Technorati Error Or Bug Not Interesting

Yesterday I made ​​my friend's account on technorati and tried to upload a photo on the profile account, I found an error or a bug on technorati. Error displayed is:

Error: exception 'Exception' with message 'Unknown image extension' in

/data1/technorati/code/trussite/trunk_2011_03_09-095119/application/modules/article/models/AuthorImage.php:164

Stack trace:

#0 /data1/technorati/code/trussite/trunk_2011_03_09-095119/application/modules/article/models/AuthorImage.php(130): AuthorImage->cropResizeAll()

#1 /data1/technorati/code/trussite/trunk_2011_03_09-095119/application/public/controllers/AccountController.php(438): AuthorImage->save()

ReadMore »»  

Interval Research & Analysis for Online Security

Research & Analysis - Online security almost discuss by online user that feeling to fear about loosing private data that thief by intruder.  Computer network intruders are increasingly sophisticated at using the latest techniques so that the harder to detect their presence. Online security research and analysis required in a network that wants high data security, therefore, that the data is safe and can be maintained even penetrated by data thieves can anticipate the steps carried out by means of analysis and research networks as well as important data regularly.

Importance of analyzing and researching configuration online network security on a regular basis in order to immediately known if there is a gap that can be manipulation and used by intruders to collect data so that steps may be possible anticipation effect.

Audit, analysis and research tracking online network as a whole may be daily, weekly, monthly, all depending on the needs and how important computer data contained it. The main advice is do not use computers that store data online is risky to use the internet network, there is good separation of the use of computer data storage with daily activities if it is possible. Are you have auditing, analyzing and researching your security computer network ?

ReadMore »»  

Security Systems On the Net

Security system On the net is very important, because if a computer is connected to the internet data traffic to and from the computer can be tracked and read by the young by those who are not responsible if it does not have adequate security.

Lifestyle On The Net is now reaching various circles, such as Astaga.com Lifestyle on the Net which is now being contested by astaga.com excited.

Too engrossed in Lifestyle on the net that make us not realize the danger is always lurking security, because right now many of the intruders tried to break into the network security is only to obtain information in a computer data in the drill.

Therefore, for basic security can use the antivirus or firewall that can block or complicate a person to access the computer.

Security products are now widely, but to get good security, we must incur a cost, but there also we can get for free such as Comodo Antivirus plus Firewall.

Comodo antivirus and firewall software when it is good to secure the personal networks because of the features provided are sufficient to secure the systems and the greater good is free.

As for the gateway may use clear os, nagios, and bind as a security system secures.

ReadMore »»  

On the Net Google Smashing Security

Google this week surprised the public free of charge, a network in China, or institutions not mentioned the attack, is responsible for the attack.

Google Blog has announced its decision, and the company's research showed, Inter-Net, Lifestyle, finance, technology, media and chemical fields, including at least 20 large companies and for the same purpose.

VeriSign, which had more than 30 companies, many high-high-tech companies in Silicon Valley is in California, said he believed that affected the Department of Defense contractors such as increasing.

Google's approach is now certain that fail to control access Gmail with your account, is a popular e-mail services that enhance the Security infrastructure.

"Google is in mid-December. The news that the malicious code in the system, Google, and to identify the code to the server again, the battle system, the other 33 companies," confirmed that no commitment iDenfense were identified.

They are at risk "is, at this time, any confidential information - customers, employees, and to display data sensitive financial and other constraints, including lack of evidence -" Adobe said in a task. "We hope to have time to investigate."

Yesterday, U.S. Senator Hillary Clinton s, Google will be announced in a statement:

"We are Google has serious concerns and questions have been notified about these allegations. We find the explanation to the Chinese government. To operate confidently in cyberspace capability, economy and society is important. I will discuss next week the center of the 21st century, the freedom on the Internet, we have clearly observed by the facts. "

ReadMore »»  

Network management Tool is a network Management Software

Network management tool is a net work management software used for monitoring network we've built. Network security is a complex problem, because there are many gaps in it that can be used by intruders to retrieve the desired data.

This Network Management program has advantages and disadvantages. From the full version to free version, but if not supported by the ability of network administrators a powerful management software tool will be very useful to secure the net work.

Many cases of large companies that have a Network administrator who only has a high value on paper but lack of experience in network management like SEO management on ASTAGA.COM LIFESTYLE on the net.

Below are some example network management tools that can be used to secure small-scale local network rather than for large-scale net works.

Flowalyzer NetFlow Generator 1.0

Flowalyzer NetFlow & sFlow Communicator 1.0

Chily User Management 9.09.01 

CyD Network Utilities - Security Tools 2010

ReadMore »»  

ClearOS For Networks Online Security

ClearOS For Net works Online Security. Although the functionality and integration of services with a clear list long series of solution for web-based interface, easy configuration.

Open source software offers the industry revolution is dead clear. Other features include anti-virus, anti-spam filtering, VPN, content, and is directly integrated into the software - without the need for expensive third-party add-ons. Clear, along with the guy, you can avoid vendor lock-in and proprietary formats, but you can accept the standards and open protocols.

ClearOS is powerful net work environment and clear gateway server designed for small and distributed.
One of the most important tasks when deploying server systems is a continuous monitoring and maintenance.
ClearSDN the security system is working properly to determine if the current gateway, and DNS services provides family. Follow the links on the sidebar for more information on services ClearSDN able to read.

Directory Features

    * Integrated LDAP for User and Group Management
    * User Security Certificate Manager

Network Features

    * Multi-WAN
    * VPN - PPTP, IPsec, OpenVPN
    * DMZ and 1-to-1 NAT
    * Stateful Firewall
    * Local DHCP and DNS Servers

Gateway Features

    * Antimalware - Antivirus, Antiphishing, Antispyware
    * Antispam
    * Networks Bandwidth Management
    * Intrusion Protection, Intrusion Prevention, Intrusion Detection
    * Protocol Filtering including Peer-to-Peer Detection
    * Content Filter
    * Web Proxy
    * Access Control

Server Features

    * Windows Networking with PDC Support
    * File and Print Services
    * Flexshares
    * Groupware with Outlook Connector
    * Mail Server - POP, IMAP, SMTP, Webmail, Retrieval
    * Mail Filtering - Antispam, Antimalware, Greylisting, Quarantine
    * Mail Archiving
    * Database with MySQL
    * Web Server with PHP Support

ReadMore »»  

Security in Mobile Phone With Without Operating System

Industrial development Cell Phone and Smart Phone so rapidly for Lifestyle, something that previously could not be predicted! when technology began to master the human civilization. Beginning in the mainland United States (U.S.), more widespread throughout the world. At first cell phone only used for voice, up until now use a multifunction Cell Phone.

In Indonesia, cell phone already beginning to be used as a tool many transactions with ease, as long as you are in the 'coverage area' then you are certain easily take advantage of cell phone in the transaction.

Some facilities utilize cell phone:

    * BCA with m-BCA and sms.
    * BNI also issued a similar facility in Mobile and sms banking and many other similar products.

But do you know that technology lifestyle, like a PC, cell phone security system also has weaknesses. Cell Phone that means you also must be equipped with a protection system that is safe for use.

Some related threat to the cell phone:

1. Bluetooth
Very risky to let Bluetooth active (enable) in unused condition. By default security password is used only 4 digits and very weak. Media Bluetooth also been reported vulnerable to attack cabir worn. For each user's Bluetooth, it is advisable to use a secure password security, and membiasajan to immediately turn off your bluetooth after use.

2. Malicious Software
Malicious software was designed to spread malicious code from one node to another node. Smart Phone Technology now includes the ability to recognize the wireless network installed on a laptop or other mobile devices. For laptop users are advised to always enable the firewall and IPS to prevent malicious connection that can damage your data.

3. Instant Messaging
Instant Messaging-based attacks are attacks that are recognized type of IM attacks Phone. The longer the duration of the user connected to the IM using the Smart phone will automatically increase the risk of attack exploits Mobile IM.

4. Attachments
As with the PC, the virus also spread through file attachments. The question was whether the Cell Phone or Smart Phone you are already equipped Antivirus, if it is, how effective?

5. Spyware
As with viruses, Spyware can also easily attack the cell phone or smart phone. Roughly the same question, whether the cell phone or smart phone you already have a protection against Spyware?

Some weaknesses of the above may be a new part, which must surely be to force new ideas and technologies become increasingly developed for Style like SEO lifestyle Astaga.com.

ReadMore »»  

Security Software For Administrator Network

10 programs of the best for audit Network and security software tools for Linux

Linux is a h**ker’s dream computer operating system. It supports tons of tools and utilities for cracking passwords, scanning Network vulnerabilities, and detecting possible intrusions. Please always keep in mind that these tools are not meant to harm, but to protect.

1. John the Ripper

John the Ripper is a free password cracking software tool initially developed for the UNIX operating system. It is one of the most popular password testing/breaking programs as it combines a number of password crackers into one package, autodetects password hash types, and includes a customizable cracker. It can be run against various encrypted password formats including several crypt password hash types most commonly found on various Unix flavors (based on DES, MD5, or Blowfish), Kerberos AFS, and Windows NT/2000/XP/2003 LM hash. Additional modules have extended its ability to include MD4-based password hashes and passwords stored in LDAP, MySQL and others.

2. Nmap

Nmap is my favorite network security scanner. It is used to discover computers and services on a computer network, thus creating a "map" of the network. Just like many simple port scanners, Nmap is capable of discovering passive services on a network despite the fact that such services aren't advertising themselves with a service discovery protocol. In addition Nmap may be able to determine various details about the remote computers. These include operating system, device type, uptime, software product used to run a service, exact version number of that product, presence of some firewall techniques and, on a local area network, even vendor of the remote network card.

Nmap runs on Linux, Microsoft Windows, Solaris, and BSD (including Mac OS X), and also on AmigaOS. Linux is the most popular nmap platform and Windows the second most popular.

3. Nessus

Nessus is a comprehensive vulnerability scanning software. Its goal is to detect potential vulnerabilities on the tested systems such as:

-Vulnerabilities that allow a remote cracker to control or access sensitive data on a system.
-Misconfiguration (e.g. open mail relay, missing patches, etc).
-Default passwords, a few common passwords, and blank/absent passwords on some system accounts. Nessus can also call Hydra (an external tool) to launch a dictionary attack.
-Denials of service against the TCP/IP stack by using mangled packets

Nessus is the world's most popular vulnerability scanner, estimated to be used by over 75,000 organizations worldwide. It took first place in the 2000, 2003, and 2006 security tools survey from SecTools.Org.

4. chkrootkit

chkrootkit (Check Rootkit) is a common Unix-based program intended to help system administrators check their system for known rootkits. It is a shell script using common UNIX/Linux tools like the strings and grep commands to search core system programs for signatures and for comparing a traversal of the /proc filesystem with the output of the ps (process status) command to look for discrepancies.

It can be used from a "rescue disc" (typically a Live CD) or it can optionally use an alternative directory from which to run all of its own commands. These techniques allow chkrootkit to trust the commands upon which it depend a bit more.

There are inherent limitations to the reliability of any program that attempts to detect compromises (such as rootkits and computer viruses). Newer rootkits may specifically attempt to detect and compromise copies of the chkrootkit programs or take other measures to evade detection by them.

5. Wireshark

Wireshark is a free packet sniffer computer application used for network troubleshooting, analysis, software and communications protocol development, and education. In June 2006, the project was renamed from Ethereal due to trademark issues.

The functionality Wireshark provides is very similar to tcpdump, but it has a GUI front-end, and many more information sorting and filtering options. It allows the user to see all traffic being passed over the network (usually an Ethernet network but support is being added for others) by putting the network interface into promiscuous mode.

Wireshark uses the cross-platform GTK+ widget toolkit, and is cross-platform, running on various computer operating systems including Linux, Mac OS X, and Microsoft Windows. Released under the terms of the GNU General Public License, Wireshark is free software.

6. Netcat

netcat is a computer networking utility for reading from and writing to network connections on either TCP or UDP.

Netcat was voted the second most useful network security tool in a 2000 poll conducted by insecure.org on the nmap users mailing list. In 2003, it gained fourth place, a position it also held in the 2006 poll.

The original version of netcat is a UNIX program. Its author is known as *Hobbit*. He released version 1.1 in March of 1996.

Netcat is fully POSIX compatible and there exist several implementations, including a rewrite from scratch known as GNU netcat.

7. Kismet

Kismet is a network detector, packet sniffer, and intrusion detection system for 802.11 wireless LANs. Kismet will work with any wireless card which supports raw monitoring mode, and can sniff 802.11a, 802.11b and 802.11g traffic.

Kismet is unlike most other Wireless Network detectors in that it works passively. This means that without sending any loggable packets, it is able to detect the presence of both wireless access points and wireless clients, and associate them with each other.

Kismet also includes basic wireless IDS features such as detecting active wireless sniffing programs including NetStumbler, as well as a number of wireless network attacks.

8. hping

hping is a free packet generator and analyzer for the TCP/IP protocol. Hping is one of the de facto tools for security auditing and testing of firewalls and networks, and was used to exploit the idle scan scanning technique (also invented by the hping author), and now implemented in the Nmap Security Scanner. The new version of hping, hping3, is scriptable using the Tcl language and implements an engine for string based, human readable description of TCP/IP packets, so that the programmer can write scripts related to low level TCP/IP packet manipulation and analysis in very short time.

Like most tools used in computer security, hping is useful to both system administrators and crackers (or script kiddies).

9. Snort

Snort is a free and open source Network Intrusion prevention system (NIPS) and network intrusion detection (NIDS) capable of performing packet logging and real-time traffic analysis on IP networks.

Snort performs protocol analysis, content searching/matching, and is commonly used to actively block or passively detect a variety of attacks and probes, such as buffer overflows, stealth port scans, web application attacks, SMB probes, and OS fingerprinting attempts, amongst other features. The software is mostly used for intrusion prevention purposes, by dropping attacks as they are taking place. Snort can be combined with other software such as SnortSnarf, sguil, OSSIM, and the Basic Analysis and Security Engine (BASE) to provide a visual representation of intrusion data. With patches for the Snort source from Bleeding Edge Threats, support for packet stream antivirus scanning with ClamAV and Network abnormality with SPADE in network layers 3 and 4 is possible with historical observation.

10. tcpdump

tcpdump is a common computer network debugging tool that runs under the command line. It allows the user to intercept and display TCP/IP and other packets being transmitted or received over a network to which the computer is attached.

In some Unix-like operating systems, a user must have superuser privileges to use tcpdump because the packet capturing mechanisms on those systems require elevated privileges. However, the -Z option may be used to drop privileges to a specific unprivileged user after capturing has been set up. In other Unix-like operating systems, the packet capturing mechanism can be configured to allow non-privileged users to use it; if that is done, superuser privileges are not required.

The user may optionally apply a BPF-based filter to limit the number of packets seen by tcpdump; this renders the output more usable on networks with a high volume of traffic.

ReadMore »»  

Nagios For Linux Security

Security is extremely vulnerable if a computer is connected to the network, especially online via the internet. Dangers that lurk usually happens without conscious computer owners, therefore, many security experts are trying to assess and examine the gaps that can be taken by a data thief. The best step is to ready an umbrella before it rains.
One of the software can be used to monitor traffic to our computer data is Nagios.
What is Nagios?
Nagios® is a system and network monitoring application. It watches hosts and services that you specify, alerting you when things go bad and when they get better, was originally designed to run under Linux, although it should work under most other unices as well.
Some of the many features of Nagios include:

- Monitoring of network services (SMTP, POP3, HTTP, NNTP, PING, etc.)
- Monitoring of host resources (processor load, disk usage, etc.)
- Simple plugin design that allows users to easily develop their own service checks
- Parallelized service checks
- Ability to define network host hierarchy using "parent" hosts, allowing detection of and distinction between hosts that are down and those that are unreachable
- Contact notifications when service or host problems occur and get resolved (via email, pager, or user-defined method)
- Ability to define event handlers to be run during service or host events for proactive problem resolution
- Automatic log file rotation
- Support for implementing redundant monitoring hosts
- Optional web interface for viewing current network status, notification and problem history, log file, etc.

It's licensed under the terms of the GNU General Public License Version 2 as published by the Free Software Foundation. This gives you legal permission to copy, distribute and/or modify Nagios under certain conditions.
Read the 'LICENSE' file in the Nagios distribution HERE
Get Nagios : HERE

ReadMore »»  

BIND Security Updates

ISC (Internet Systems Consortium) has released security updates to resolve a DNSSEC-related vulnerability for BIND.
The problem occured when a client sending recursive queries in which the DNSSec Ok (DO) and Checking Disabled (CD) flags are set in the header, where is allows attackers to inject fake entries into the name server's cache under certain circumstances name servers which allow recursive queries extract information from the additional section of responses, will the result that specific domains are resolved to incorrect IP addresses (e.g. phishing servers).

Although normal clients do not send queries of this type, it is certainly possible that a piece of malware might be able to manipulate a name server in this way using crafted queries within a corporate network. Users should therefore not hesitate to install updates 9.4.3-P4, 9.5.2-P1 or 9.6.1-P2. Administrators should also check whether servers permit recursive queries from external sources and if necessary block this option. The problem does not occur with authoritative-only name servers.

This is affect with all versions of BIND (9.0.x to 9.6.x). So, get patch for your BIND Networks Server.

ReadMore »»  

SSL (Secure Socket Layer)

Salah satu metode enkripsi Style dalam komunikasi data yang dibuat oleh Netscape Communication Corporation yaitu SSL (Secure Socket Layer).

SSL hanya mengenkripsikan data yang dikirim lewat http, sehingga data yang terkirim terenkripsi yang berguna untuk keamanan paket data.

Proses enkripsi data melalui SSL dapat digambarkan sebagai berikut :

1. Pada saat terjadi koneksi antara client dan server, maka akan terjadi pertukaran kunci rahasia yang dipergunakan untuk mengenkripsi data yang akan dikirim sehingga walaupun paket data tersebut dapat dilihat oleh pihak lain namun sulit dibaca karena sudah terenkripsi. Ingat "sulit dibaca" bukan berarti "tidak bisa dibaca".

2. SSL mendukung kriptografi public key, sehingga server dapat melakukan autentikasi dengan metode yang sudah dikenal umum seperti RSA dan Digital Signature Standard (DSS).

3. Dengan menggunakan algoritma digest seperti MD5 dan SHA, SSL dapat melakukan verifikasi integritas sesi yang sedang berjalan. Hal ini menghindarkan pembajakan suatu sesi.

SSL 2.0 v.s SSL 3.0

Kelebihan Protokol SSL 3 yaitu menggabungkan masukan dari SSL. Layanan dasar SSL menyediakan - integritas pesan, pesan privasi, dan saling otentikasi - adalah sama di kedua versi 2 dan 3 dari protokol. Namun, SSL 3 menawarkan sejumlah protokol tambahan seperti berikut:

* Lebih sedikit koneksi sehingga membuat lebih cepat koneksi.

* Mendukung lebih banyak kunci-pertukaran dan algoritma enkripsi (misalnya, Diffie-Hellman, Fortezza)

* Mendukung hardware token dalam bentuk kartu Fortezza. Ini adalah langkah pertama ke arah kriptografi yang lebih umum yaitu kemampuan untuk mendukung smart card.

* Sebuah perbaikan permintaan protokol sertifikat klien yang memungkinkan server menentukan daftar sertifikat otoritas klien yang terpercaya untuk mengeluarkan sertifikat. Navigator mengembalikan sertifikat yang ditandatangani oleh salah satu otoritas sertifikat. Jika tidak memiliki sertifikat, maka koneksi akan gagal. Hal ini membebaskan pengguna dari keharusan untuk memilih sertifikat untuk masing-masing koneksi.

Untuk Lebih jelas mengenai enkripsi SSL ini dapat membaca artikel dari berbagai sumber di internet dan pada umumnya dalam bahasa Inggris, beberapa diantaranya adalah :

# SSL/TLS Strong Encryption ;
http://httpd.apache.org/docs/2.2/ssl/ssl_intro.html

# Securing Communications on the Intranet and Over the Internet, TAHEL ELGAMAL, JEFF TREUHAFT, danFRANK CHEN, Netscape Communications Corporation;
http://www.go-digital.net/whitepapers/securecomm.html

# Enable SSL Version 3 and TLS v1.0 for more security ;
http://www.debianadmin.com/how-to-enable-ssl-version-3-and-tls-transport-layer-security-version-1-in-apache-hosts.html

# OpenSSL SSL/TLS library
http://www.rootr.net/man/man/ssl/3

Postingan sebelumnya mengenai Interkoneksi antar jaringan dan Security Server Jaringan

ReadMore »»  

Ubuntu Tuxcut v.s Win NetCut

Tux Cut is a small program software written in PyQt. TuxCut running on linux machine, its function like NetCut on windows.
TuxCut have a protect to me feature, but its not like NetCut, on TuxCut there is Change Mac feature that NetCut doesn't have. Style at this tool is simple, like Astaga.com Lifestyle kontes seo on the net today.
Get Tux Cut Here :

Download TuxCut rpm
Download TuxCut deb

Get Windows NetCut Here :

NetCut Windows

Get Anti Net Cut Here :


Anti NetCut Windows
Anti NetCut Linux with tar.gz

ReadMore »»  

Audit Security Jaringan dengan Pentest

Security Jaringan merupakan permasalahan yang sangat kompleks bagi seorang administrator jaringan. Karena untuk mengamankan jaringan bukan hanya memerlukan tool-tool yang banyak bertaburan di internet dan dapat diperoleh secara gratis, namun hal ini juga memerlukan keahlian dan pengalaman dari administrator itu sendiri.

Berbagai macam gangguan yang disebabkan oleh berbagai macam program atau software jahat dapat merusak dan mencuri data dari komputer korban. Meskipun telah dipasangi berbagai macam software, seperti antivirus, firewall, proxy, dan berbagai macam program lainnya.

Jaringan yang masih mempergunakan windows sebagai OS utama masih sangat rentan terhadap terhadap serangan program jahat, terutama virus komputer yang banyak berkembang biak di sistem operasi windows.

Oleh karena itu, sangat disarankan untuk jaringan dalam kapasitas besar mempergunakan linux sebagai benteng server jaringannya, karena selain masalah keamanan linux juga menggunakan source yang kecil sehingga meringankan beban kerja dari hardware server itu sendiri.

Untuk mengaudit keamanan atau security jaringan anda, banyak tool yang dapat dipergunakan. Namun tools audit security jaringan lebih banyak bekerja secara maksimal di lingkungan unix atau Linux. Salah satu tool untuk mengetes penetrasi jaringan (Pentest) adalah backtrack.

Backtrack merupakan salah satu distribusi linux yang fokus terhadap penetrasi jaringan. Untuk dapat menggunakan backtrack ini, seorang administrator jaringan dituntut menguasai sistem operasi linux karena pentest ini bekerja di lingkungan unix.

Silahkan coba salah satu pentest terbaik ini (versi penulis, hehehe). Untuk memperoleh pentest ini langsung aja ke bt4-prefinal-iso.

Ibarat kata pepatah "Pengalaman adalah guru yang terbaik". Oleh karena itu, seringlah mencoba dan mencoba lagi mengamankan jaringan anda dari disusupi pihak-pihak yang tidak bertanggung jawab.

ReadMore »»  

KAV KIS KEY Update

Melanjuti postingan sebelumnya cara mendapatkan kis dan kav key yang agak telat updatenya maka sekarang ini ada update untuk memperoleh kav dan kis key secara gratis.

Antivirus Kaspersky merupakan antivirus yang banyak dipergunakan untuk membantu keamanan pada saat online, namun untuk memperoleh lisensi key nya yang rada sulit. Karena apabila melakukan update secara online maka key yang diperoleh tidak lama akan di block sehingga fitur protection nya menjadi disable atau tidak berfungsi. Nah, untuk tetep dapat menggunakan antivirusnya secara gratis silahkan download kaspersky key finder di sini.

Postingan ini bukannya mengajar untuk membajak software, namun hanya sekedar membantu bagi yang ingin menggunakan antivirus yang bagus namun tidak memiliki dana untuk membeli lisensi software yang hanya bertahan selama 1 tahun. Semoga membantu.

ReadMore »»  

F-Secure Internet Security Gratis

Situs F-Secure Jerman dan Majalah Chip Jerman sedang promosi untuk menggunakan F-Secure Internet Security 2009 selama 3 bulan secara gratis dengan dukungan penuh yaitu update secara online.
Jika berniat untuk mencoba atau menikmati 3 bulan penuh perlindungan ketika berselancar di internet, apalagi berselancar dengan keyword stop dreaming start action. F-Secure ini dapat diperoleh di halaman promosi melalui link disini and dapatkan kode aktivasinya. Proses ini sangat simple. Isi alamat email yang valid dan nama pengguna yang akan digunakan untuk menerima email aktivasi key.
Sedangkan untuk memperoleh F-Secure internet security 2009 (2010) dapat didownload disini.

ReadMore »»  

Security Jaringan dengan Firewall

Semakin berkembangnya sebuah jaringan komputer maka security jaringan dituntut untuk lebih menjamin keamanan data pengguna.
Firewall adalah salah satu tool yang dapat digunakan untuk security jaringan, karena menerapkan kebijakan security (security policy). Kompleksitas konfigurasi dari jaringan juga berpengaruh terhadap kebijakan security firewall.
Tugas utama firewall adalah melakukan filterisasi terhadap traffic yang lewat antara satu jaringan dengan jaringan lainnya. Namun firewall tidak akan memfilter traffic kompetisi SEO dengan key word stop dreaming start action.
Traffic yang lewat ini difilter berdasarkan IP-Address dan Port Number yang disesuaikan dengan kebijakan security yang diterapkan oleh administrator jaringan. Salah satu firewall + antivirus yang dapat diperoleh secara gratis yaitu personal firewall comodo.
Untuk pengguna XP(SP2)/Vista 32 bit dapat mendownloadnya secara gratis di SINI
Untuk pengguna XP(SP2)/Vista 64 bit dapat mendownloadnya secara gratis di SINI

ReadMore »»  

Interkoneksi Antar Jaringan

Interkoneksi adalah hubungan yang terjadi antara satu koneksi dengan koneksi yang lain. Interkoneksi antar jaringan adalah hubungan atau koneksi antara satu jaringan dengan jaringan yang lain. Jaringan yang terhubung ini bukan hanya jaringan telekomunikasi namun semua bentuk jaringan yang melakukan interkoneksi.

Banyak yang menganalisa interkoneksi antar jaringan adalah hubungan antar jaringan telekomunikasi. Namun secara harfiah interkoneksi jaringan tidak hanya mengarah ke jaringan telekomunikasi, namun ke semua jaringan.

ReadMore »»  

Keamanan Browser

Ketika sebuah komputer terhubung ke jaringan dan mulai berkomunikasi dengan orang lain, maka akan terdapat resiko keamanan. Keamanan Internet meliputi perlindungan dari intruder atau penyusup dari pengguna yang tidak dikenal.
Sebagaimana diketahui bahwa penjahat cyber yang berhasil menyerang akan selalu berusaha untuk menemukan cara-cara baru untuk menghindari keamanan TI, dan pengguna harus terus waspada. Kapan keputusan harus dibuat tentang cara meningkatkan keamanan sistem komputer terletak pada individu atau pengguna.
Hampir 70% dari pasar browser didominasi oleh Internet Explorer. Akibatnya, pembuat malware lebih sering memanfaatkan Internet Explorer. Malware sering memanfaatkan kerentanan ActiveX. Pengguna Internet Explorer yang terus menurun (sampai dengan 2009; melihat daftar statistik pengguna web browser) karena sebagian pengguna telah beralih ke browser lain yang lebih terjamin keamanannya, terutama Firefox, Opera dan Google Chrome.
Namun tidak ada browser yang benar-benar aman dan sanggup menahan gempuran para penyusup, maka daripada itu perlunya peningkatan kewaspadaan dalam bermain di jaringan astaga.com lifestyle on the net.

ReadMore »»  

Anti Virus untuk Security Jaringan

Maraknya perkembangan virus dewasa ini cukup membuat perusahaan antivirus kewalahan, apalagi virus yang berkembang sekarang sudah pandai memposisikan diri (polymorphic) dan mengupdate dirinya sendiri sehingga semakin susah dilacak dan dibasmi oleh anti virus yang tidak update.

Namun disini tidak termasuk virus stop dreaming start action, dan sekarang virus Astaga.COM Lifestyle on the net.

Untuk pengguna rumahan, lebih banyak terkena oleh virus dan worm yang menyebar melalui USB flashdisk. Oleh karena itu untuk informasi yang sifatnya "sangat rahasia" meski memiliki pengamanan yang ketat, namun seketat apapun pengamanan yang dilakukan pasti selalu masih ada celah yang bisa dimasuki.
Sehingga untuk keamanan yang baik, sebaiknya komputer tidak terhubung ke dalam jaringan.

Namun apabila sifatnya mengharuskan mengakses jaringan maka perlu adanya pengamanan yang memadai. Kebanyakan dari pengguna jaringan kurang memahami arti pentingnya keamanan data, sehingga mereka tidak terlalu perduli dengan segala bentuk pengamanan jaringan.

Beberapa diantaranya pengaman standar yaitu dengan diinstalkannya anti virus dan firewall ke komputer yang digunakan untuk jaringan.
Hal yang perlu diperhatikan sebelum menginstal antivirus atau software keamanan lainnya adalah pastikan bahwa software yang diinstal berasal dari perusahaan pembuat software yang terpercaya, karena sekarang ini maraknya situs-situs h*ckers yang menyamar sebagai penyedia software atau tools keamanaan.

Dibawah ini adalah beberapa antivirus yang dapat dipergunakan untuk mengamankan komputer yang digunakan.

1. GDATA ANTIVIRUS
   
2. Kaspersky
3. ESET
4. Sophos
5. Panda Antivirus
6. Mc Afee
7. AVG
8. Avira
9. Trend Micro
   
10. F-Secure
11. Ansav
12. Comodo
13. Symantec
14. Clamwin
    
15. Clamav
16. Avast
17. Bitdefender

Di atas hanya beberapa dari situs web penyedia antivirus. Masih banyak antivirus lain yang dapat digunakan untuk mengamankan komputer.

Lebih bijak kalau kita sedia payung sebelum hujan, sehingga tidak kehilangan data yang diamankan.

ReadMore »»  

ENKRIPSI CRYPTOGRAPHY

Cryptography telah lama berkembang sejak orang menginginkan informasi terkirim tidak dapat ‘dibaca’ oleh pihak tidak berkepentingan.
Cryptography memiliki dua mekanisme yaitu pivat key (kunci privat) atau public key (kunci public).
DES (data encryption standard) digunakan oleh Kerberos menggunakan sistem privat key sedangkan RSA menerapkan sistem public key.
Ron Rivest yang merupakan salah satu dari kontributor RSA (Rivest Shamir Addleman) kemudian membuat MD4 (message digest function # 4) yang dipergunakan oleh S/Key-nya TIS-FWTK. Penggabungan dari kedua metode ini kemudian menghasilkan PGP (Pretty Good Privacy).
Dengan enkripsi, informasi yang dikirim melewati jaringan ke suatu jaringan lainnya yang memiliki keamanan meragukan seperti internet akan relatif lebih terjamin.
Enkripsi antar jaringan menyebabkan seorang ‘pembobol’ harus berusaha lebih keras untuk memperoleh informasi yang diharapkan.

Ada beberapa level untuk penerapan enkripsi, yaitu:
Level aplikasi
Pada level ini mensyaratkan penggunaan perangkat lunak client-server.
Level data-link
Enkripsi data-link hanya berlaku untuk hubungan titik ke titik, seperti nkripsi pada modem telepon
Level jaringan.
Enkripsi level jaringan (network layer) diterapkan pada router atau peralatan lain yang bersebelahan dengan jaringan dikedua sisi.

Namun untuk masa sekarang ini, teknologi VLAN (Virtual Local Area Networks) diperkirakan menjadi pilihan utama untuk intranet (enterprisewide) karena enkripsi keamanan data pada level jaringan telah menjadi begitu penting.

ReadMore »»