2. Pusat Riset, Innovasi dan Pengembangan ICT
3. Teknologi Tepat guna dalam bidang ICT
4. Pusat data dan penganalisaannya
Staf Pendidik.
Barkah Firdaus (Ko.)
Ginanjar F.M. & Dian Hadiana
Sandi Socrates
Agus Haeruman
Ngara
Dede Supriatna
Indah
Rani Kharismaya
Ricky Taufikurrahman
Riki
Ricky Aji P.
Arip Nurahman
Anton Timur J.Wendy Afriza
|
| Video |
|
Watch it on Academic Earth
Lecture Description
Professor David J. Malan (Harvard University) discusses security as it pertains to building dynamic websites.
David J. Malan, Instructor
dmalan@harvard.edu
http://www.cs.harvard.edu/malan/
Course Description
Today's websites are increasingly dynamic. Pages are no longer static HTML files but instead generated by scripts and database calls. User interfaces are more seamless, with technologies like Ajax replacing traditional page reloads. This course teaches students how to build dynamic websites with Ajax and with Linux, Apache, MySQL, and PHP (LAMP), one of today's most popular frameworks. Students learn how to set up domain names with DNS, how to structure pages with XHTML and CSS, how to program in JavaScript and PHP, how to configure Apache and MySQL, how to design and query databases with SQL, how to use Ajax with both XML and JSON, and how to build mashups. The course explores issues of security, scalability, and cross-browser support and also discusses enterprise-level deployments of websites, including third-party hosting, virtualization, colocation in data centers, firewalling, and load-balancing.
Kang Onno W. Purbo, M.Sc., Ph.D.
Keamanan Jaringan &
Beberapa Tip Hacking
Teori
- Peta Teknologi Network Security
- http://www.owasp.org/index.php/Category:Principle - Prinsip Keamanan Aplikasi
- Trend Keamanan Internet Indonesia 2010
- 20 Linux Server Hardening Security Tips
- Linux Security Howto
Network Security Appliance
Untuk yang tidak mau pusing menginstalasi berbagai software / aplikasi network security, dapat menggunakan appliance yang sudah jadi.
Evaluasi Jaringan
Security Test
Network Security
- Beberapa Tip Hacking
- Teknik Memblok Situs Tidak Baik
- Memblok Situs Porno Menggunakan Content Filter di Firefox Windows
- 11 Kelemahan Yang Kerap Tidak Disadari Admin Jaringan
Mail Security
- Postfix: Konfigurasi relayhost dengan Authentikasi
- Block Spam Menggunakan Postfix
- Blok Spam Menggunakan Postfix dan Bogofilter
- Instalasi MailScanner
- http://www.scamnailer.info/
- Teknik Anti Spam
- Melihat Header e-mail
Firewall & Blokir Situs
- Mini Howto iptables untuk Firewall
- Firestarter Firewall untuk Ubuntu
- Teknik Memblok Situs Tidak Baik
- Firewall Untuk Proxy DansGuardian
- Edit Konfigurasi Pemblokiran Dansguardian
- Instalasi phpSHIELD
Network Monitoring & Intrution Detection
- Instalasi Nessus
- Instalasi Nessus Client
- Nessus: Melalui Web
- Instalasi NTOP
- Instalasi SNORT dan BASE Intrusion Detection System (IDS)
- Instalasi EasyIDS
- Suricata Open Source Next Generation Intrusion Detection and Prevention Engine
- http://www.endace.com/cyber-security-monitoring.html
- Snorby Preconfigured Security Application
Pertahanan untuk NetCut
- Membuat Linux Kebal ARP Poisoning ARP Spoofing
- Pemutus jaringan LAN di linux dengan TechnoCut
- Anti NetCut
- tuxcut
Secure Connection
- http://www.madboa.com/geek/gpg-quickstart/#keyintro - GPG Key
- Virtual Private Network (VPN)
- Instalasi dan Konfigurasi rsync untuk backup antar mesin
- Persiapan SSH untuk SCP Batch
- Topal - Pengikat GnuPG dan Alpine
- Mengikat GnuPG dan Alpine
- Menggunakan GnuPG
- GnuPG Mini Howto
- GnuPG Privacy Handbook
- Ubah Nomor Port sshd
Mematikan Mesin Windows Jarak Jauh
- http://www.howtoforge.com/how-to-remotely-shut-down-windows-xp-computers-from-a-linux-server
- http://www.lgr.ca/blog/2008/04/shutdown-windows-from-linux.html
- http://www.linuxforums.org/forum/redhat-fedora-linux-help/60324-remote-shutdown-windows-linux-box.html
- http://landofthefreeish.com/linux/howto-remote-shutdown-of-a-windows-computer-from-linux/
- http://blog.beausanders.com/?q=node/8
OS Security
- http://www.go2linux.org/fedora-centos-root-password-recovery - kalau lupa password root
- Enkripsi Disk
- 20 Linux System Monitoring Tool
Anti Rootkit
Anti Virus
Web Security
SQL Injection
- SQL Injection Web dengan Dork
- Algoritma dan teknik menangkal SQL injection
- Teknik Mengatasi SQL Injection
- Patch SQL Injection Session 1 cmsmadesimple
- Patch SQL Injection Session 2 cmsmadesimple
- Patch SQL Injection Session 3 Final akses module
Cross Site Scripting XSS
- Injeksi XSS Ke Dalam Website
- Analisis dan antisipasi serangan Cross Site Scripting (XSS) (RECOMMENDED)
- Cara Mengatasi XSS Bug pada Bagian Komentar Wordpress
- XSS attacks: cross-site scripting exploits and defense
- Security+ Guide to Network Security Fundamentals - Page 93
- Hacking: The Next Generation
- Building scalable web sites
- The definitive guide to Grails - Page 409
- Apache security
- http://www.owasp.org/index.php/SQL_injection
Pelaporan
Hacking
- Wireless Hacking
- Beberapa Tip Hacking
- Backtrack
- Mari Hacking Website agar menjadi lebih aman
- Bagi yang Account Facebook di Crack
- WebGoat - Web yang tidak aman Untuk Belajar di Hack
Referensi Keamanan Jaringan
- http://www.securityfocus.com
- http://www.lists.gnac.net/firewalls
- http://www.nfr.com.mailman/listinfo/firewall-wizards
- http://www.sans.org/sansnews/
- http://www.cert.org/
- http://www.safemag.com/
- http://www.ciac.org/
- http://www.linuxsecurity.com/
- http://www.insecure.org/
Buku-Buku
Referensi Keamanan Web
- http://www.w3.org/security/faq/
- http://www.securityportal.com
- http://www.2600.com
- http://www.go2net.com/people/paulp/cgi-security/
- http://www.consensus.com/security/ssl-talk-faq.html
- / Web Engineering dalam Konteks Web Science: Isu Terkini dan Tantangan author : Bambang Purnomosidi D. P
- http://whitesecure.com
- http://www.owasp.org/index.php/Main_Page
URL Menarik
- http://awarmanf.wordpress.com/2010/05/01/drop-ultrasurf-dengan-iptables/
- Mereset Password pada Aplikasi Berbasis Web - Aplikasi yang cukup aman tidak bisa menggunakan cara ini
- http://situstarget.com/home/2010/07/02/cara-melaporkan-situs-phising/
Beberapa Tip Hacking
- Metoda serangan jaringan komputer secara umum
- Menjalankan Exploit Source Code untuk Pemula dari LiveCD Backtrack.
- Membuat Script Indonesia Jaya Tembus Password
- Wireless Hacking
- Man In the Middle Attack
- Copy Pentest Backtrack
- http://hendrasiahaan.wordpress.com/2010/03/24/11-kelemahan-yang-kerap-tidak-disadari-admin-jaringan/
- http://artikel.xcode.or.id/mengirim-ratusan-wall-facebook-dengan-cepat/
- TuxCut
- Mengirimkan e-mail menggunakan telnet, tanpa bantuan software apapun
Pengetahuan Umum
Tools
- http://backtrack.offensive-security.com/index.php/Tools - daftar tool hacking
Jebol Password
Port Scanning
XSS Scanner
Web Security
- MITM Attack Mandiri Internet Banking Using SSLstrip
- http://www.ilmuhacking.com/web-security/memahami-cara-kerja-token-internet-banking/
- http://www.ilmuhacking.com/cryptography/memecahkan-kriptografi-dengan-chosen-plaintext-attack/
- http://www.ilmuhacking.com/web-security/membuat-web-dengan-otentikasi-berbasis-token/
- http://www.ilmuhacking.com/web-security/berburu-direktori-dan-file-sensitif-dengan-dirbuster/
- Sniffing SSL Traffic using oSpy
Sniffing
- Instalasi Wireshark
- http://awarmanf.wordpress.com/2010/04/29/tcpdump-dan-wireshark-untuk-sniffing-network/
- http://workaround.org/using-tcpdump-and-wireshark
- http://www.alexonlinux.com/tcpdump-for-dummies
- http://acs.lbl.gov/~jason/tcpdump_advanced_filters.txt
SQL Injection
SQL Injection Tutorial
- http://www.stmik-im.ac.id/userfiles/TEHNIK%20SQL%20INJECTION.pdf
- http://www.sekuritionline.net/plugins/p2_news/printarticle.php?p2_articleid=7
- http://www.binushacker.net/simple-sql-injection-tutorial.html
- http://fairuz.web.id/kumpulan-google-dork-untuk-sql-injection-deface-website-lewat-google.html
SQL Injection Software
- http://www.itsecteam.com/en/projects/project1.htm - Havij
- http://www.itsecteam.com/en/projects/project1_page2.htm - Havij Download
- http://linuxpoison.blogspot.com/2008/04/sql-injection-tool-sqlninja.html
- http://sourceforge.net/projects/sqlninja/files/
- http://sourceforge.net/projects/wapiti/
- http://sourceforge.net/projects/spinj/
- http://sourceforge.net/projects/paros/
- http://sourceforge.net/projects/w3af/
- http://sourceforge.net/projects/sqlmap/
- http://sourceforge.net/projects/hexjector/
- http://sourceforge.net/projects/joomscan/
Forum
Buku & Tutorial
Echo ezine
echo|zine issue #20 ( Pebruari 2009 )
- Introduction .................................................. y3dips
- Pseudo-random .............................................. anonymous
- Interview with Onno W Purbo......................................az001
- What`s goin on echo forum ............................anonymous-co-ed
- Intercepting Library Call ............................ mulyadi santosa
- Caesar Shift Cipher............................................... Rey
- ARPWall; Konsep dan Pembuktian ............................... y3dips
- Encryption: Algoritma Combo .................................... jackD
- Prophile on Jck.mrshl ................-----................. echostaff
- Enkripsi dan Dekripsi dengan Fungsi Mcrypt di PHP............ monqichi
- Salty Py; Password Salt Bruteforcer .. sheran gunasekera & selwin ong
- Anti-Forensic; Seek and Destroy .............................jck.mrshl
- Hacker LogBook....................................lirva 32; x-diamond1
echo|zine issue #19 ( Agustus 2008 )
- Introduction .................................................. y3dips
- Pseudo-random .............................................. anonymous
- idsecconf ................................................. echo|staff
- Digital Signature secara gampangnya ......................... mamasexy
- cryptography : Simple a-symetric algorithm................. x-diamond1
- Prophile on CyberTank .................................... echo|staff
- Prophile on lirva32 ...................................... echo|staff
- Whats Goin On Echo Forum ....................................... az001
- Bailiwicked DNS Attack (Cache Poisoning) .................... Cyberheb
- Scapy: obrak-abrik paket data ................................. y3dips
- Hacker LogBook ........................................ various artist
Referensi Menarik
- http://www.echo.or.id
- http://ezine.echo.or.id/ezine-index.html
- http://www.jasakom.com
- http://www.remote-exploit.org
- http://www.xnuxer.or.id
- http://www.ilmuhacking.com
- http://indobacktrack.or.id/forum/ - forum backtrack
- http://www.backtrack-linux.org
- http://indobacktrack.or.id/
- http://www.chinapage.com/sunzi-e.html - SunTsu the Art of War
- http://www.hackforums.net
- http://www.exploit-db.com
Repository
Pentest LiveCD
Pranala Menarik
Sumber:
http://opensource.telkomspeedy.com/wiki