Analisis Serangan Vulnerabilities Terhadap Server Selama Work from Home saat Pandemi Covid-19 sebagai Prosedur Mitigasi
Abstract views: 205 | pdf downloads: 303
Abstract
Since the COVID-19 Pandemic occurred, companies engaged in the retail sector have experienced a decline in the impact of government regulations such as PSBB (Large-Scale Social Restrictions) so that all activities were carried out from home or Work from Home (WFH). to assist companies or agencies with various types of information systems in carrying out their business activities and operations This server is one of the most important in the retail company. The opening of several accesses from the public network (internet) to the local area network (LAN) The security of a LAN network that is accessed from a public network is usually an administrator's problem. Often, the security problems of both the network and the entire application system, as well as the web server, are neglected just to ensure that operational activities run smoothly, and security is only realised after a disaster occurs. Without a good network security and application system, the application of any sophisticated technology will be very dangerous for the company, institution, or organisation itself. So, it takes a security analysis of all activities on the LAN, servers, and other devices to prevent mitigation and to be more aware of server security vulnerabilities. Based on the context of the existing issues, a penetration testing analysis is required. As supporting material, this research also uses guidelines from the CEH (Certified Ethical Hacker) module and the official Acunetix website. The test of this research is aimed at finding the weaknesses of the existing company/institution servers. Among others, quite a lot of weaknesses were found, where each of these weaknesses has a different handling, ports that should be blocked but are opened freely, and access to public IPs that are less important should be closed. The solutions proposed to overcome these problems include: the use of this Acunetix standard can be maintained and continued; testing is much better if carried out more than two times; periodically upgrading SNMP (Simple Network Management Protocol) vulnerable; increasing the level of server security; migration of quality antivirus; and upgrade of expired operating systems.
References
Babys, J.Y. (2018) ‘Analisis Vulnerable Port Pada Client Pengguna Publik Wifi’, Simetris: Jurnal Teknik Mesin, Elektro Dan Ilmu Komputer, 9(1), hal. 261–268.
Gunawan, I., Noertjahyana, A. dan Rusli, H. (2014) ‘Analysis and implementation of operational security management on computer center at the university X’, ARPN Journal of Engineering and Applied Sciences, 9(10), hal. 1688–1696.
Herdianti, H. dan Umar, F. (2020) ‘Analisis Keamanan Website Menggunakan Teknik Footprinting dan Vulnerability Scanning’, INFORMAL: Informatics Journal, 5(2), hal. 43–48.
Juardi, D. (2017) ‘Kajian Vulnerability Keamanan Jaringan Internet Menggunakan Nessus’, Syntax Jurnal Informatika, 6(1), hal. 11–19.
Kamilah, I., Ritzkal, R. dan Hendrawan, A.H. (2019) ‘A nalisis Keamanan Vulnerability p ada Server Absensi Kehadiran L aboratorium di Program Studi Teknik Informatika’, Prosiding Semnastek 2019, TINF - 006, hal. 1-9.
Masykur, F. (2015) ‘Analisis Vulnerability Web Based Application Menggunakan Nessus’, PROSIDING SENATEK FAKULTAS TEKNIK UMP [Cetak].
Mulya, B.W.R. dan Tarigan, A. (2018) ‘Pemeringkatan Risiko Keamanan Sistem Jaringan Komputer Politeknik Kota Malang Menggunakan Cvss Dan Fmea’, ILKOM Jurnal Ilmiah, 10(2), hal. 190–200.
Nazwita, N. dan Ramadhani, S. (2017) ‘Analisis Sistem Keamanan Web Server Dan Database Server Menggunakan Suricata’, in Seminar Nasional Teknologi Informasi Komunikasi dan Industri, hal. 308–317.
Sofana, I. dan Primartha, R. (2019) ‘Network Security dan Cyber Security Network Security Dan Cyber Security : Teori dan Praktik CISCO CCNA, LINUX, WINDOWS, AMAZON AWS, ANDROID’, Bandung: Informatika [Cetak].
Yunus, M. (2019) ‘Analisis Kerentanan Aplikasi Berbasis Web Menggunakan Kombinasi Security Tools Project Berdasarkan Framework Owasp Versi 4’, Jurnal Ilmiah Informatika Komputer, 24(1), hal. 37–48.
