Security Design And Testing of Lan and Wlan Network in Mikrotik Router Using Penetration Testing Method FROM Mitm Attack

The growth of device user is always increasing and the costs are not expensive. Users already have several sophisticated end user networking tools for daily use, including laptops, smartphones and tablets. For internet access users use LAN and WLAN network services in several public areas such as restaurants, schools / campuses, hotels and offices. Activities done by the users are data and banking transactions. These activities relate to crucial data such as user data including usernames, passwords, accounts, emails and other sensitive data. Mikrotik Router is a router with an affordable price and complete features for both LAN and WLAN networks so that many administrators use this device. The most common attack used on the network is Man in the Middle Attack, which is actively tapping on the user's network connection, where traffic from the user before reaching the destination or when going through a Mikrotik router will be diverted through the attacker's network without the user's knowledge so that user communication can be read. Therefore a network security system on a Mikrotik router is needed to avoid such attacks. In testing the security system that has been made, it needs the right method, one of which is penetration testing. From the results of testing using the penetration testing method, results and solutions will be obtained to maintain network security.Keywords: Penetration Testing, Man in The Middle Attack, Wireless Security, Router dan Wireless Mikrotik.

Download Full-text

Wireless Penetration Testing Method To Analyze WPA2-PSK System Security And Captive Portal

EXPLORE ◽

10.35200/explore.v9i1.32 ◽

2019 ◽

Vol 9 (1) ◽

pp. 1 ◽

Cited By ~ 1

Author(s):

Erfan Wahyudi ◽

Muhammad Masjun Efendi

Keyword(s):

Wireless Network ◽

System Security ◽

Wireless Security ◽

Security System ◽

Portal System ◽

Security Systems ◽

Penetration Testing ◽

Wireless Network Security ◽

Testing Method ◽

Security Problem

One of the major changes in the telecommunications sector is the use of wireless technology. But many problems that must be faced when implementing this wireless network, one of which is a security problem. Many people are still questioning about wireless security, and many others believe that wireless security systems using WPA2-PSK are more secure than other wireless security systems. However, based on the results of literature studies conducted, a wireless security system that really can provide more secure security is to use the system security Remote Authentication Dial-In User Servers (RADIUS) server. While at present, many parties still use WPA2-PSK as their wireless security system to avoid the possibility of unauthorized use of internet access by unauthorized people. This study aims to analyze the comparison of the two wireless network security systems above. The test was performed using wireless penetration testing method, and the result stated that 80% of Security Captive Portal system is more secure than WPA2-PSK.

Download Full-text

Network Security System Implementation Using Raspberry Pi-Based Random Port Knocking Sent Via Telegram

Jurnal Jartel Jurnal Jaringan Telekomunikasi ◽

10.33795/jartel.v7i2.213 ◽

2018 ◽

Vol 7 (2) ◽

pp. 61-67

Author(s):

Iga Revva Princiss Jeinever

Keyword(s):

High Risk ◽

Network Security ◽

Computer Networks ◽

Computer Network ◽

Security System ◽

Raspberry Pi ◽

System Implementation ◽

The Right ◽

Network Administrators ◽

Ip Block

Computer networks are basically not safe to access freely. Security gaps in the network can be seen by irresponsible people with various techniques. Opening a port for access carries a high risk of being attacked by an attacker. In this connection, network administrators are required to work more to be able to secure the computer network they manage. One form of network security that is often used by network administrators in server management is through remote login such as ports on telnet, SSH, etc. A port that is always open is a network security hole that can be used by people who are not responsible for logging into the server. Focusing on these problems, in this study, Random Port Knocking is the right way and can be used to increase network security. With Random Port Knocking, the port will be opened as needed, the port will automatically change when it fails to log in more than three times and IP will automatically be blocked and access will not continue so that attacks on the network can be avoided and network security stability can be further improved. The final result of this research shows that the method applied in this research makes server safe. Because port randomization and IP block make irresponsible parties try harder to penetrate firewall walls.

Download Full-text

Establecimiento de simbología religiosa estática en espacios públicos sanitarios

Revista de Derecho de la UNED (RDUNED) ◽

10.5944/rduned.14.2014.13315 ◽

2014 ◽

pp. 349

Author(s):

Jacinto J. Marabel Matos

Keyword(s):

Religious Liberty ◽

The Public ◽

Religious Symbols ◽

Public Areas ◽

The Right

El presente artículo completa la aproximación dedicada a los símbolos religiosos presentes en espacios públicos sanitarios, anteriormente publicado y en relación con el derecho de libertad religiosa del artículo 16 CE. En este caso, las aportaciones doctrinales a la jurisprudencia referida al establecimiento de simbología religiosa estática en el ámbito público, ponen de manifiesto la importancia de resolver estas cuestiones, una vez más, en base al principio de tolerancia.This article completes the approach dedicated to religious symbols in public sanitary spaces, previously published and relating the right to religious liberty of article 16 CE. In this case, the doctrinal contribution to jurisprudence concerning to the establishment of static religious symbols in the public areas, shows the importance of resolve these issues, over again, based on the principle of tolerance.

Download Full-text

Factors that Influence the Android Apps Permissions

International Journal of Software Engineering and Technologies (IJSET) ◽

10.11591/ijset.v1i2.4569 ◽

2016 ◽

Vol 1 (2) ◽

pp. 59

Author(s):

Normi Sham Awang Abu Bakar ◽

Iqram Mahmud

Keyword(s):

Not Given ◽

Sensitive Data ◽

Security Issues ◽

Android Apps ◽

Android Applications ◽

Android Market ◽

Malicious Apps ◽

The Right ◽

User Ratings ◽

Average User

The Android Market is the official (and primary) storefor Android applications. The Market provides users with average user ratings, user reviews, descriptions, screenshots,and permissions to help them select applications. Generally, prior to installation of the apps, users need to agree on the permissions requested by the apps, they are not given any other option. Essentially, users may not aware on some security issues that may arise from the permissions. Some apps request the right to manipulate sensitive data, such as GPS location, photos, calendar, contact, email and files. In this paper, we explain the sources of sensitive data, what the malicious apps can do to the data, and apply the empirical software engineering analysis to find the factors that could potentially influence the permissions in Android apps. In addition, we also highlight top ten most implemented permissions in Android apps and also analyse the permissions for the apps categories in Android.

Download Full-text

Mechanical Behaviour of Skin: The Struggle for the Right Testing Method

Material Parameter Identification and Inverse Problems in Soft Tissue Biomechanics - CISM International Centre for Mechanical Sciences ◽

10.1007/978-3-319-45071-1_5 ◽

2016 ◽

pp. 119-132 ◽

Cited By ~ 1

Author(s):

Cees Oomens

Keyword(s):

Mechanical Behaviour ◽

Testing Method ◽

The Right

Download Full-text

Efficient verifiable fuzzy keyword search over encrypted data in cloud computing

Computer Science and Information Systems ◽

10.2298/csis121104028w ◽

2013 ◽

Vol 10 (2) ◽

pp. 667-684 ◽

Cited By ~ 54

Author(s):

Jianfeng Wang ◽

Hua Ma ◽

Qiang Tang ◽

Jin Li ◽

Hui Zhu ◽

...

Keyword(s):

Cloud Computing ◽

Keyword Search ◽

Efficiency Analysis ◽

Sensitive Data ◽

Encrypted Data ◽

Proposed Model ◽

Cloud Server ◽

Encryption Schemes ◽

User Data ◽

Fuzzy Keyword Search

As cloud computing becomes prevalent, more and more sensitive data is being centralized into the cloud by users. To maintain the confidentiality of sensitive user data against untrusted servers, the data should be encrypted before they are uploaded. However, this raises a new challenge for performing search over the encrypted data efficiently. Although the existing searchable encryption schemes allow a user to search the encrypted data with confidentiality, these solutions cannot support the verifiability of searching result. We argue that a cloud server may be selfish in order to save its computation ability or bandwidth. For example, it may execute only a fraction of the search and returns part of the searching result. In this paper, we propose a new verifiable fuzzy keyword search scheme based on the symbol-tree which not only supports the fuzzy keyword search, but also enjoys the verifiability of the searching result. Through rigorous security and efficiency analysis, we show that our proposed scheme is secure under the proposed model, while correctly and efficiently realizing the verifiable fuzzy keyword search. The extensive experimental results demonstrate the efficiency of the proposed scheme.

Download Full-text

Analisis Rogue DHCP Packets Menggunakan Wireshark Network Protocol Analyzer

Creative Information Technology Journal ◽

10.24076/citec.2015v2i2.46 ◽

2015 ◽

Vol 2 (2) ◽

pp. 165

Author(s):

Muamar Kadafi ◽

Khusnawi Khusnawi

Keyword(s):

Network Security ◽

Security System ◽

Network Protocol ◽

Network Attacks ◽

Man In The Middle ◽

Before And After ◽

Protocol Analyzer ◽

Network Security System

Rogue DHCP server adalah salah satu pemanfaatan celah keamanan pada mekanisme konfigurasi alamat jaringan menggunakan DHCP. Rogue DHCP server memberikan konfigurasi alamat jaringan yang salah kepada client yang tergabung di dalam jaringan dengan tujuan menciptakan serangan jaringan berupa man in the middle, sehingga dapat menimbulkan ancaman terhadap privasi client yang tergabung di dalam jaringan.Penelitian difokuskan pada analisis DHCP packets seperti DHCPDISCOVER, DHCPREQUEST, DHCPOFFER, DHCPACK yang melewati sebuah Bridge Mikrotik menggunakan aplikasi Wireshark Network Protocol Analyzer sebelum dan setelah adanya Rogue DHCP server di dalam jaringan DHCP, sehingga dapat diamati bagaimana DHCP server asli dan Rogue DHCP server saling bertukar paket DHCP dengan DHCP client yang selanjutnya dilakukan analisis terhadap Rogue DHCP packets.Dari hasil analisis didapatkan informasi parameter-parameter yang terkandung di dalam Rogue DHCP Packets yang difungsikan untuk membangun sistem keamanan jaringan DHCP berupa monitoring dan pencegahan terhadap Rogue DHCP Server menggunakan DHCP Alert yang dikombinasikan dengan Firewall Filter Rule pada sebuah Bridge Mikrotik, dengan diperoleh hasil bahwa sistem dapat mendeteksi dan mencegah adanya Rogue DHCP Server di dalam jaringan DHCP berbasis IPv4.Rogue DHCP server is one of exploiting security holes in the mechanism of configuration the network address using DHCP. Rogue DHCP server provides incorrect configuration network address to a client who joined in the network with the aim of creating a network attacks such as “man in the middle”, so it can pose a threat to client privacy who joined in the network.The research focused on the analysis of DHCP packets such as DHCPDISCOVER, DHCPREQUEST, DHCPOFFER, DHCPACK which passes through a Bridge Mikrotik using Wireshark Network Protocol Analyzer application before and after the Rogue DHCP server in the DHCP network, so it can be observed how the original DHCP server and Rogue DHCP Server exchanging packets with a DHCP Client and then make an analysis of the Rogue DHCP packets.The result of analysis obtained information of parameters that contained in the Rogue DHCP Packets that enabled to build a DHCP network security system in the form of monitoring and prevention of Rogue DHCP server using DHCP Alert combined with Firewall Filter Rule on a Bridge Mikrotik, with result that the system can detect and prevent existence of Rogue DHCP Server in the DHCP based IPv4 network.

Download Full-text

Implementasi Jaringan CCTV Di Sekolah Tinggi Teknologi Pagar Alam

Indonesian Journal of Computer Science ◽

10.33022/ijcs.v8i2.177 ◽

2019 ◽

Vol 8 (2) ◽

pp. 147-155

Author(s):

Ferry Putrawansyah

Keyword(s):

Delay Time ◽

Black Box ◽

Security System ◽

Coaxial Cable ◽

Average Delay ◽

Testing Method ◽

Living Things ◽

College Of Technology ◽

Ip Camera ◽

Black Box Testing

This study aims to implement CCTV networks using wireless at Pagar Alam College of Technology. The security system of CCTV installed using coaxial cable and is not integrated with Android. This study uses PPDIOO method in the form Prepare, Planning, Design, Implement, Operate and Optimize stages. The security system uses IP camera so it can be accessed wirelessly and PIR sensor that can detect presence living things. Servo can move to 180o expand monitoring range. When indicated the existence of living, the system will activate alarm and send SMS to User. The system testing method uses black box testing by testing the functions according to the user's needs using the Questionnaire. The results of this study are PIR sensor can detect movements within distance 5 meters, the duration of the alarm for 1 minute 6 seconds, the average delay sending notifications for 5 seconds, SMS delay time depends on network conditions that time.

Download Full-text

Oscillation-based testing method for detecting switch faults in High-Q SC biquad filters

Facta universitatis - series Electronics and Energetics ◽

10.2298/fuee1502223m ◽

2015 ◽

Vol 28 (2) ◽

pp. 223-236 ◽

Cited By ~ 4

Author(s):

Miljana Milic ◽

Vanco Litovski

Keyword(s):

Operational Amplifier ◽

Special Problem ◽

Test Point ◽

Switched Capacitor ◽

High Q ◽

Switched Capacitor Circuits ◽

Testing Method ◽

The Right ◽

Catastrophic Faults

Testing switched capacitor circuits is a challenge due to the diversity of the possible faults. A special problem encountered is the synthesis of the test signal that will control and make the fault-effect observable at the test point. The oscillation based method which was adopted for testing in these proceedings resolves that important issue in its nature. Here we discuss the properties of the method and the conditions to be fulfilled in order to implement it in the right way. To achieve that, we have resolved the problem of synthesis of the positive feed-back circuit and the choice of a proper model of the operational amplifier. In that way, a realistic foundation to the testing process was generated. A second order notch cell was chosen as a case-study. Fault dictionaries were developed related to the catastrophic faults of the switches used within the cell. The results reported here are a continuation of our previous work and are complimentary to some other already published.

Download Full-text

ANALISA DAN PROBLEM SOLVING KEAMANAN ROUTER MIKROTIK RB750RA DAN RB750GR3 DENGAN METODE PENETRATION TESTING (STUDI KASUS: WARNET AULIA.NET, TANJUNG HARAPAN LAMPUNG TIMUR)

Jurnal RESISTOR (Rekayasa Sistem Komputer) ◽

10.31598/jurnalresistor.v1i2.323 ◽

2018 ◽

Vol 1 (2) ◽

pp. 118-124

Author(s):

Arif Hidayat ◽

Ismail Puji Saputra

Keyword(s):

Operating System ◽

Problem Solving ◽

Network Security ◽

Information And Communication Technology ◽

Communication Technology ◽

Human Life ◽

Penetration Testing ◽

Testing Method ◽

Information And Communication ◽

Alternative Solutions

Information and communication technology is something that is difficult to separate from human life in the present era. One example of information and communication technology is a network of proxy routers. This study uses the penetration testing method, which aims to analyze the security system of the proxy router that has been applied to Warnet Aulia.net. In analyzing network security, the Mikrotik Router is done by the method of penetration testing where the form of attacks on the network is simulated. In this study Python and Winboxpoc.py were successfully run on the Windows 10 operating system. The results of this study indicate that the network security owned by the Aulia.net cafe network still has many gaps to exploit. As for the results of some attacks, it shows serious things in terms of exploitation, such as the output of getting a proxy router password and username. Therefore, this study also provides a solution on how to prevent the mikrotik router from being exploited. Problem solving is explained using several alternative solutions, so that practitioners or network technicians are expected to be able to utilize knowledge related to the results of this study in order to secure the router.

Download Full-text