Documente Academic
Documente Profesional
Documente Cultură
1
2 Teknologi Sistem Komputer Dan Rangkaian
it. Keep your system in the loop of latest updates and security alerts
or else, it will become vulnerable to security threats.
It is important to keep a record of technical support consultants and
software documentations, like manuals and guides to make them
accessible to the staff members of the company.
Rujukan : http://www.buzzle.com/articles/types-of-computer-security.html
(05/02/2017 1:31)
ii. Network
a) Wireless security
Wireless networks are not as secure as wired ones. Without
stringent security measures, installing a wireless LAN can be
like putting Ethernet ports everywhere, including the parking lot.
To prevent an exploit from taking hold, you need products
specifically designed to protect a wireless network.
b) Antivirus and antimalware software
"Malware," short for "malicious software," includes viruses,
worms, Trojans, ransomware, and spyware. Sometimes
malware will infect a network but lie dormant for days or even
weeks. The best antimalware programs not only scan for
malware upon entry, but also continuously track files afterward
to find anomalies, remove malware, and fix damage.
c) Application security
Any software you use to run your business needs to be
protected, whether your IT staff builds it or whether you buy it.
Unfortunately, any application may contain holes, or
vulnerabilities, that attackers can use to infiltrate your network.
Application security encompasses the hardware, software, and
processes you use to close those holes.
d) VPN
A virtual private network encrypts the connection from an
endpoint to a network, often over the Internet. Typically, a
remote-access VPN uses IPsec or Secure Sockets Layer to
authenticate the communication between device and network.
e) Firewalls
2
3 Teknologi Sistem Komputer Dan Rangkaian
3
4 Teknologi Sistem Komputer Dan Rangkaian
vi. OpenSSH
Secure all your traffic between two points by tunnelling insecure
protocols through an SSH tunnel. Includes scp providing easy access
to copy files securely. Can be used as poor mans VPN for Open
Wireless Access points (airports, coffee shops). Tunnel back through
your home computer and the traffic is then secured in transit. Access
4
5 Teknologi Sistem Komputer Dan Rangkaian
internal network services through SSH tunnels using only one point of
access. From Windows, you will probably want to have putty as a client
and winscp for copying files. Under Linux just use the command line
ssh and scp.
vii. Wireshark
View traffic in as much detail as you want. Use Wireshark to follow
network streams and find problems. Tcpdump and Tshark are
command line alternatives. Wireshark runs on Windows, Linux,
FreeBSD or OSX based systems.
viii. BackTrack
An Ubuntu based Linux distribution that is configured with hundreds of
security testing tools and scripts. Backtrack is well known with
penetration testers and hobbyists alike.
ix. Nikto
A web server testing tool that has been kicking around for over 10
years. Nikto is great for firing at a web server to find known vulnerable
scripts, configuration mistakes and related security problems. It won't
find your XSS and SQL web application bugs, but it does find many
things that other tools miss. To get started try the Nikto Tutorial or the
online hosted version.
x. Truecrypt
Encrypt all the things. Truecrypt is a strong encryption utility that can
encrypt entire volumes or create an encrypted container within a file
system. Use Truecrypt to protect your flash drives. If it gets lost, even
the NSA will have trouble reading the data.
Rujukan : https://hackertarget.com/10-open-source-security-tools/ (05/02/2017 2:04)
5
6 Teknologi Sistem Komputer Dan Rangkaian
6
7 Teknologi Sistem Komputer Dan Rangkaian
Is a form of threat where your computer will start popping out a lot
of advertisement. It can be from non-adult materials to adult
materials because any ads will make the host some money. It is not
really harmful threat but can be pretty annoying.
vi. Backdoor.
Backdoor is not really a Malware, but it is a form of method where
once a system is vulnerable to this method, attacker will be able to
bypass all the regular authentication service. It is usually installed
before any virus or Trojan infection because having a backdoor
installed will ease the transfer effort of those threats.
vii. Exploit.
Exploit is a form of software which is programmed specifically to
attack certain vulnerability. For instance if your web browser is
vulnerable to some out-dated vulnerable flash plugin, an exploit will
work only on your web browser and plugin. The way to avoid hitting
into exploit is to always patch your stuff because software patches
are there to fix vulnerabilities.
viii. Fake AV.
Fake Antivirus threat is a very popular threat among Mac user about
10 months ago. Due to the reason that Mac user seldom faces a
virus infection, scaring them with message which tells them that
their computer is infected with virus is pretty useful where it results
them into purchasing a bogus antivirus which does nothing.
ix. Phishing.
A fake website which is designed to look almost like the actual
website is a form of phishing attack. The idea of this attack is to trick
the user into entering their username and password into the fake
login form which serves the purpose of stealing the identity of the
victim. Every form sent out from the phishing site will not go to the
actual server, but the attacker controlled server.
x. Cookies.
Cookies is not really a Malware. It is just something used by most
websites to store something into your computer. It is here because
it has the ability to store things into your computer and track your
activities within the site. If you really dont like the existence of
7
8 Teknologi Sistem Komputer Dan Rangkaian
cookies, you can choose to reject using cookies for some of the
sites which you do not know.
xi. DDoS.
One of the most famous thing done by Anonymous, which is to
send millions of traffic to a single server to cause the system to
down with certain security feature disable so that they can do their
data stealing. This kind of trick which is to send a lot of traffic to a
machine is known as Distributed Denial of Service, also known as
DDoS.
xii. Boot Sector Virus.
It is a virus that places its own codes into computer DOS boot
sector or also known as the Master Boot Record. It will only start if
there it is injected during the boot up period where the damage is
high but difficult to infect. All the victim need to do if they realize
there is a boot sector virus is to remove all the bootable drive so
that this particular virus will not be able to boot.
xiii. Browser Hijackers.
A browser hijacker uses the Trojan Malware to take control of the
victims web browsing session. It is extremely dangerous especially
when the victim is trying to send some money via online banking
because that is the best time for the hijacker to alter the destination
of the bank account and even amount.
xiv. Virus Document.
Virus today can be spread through document file as well especially
PDF documents. Last time, people will only advice you not to simply
execute an EXE file but in todays world with todays technology,
document file should also be avoided. It is best if you use an online
virus scanner to scan first before opening any single file which you
feel it is suspicious.
8
9 Teknologi Sistem Komputer Dan Rangkaian
Rujukan : http://www.itscolumn.com/2012/03/28-types-of-computer-security-threats-
and-risks/ (05/02/2017 0:42)
ii. Network
a) Ransomware
This can be vicious and heartbreaking attack when certain
information and devices are locked and held for ransom. This
especially true for medical equipment thats unfortunate enough
to accidentally download this malicious code. The Internet of
Things will open up a fertile attack ground since certain devices
lack even basic security features.
b) Software vulnerabilities
Because not everyone updates software consistently with
patches, this poses a huge risk from an attack by hackers.
There is a constant stream of fixes issued in vendor security
patches and updates that must be installed for optimal security.
c) Hacktivism
While not new, hacktivism has become mainstream thanks to
the collective Anonymous system of hackers. Usually with a
political motive, these hackers launch distributed denial of
service attacks to hamper traffic or cause widespread damage
to entire systems.
d) More backdoors
Backdoors installed by sophisticated hackers can work to
decrypt data, leading to theft and black market activities. This
may give rise to nation states intercepting large amounts of VPN
traffic from a backdoors.
9
10 Teknologi Sistem Komputer Dan Rangkaian
Rujukan : http://www.tbconsulting.com/blog/top-8-network-security-threats-how-to-
mitigate-risks/ (05/02/2017 2:40)
10
11 Teknologi Sistem Komputer Dan Rangkaian
11
12 Teknologi Sistem Komputer Dan Rangkaian
12