Security Analyst and Penetration Test

Goals of Information Security• The common thread among good information security objectives is

that they address all three core security principles.

Availability

Prevents unauthorized

disclosure of systems

and information.

Prevents unauthorized

modification of systems

and information.

Prevents disruption of

service and productivity.

Cyber Six

Cyber Six• Cyber Space

– Web 2.0 / dynamic web

• Cyber Threat– App Vulnerability

• Cyber Attack– Exploit Vulnerability

• Cyber Security– Defense in depth

• Cyber Crime– Unauthorized access

• Cyber Law– UU ITE

Cyber Space

• Growth, 60+ million users, 45+ million students, 60+

Gbit/s traffic, 200% rising local content trends

• Mobile, 90+ million internet users, 3+ million internet

banking, 99%+ district coverage, 100+ milion gadget

• Price War, $10 unlimited/monthly, $200- smartphone,

Blackberry, $300- netbook (bundled internet ready)

• Always On, 40+ million social media (2nd largest), 35+

million online media visitors daily, 10+ million online

gamers, 5+ million e-commerce transaction daily

Cyber Threat

Threat Categories

Types of Attacks

Defense in Depth

Cyber Crime

• Online banking fraud (phising, MiTM)

• Tax evasion, money laundering, corruption

• Underground economy, transnational crime (organized, cross border, distributed, multi stage, political issues involved, global action)

• Sophistication (individual, skilled, targetted)

• Crimes that not exist yet (not regulated yet), online (cyber), financial (money), integrated (any kind related), more politics

Cyber Law

• UU ITE Nomor 11/2008

• UU ITE Nomor 19/2016

• UU Perlindungan Anak Nomor 23/2002

• UU Pornografi Nomor 44/2008

• KUHP, RUU, RPP, Peraturan Lain

• Content Regulation dan Filtering

What is Security Analyst

• Planning and implementing security measures to protect computer systems, networks and data

• Creating, testing and implementing network disaster recovery plans

• Performing risk assessments and testing of data processing systems

• Installing firewalls, data encryption and other security measures

• Recommending security enhancements and purchases• Training staff on network and information security

procedures

Lab 1

• Information gathering

• Method: whois lookup, banner grabbing

• Tools: nslookup, idserve, theharvester

• Target: target URL, internal URL, DNS records, key persons, OS/App running

Lab 2

• Scanning port and cracking password

• Tools: nmap/zenmap, hydra

• Target: open port, weak password, default configuration

• Countermeasure: filtering(firewall), password policy, IDS

Lab 3

• Scanning vulnerability and exploit vulnerability

• Tools: nessus, metasploit framework

• Target: deprecated OS

• Countermeasure: update OS, block exploit vulnerability

Lab 4

• Web App Threat

• Method: Directory Traversal, Cross Site Scripting(XSS), Parameter/Form Tampering, SQL Injection

• Tools: Havij, sqlmap, dotdotpwn.pl

Lab 5

• Wordpress App Pentest

• Method: user/plug-ins enumeration, cracking password, exploit Web server

• Tools: wpscan, metasploit

• Target: weak password, deprecated Plug-ins