EL 695 - Keamanan Sistem Informasi

Halaman muka
schedule
tugas akhir 2002-2003 (baru)
tugas akhir 2000
tugas akhir 2001
tugas akhir
2002

Responsi/Labs

responsi 1 (updated, jan 2002)
responsi 2 (updated, oct 2001)
responsi 3
responsi 4
responsi 5

Last update 10 September 2003

Rancangan Schedule

  1. Pendahuluan
    mengapa masalah security menjadi topik penting; statistik mengenai masalah security. Bergabung dengan tim RC5DES (distributed.net) Indonesia Raya. Materi introduction to security (updated September 2003) and security evaluation.
  2. Etika
    yang membedakan administrator, hacker, cracker; definisi; game hack; contoh hacker lokal, global; cerita tentang hacker (takedown / mitnick, berferd, dsb.); hacking methodology. [PDF presentation material]
  3. Prinsip
    aspek, model sistem keamanan serta permasalahaan yang terkait. Responsi #1.

Kriptografi

  1. Latar belakang enkripsi
    sejarah pengamanan pesan, steganography vs cryptography, contoh2 cipher (Caesar cipher, RPT13, Enigma); private key vs public key. Materi Sejarah Kriptografi (updated: 8 September 2002).
  2. Beberapa algoritma populer (DES, RSA, MD5)
    Beberapa diagram tentang DES (diambil dari buku Stallings), RSA (presentasi pak Sarwono) 
  3. Aplikasi kriptografi
    E-commerce, CA, Digital Signature

Network Security

  1. Prinsip TCP/IP
    OSI model vs TCP model
  2. Servis-servis Internet
    finger, ftp, telnet, smtp, http
    Materi: casing the join / establishment (updated, 6 Oktober 2002)
    Responsi 2: casing the joint
  3. Penyerangan melalui network
    probe, sniff: tcpprobe, strobe, nmap, sniffit, tcpdump, WebXRay, sniffer pro
  4. DoS attack
    Teori dasar: 3-way handshaking, buffer overflow. Tools: winnuke, land, latiera, smurf, BO, Netbus, Subseven, Skydance. Deteksi dan proteksi.

Topik khusus

  1. Keamanan sistem UNIX
    sejarah unix , konfigurasi, berkas penting, berkas log, secure shell
     Responsi 3: UNIX security
  2. Detection & response
    proteksi, integrity checker, intrusion detection, incident handling; tools (cops, satan, saint, sara, nessus); ID-CERT
  3. Keamanan sistem email
     email palsu, spamming, relaying, mailbomb, PGP, PEM, S/MIME
    Materi presentasi: keamanan email [update: Oktober 2002], Responsi 4: email palsu
  4. Keamanan sistem WWW
    pendahuluan tentang httpd, CGI, client attack, DoS attack, privacy attack
    Materi presentasi: keamanan www, Responsi 5: keamanan WWW
  5. Filtering (IP filtering, firewall, policy)
  6. Network monitoring security
     Materi presentasi (8mar2002): netmon security
    SNMP exploit / attack
  7. Incident Handling
    Ini mater baru yang baru diajarkan pada kelas 2002.
     Materi presentasi dalam PowerPoint . Lihat juga situs ID-CERT  untuk informasi mengenai Indonesia CERT.
  8. Topik khusus / advanced: Java security, Database, X Window, Windows NT/2000, router, Disaster Recovery Plan (Business Resumption), keamanan sistem wireless (baru, nov 2002 ), Return on Security Investment (baru, 2003) 

References

  1. Budi Rahardjo, " Keamanan Sistem Informasi Berbasis Internet ". In Adobe PDF format.

News / Remarks

 

 Related - Featured links

Budi Rahardjo's homepage