Security: taking care of resource used properly by user/ wearer of rightful claimant. Usage of appliance ( including program) can cause damage of goodness intended or [do] not. Demarcation of usage non to complicate but efficient so that and[do not destroy
authentication: user/ wearer have to earn to prove x’self. Example of : and user of password. In network of UNPAR enhanced by source access ( used computer) with assumption that at one moment one people only earning / may work with one is same computer.
gateway: spandrel enter go to system with firewall
attack: attack to system.
authorization: user/ wearer enabled to use and service of resource as according to its rights.
monitoring: observation to network
communications of Terenkripsi: using enkripsi so that/ to be data cannot be peeped
I. Architecture Network Computer
To be able to clearly understand to [regarding/ hit] computer network security, we have to beforehand understand how computer network work. To water down conservancy and also improve kompabilitas between various [party/ side] which possible involve, computer network divided to the some coat which each other independent one with is other.
II. Types of Proteksi computer network
Because of difference of function in each;every computer network coat, hence protection of which can conducted also different each other. [At] this shares will be explained to [regarding/ hit] protection to computer network which can be conducted in each computer network coat, start from coat under up to coat of
Secure Socket Layer ( SSL) a laboring protocol precisely below/under a application
computer network. This protocol guarantee delivered data security one host with other host as well as giving method of otentikasi, especially to conduct otentikasi to server contacted. For the security data, SSL guarantee that delivered data cannot steal and altered by other party. Besides, SSL also protect consumer of spurious message which possible delivered by side .step by step which must pass by in using SSL is 1. Algorithm negotiation to be used by side two posisions 2. Otentikasi use Public Key Encryption or Certificate electronic 3. Data communications by using Symmetric Key Encryption.
III. Mechanism Defence
Methods able to be applied to make computer network become more peaceful, for example IDS / IPS : Intrusion Detection System ( IDS) and of Intrusion Prevention System ( IPS) system which
used many to detect and protect a security system of attack
by outside party and also in Network Topology : Besides problems of application to utilize computer network, network topology
computer also have very important role in computer network security Port of Scanning : Method Port of Scanning [is] usually used by attacker to know port any kind of open in a computer network system. But same method also can be used by organizer of computer network to take care of its computer network.
Port of Scanning as form attack
Because its implementation which enough easy to and its information which enough good for, hence frequently port of scanning conducted as early stage a attack. To be able to conduct attack, a cracker shall have knowledge application any kind of which walk and ready to accept koneksi of its location reside in. Port of Scanner can give this information. To be able to detect the existence of effort to [do/conduct] network scanning, a organizer of network can conduct monitoring and look for packages of IP coming from source of [is] same and make an attempt on to access to port sederetan, both for open and also which closed. If found, organizer of network can [do/conduct] configuraton of firewall to black out IP of[is source of attack. This matter require to be conducted by taking a care, because if [done/conducted] without there [is] tolerance, this method can result entire/all network of Internet blacked out by organizational firewall. On that account, needing there [is] balance [among/between] and security of performa in effort detect activity of port of scanning in a computer network Packet Fingerprinting : Because keunikan each;every vendor equipments of computer network in [doing/conducting] protocol implementation of TCP / ip, hence delivered data packages each;every equipments become uniquely [of] equipments. By [doing/conducting] Packet Fingerprinting, we earn to know equipments any kind of existing in a computer network Security Information Management : In effort to increase computer network security, a organization possible
of meng-implementasikan some computer network security technology, like firewall, IDS and of IPS. All the effort [done/conducted] so that organizational computer network security
the become more well guaranted
IV. Types Threat
Following will be explained [by] some attack types able to be launched by certain [party/ side]s to a computer network PACK / ddos : Of Services Denial
HALTED. CROSSING PARAGRAPH LIMITATION.
Packet Sniffing as tools organizer of network
In fact besides as becoming appliance to conduct badness, sniffer packet also deflect to be used as defence appliance. By analyse packages which passing a computer network media, organizer can know if there [is] a host delivering packages which below par, for example because virus infection. A IDS also basically a commisioned sniffer packet to look for host delivering dangerous packages to security IP Spoofing : is a attack model with aim to to cheat someone. This attack [is] [done/conducted] by altering address come [from] a package, so that can pass protection of firewall and cheat host receiver of data DNS Forgery : One of [the] way of able to be [done/conducted] by someone to steal important datas [of] others [is] by [doing/conducting] deception. One of [the] deception form which can be conducted
[is] deception of datas of DNS. DNS is a system to translate name a or situs of host become address of IP or situs of host
DNS Cache Poisoning
Other Form [of] attack by using DNS [is] DNS Cache Poisoning. This Attack
exploiting cache from each;every DNS server representing repository whereas datas of domain which non responsibility of server DNS. For example, a organization X owning DNS server ( ns.x.org) which [is] data menyimpan concerning domain x.org. Each;Every computer [at] organization X will ask to server ns.x.org each time will access Internet. Each time ns.x.org server accept question outside domain x.org, the server will ask to authority side of domain.
Security Network of komputar part of which not be locked out of information system security a organization as a whole. progressively expanding technological it of Internet, hence usage of Internet progressively wide [of] and so also with effort someone to [do/conduct] trouble by using technology. As does with other area, effort to protect a computer network have to be looked into as a whole, cannot by partial. Each;Every coat in computer network have to earn to execute its function safely. Election of correct technology have to as according to existing requirement. Election of imprecise technology, besides will expense too big, also exactly can lessen security storey;level a system. Besides which important to remember, that more and more equipments of computer network security which we [is] implementation, hence will more and more also work of organizer of computer network. Will more and more yielded logarithm the each equipments, start from most importantly until which only in the form of just note. Failure to manage information yielded by each;every equipments can make organizer of tardy computer network in anticipating attack which walking. Therefore, besides conducting technological implementation security of computer network, need [is] also provided tools able to be used organizer in conducting management.