Implementasi dari IPSec dari Windows Server 2003 dapat digunakan untuk menutupi kelemahan dari aplikasi lalu lintas jaringan, atau sebagai fondasi layer network sebagai strategi defense-in-depth.
Jangan menggunakan IPSec sebagai pengganti untuk sistem sekuriti aplikasi, karena IPSec tidak dapat berbuat apa-apa terhadap koneksi yang "valid". berikut ini adalah fitur yang dapat dilakukan oleh IPSec....
1. Serangan terhadap jaringan menggunakan protokol atau port yang spesifik.
IPSec menggunakan 2 metode:
•
IPSec melakukan traffic blocking, untuk memblok traffic yang spesifik.
•
IPSec policy filter lists can allow traffic from only trusted senders over particular protocols to particular addresses and ports.
2. Eavesdropping. AJuga dikenal sebagai sniffing. Eavesdropping occurs when an attacker uses a frame capture program (also known as a sniffer) to view the data that is placed on the network.
IPSec uses the Encapsulating Security Payload (ESP) protocol to encrypt data by using Triple Data Encryption Standard (3DES) or Data Encryption Standard (DES) so that IP packets cannot be read if intercepted in transit.
3. Modifikasi data. If an intruder can access the information, they might be able to change it in such a way that the recipients cannot detect that any change has occurred.
IPSec uses a cryptographic checksum that incorporates a secret key to provide data integrity. Although a packet can be modified, the checksum cannot be updated for the proper value without knowledge of the secret key. An invalid checksum indicates to the receiving computer that the packet was modified in transit.
4. Mengidentifikasi spoofing. Intruders falsely using an IP address to compromise packet filter security.
IPSec uses Kerberos, public key certificates, or preshared key authentication to verify the identity of computer systems before the application level communication can take place.
5.Serangan DOS (Denial Of Service). By flooding a computer or network with malicious, malformed, or useless information, an attacker can disrupt normal operations.
IPSec uses IP packet filtering to determine whether communication is allowed, secured, or blocked, according to specified IP address ranges, protocols, or TCP or User Datagram Protocol (UDP) ports. IPSec cannot be targeted by denial-of-service attacks.
maaf bagian ini menggunakan bahasa inggris, saya akan jelaskan satu persatu beserta implementasi riset di bagian selanjutnya...sekarang!!! makan dulu gan!!!!
Tidak ada komentar:
Posting Komentar