSAF dan memanfaatkan beberapa tools yang umum digunakan untuk mengidentifikasi kerentanan website bagi perusahaan. Hasil dari penelitian ini ditemukan 7 kerentanan, diantaranya yaitu Clickjacking, Brute-force Attack pada Login Page, HSTS Missing From HTTP Server, Content Security Policy (CSP) Header Not Set , Cookie without SameSite Attribute, Server Leaks Information via "X-Powered-By" HTTP Response Header Field(s),serta X-Content-Type-Options Header Missing. Dari hasil pengujian penetrasi ini dapat dijadikan rekomendasi untuk mengatasi kerentanan keamanan pada perusahaan-perusahaan di bidangnya.

---

Penetration testing is an important step taken to improve the security of a website, especially for a company. There are several frameworks and methodologies for penetration testing, one of which is the Information Systems Security Assessment Framework. (ISSAF). ISSAF is a comprehensive framework with advantages on domain coverage that allows testing not only from outside the system, but also into the system.  This research demonstrates the stage of penetration testing using the ISSAF framework and utilizes several commonly used tools to identify website vulnerabilities for companies. This study we found seven vulnerabilities in the target website, including Clickjacking, Brute-force Attack on Login Page, HSTS Missing from HTTP Server, Content Security Policy (CSP) Header Not Set, Cookie without SameSite Attribute, Server Leaks Information via "X-Powered-By" HTTP Response Header Field(s), and X-Content-Type-Options Header Missing. From this penetration test results, a recommendation to address security vulnerabilities in companies can be conducted."