Basic System Security ?>

Basic System Security

Security Assessment adalah proses yang dilakukan untuk mengamankan sebuah system

  1. HACKING

ability or Skill to manipulate the system

—The system can be manipulated :

—Network

—Software

—Hardware—

2. Ethical Hacking

—Same as Hacking

—Fix the system

—Find Hole Vulnerabilities

—Targeted

—Get permission

3. Black Hat

—Black Hat is a pentester can be crack systems without permissions

—How to penetrate :

—Hacktivist

—Vulberability scanner

—Password cracking

—Bot Spreading

—Worm

4. Security Assessment

—Profesionalism and have methods

—Goal : standardization and regulation

—Targets :

—Organizations affected by regulations

—Compliance standards, as ISO 27001

—Development process

—Activities :

Blackbox, whithebox, greybox, report, and patching

5. Vulnerability Assessment

—Identified Vulnerabilities on applications, operation systems, and network infrastructure

—Evalute and analyze on vulnerabilities when they found to deteminate the risk.

—Give the advisory and recommendation

—6. Penetration Testing

—Exploitation what have determinated on vulnerabilities (POC)

—Evaluate with smilations

—7. Security Audit

—Test with the standard

—Processing to test using “Check List”

8. Teknik Security Assessment

—Information Gathering

—Network Mapping dan OS fingerprinting

—Network Sniffing

—Trojan Attacks

—Cracking Password

—Vulenrability scanning

—9. Proses Security Assessment

—Activities Scope

—Non-Destructive test

—Destructive test

—Report / Advisory

—Conclusions

—10. Approaches

—Black Box :

—Zero Knowledge

—Internal / External Attack

—White Box :

—Full knowledge

—Internal Attack

—Grey Box :

—Partial or Full Knowledge

—Internal / External Attack

11. Toolkits

—Network Vulnerability Scanner

—Nessus, GFI LanGuard, Retina, Core Impact, Nmap, dll

—Web Vulnerability Scanner

—Acunetix, Nikto, Skipfish, WebScarab, BlackWidow

—Manual

 

 

 

 

 

Source : ID-SIRTII

Leave a Reply

Your email address will not be published. Required fields are marked *