Tugas Keamanan Informasi Lanjut


tugas ini saya kerjakan dengan rekan saya Meizano, pada tugas ini saya bertindak sebagai sniffer dengan IP 167.205.60.99 dan Meizano sebagai Sniffee 167.205.60.4

tugas yang diberikan oleh pak budi rahardjo adalah sebuah komputer mencoba IP sniffing dan komputer lain melakukan filtering

hasil dari tugas tersebut adalah

*hasil dari nmap

Starting Nmap 5.51 ( http://nmap.org ) at 2011-03-11 17:13 SE Asia Standard Time
NSE: Loaded 57 scripts for scanning.
Initiating ARP Ping Scan at 17:14
Scanning 167.205.60.4 [1 port]
Completed ARP Ping Scan at 17:14, 0.22s elapsed (1 total hosts)
Initiating Parallel DNS resolution of 1 host. at 17:14
Completed Parallel DNS resolution of 1 host. at 17:14, 0.00s elapsed
Initiating SYN Stealth Scan at 17:14
Scanning ap-selasar-plano.itb.ac.id (167.205.60.4) [1000 ports]
Discovered open port 3389/tcp on 167.205.60.4
Discovered open port 139/tcp on 167.205.60.4
Discovered open port 445/tcp on 167.205.60.4
Discovered open port 135/tcp on 167.205.60.4
Completed SYN Stealth Scan at 17:14, 6.69s elapsed (1000 total ports)
Initiating Service scan at 17:14
Scanning 4 services on ap-selasar-plano.itb.ac.id (167.205.60.4)
Completed Service scan at 17:14, 22.15s elapsed (4 services on 1 host)
Initiating OS detection (try #1) against ap-selasar-plano.itb.ac.id (167.205.60.4)
NSE: Script scanning 167.205.60.4.
Initiating NSE at 17:14
Completed NSE at 17:15, 40.06s elapsed
Nmap scan report for ap-selasar-plano.itb.ac.id (167.205.60.4)
Host is up (0.0092s latency).
Not shown: 996 filtered ports
PORT     STATE SERVICE       VERSION
135/tcp  open  msrpc         Microsoft Windows RPC
139/tcp  open  netbios-ssn
445/tcp  open  netbios-ssn
3389/tcp open  ms-term-serv?
MAC Address: 1C:4B:D6:97:99:E0 (AzureWave)
Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
Device type: general purpose
Running: Microsoft Windows 2008|Vista|7
OS details: Microsoft Windows Server 2008, Microsoft Windows Vista SP0 or SP1, Server 2008 SP1, or Windows 7
Uptime guess: 1.357 days (since Sat Mar 10 08:41:19 2011)
Network Distance: 1 hop
TCP Sequence Prediction: Difficulty=261 (Good luck!)
IP ID Sequence Generation: Incremental
Service Info: OS: Windows

Host script results:
| nbstat:
|   NetBIOS name: RIVALUS-BOOK, NetBIOS user: <unknown>, NetBIOS MAC: 1c:4b:d6:97:99:e0 (AzureWave)
|   Names
|     RIVALUS-BOOK<20>     Flags: <unique><active>
|     RIVALUS-BOOK<00>     Flags: <unique><active>
|     KUPUKUPU<00>         Flags: <group><active>
|     KUPUKUPU<1e>         Flags: <group><active>
|     KUPUKUPU<1d>         Flags: <unique><active>
|_    \x01\x02__MSBROWSE__\x02<01>  Flags: <group><active>
|_smbv2-enabled: Server supports SMBv2 protocol
| smb-os-discovery:
|   OS: Windows 7 Ultimate 7600 (Windows 7 Ultimate 6.1)
|   Name: KUPUKUPU\RIVALUS-BOOK
|_  System time: 2011-03-11 17:14:31 UTC+7

TRACEROUTE
HOP RTT     ADDRESS
1   9.16 ms ap-selasar-plano.itb.ac.id (167.205.60.4)

Read data files from: C:\Program Files\Nmap
OS and Service detection performed. Please report any incorrect results at http://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 74.10 seconds
Raw packets sent: 2038 (91.510KB) | Rcvd: 143 (6.852KB)

*Hasilyang di dapat oleh maizano dengan menggunakan  Wireshark

dikarenakan file besar hasil wireshark saya tidak dapat mem-post hasil temuan Meizano secara utuh, jadi saya hanya mem-post sebagian dari filtering

|Time     | 167.205.60.99                         | 224.0.0.251                           | 255.255.255.255                       ||         |                   | 167.205.60.4      |                   | 167.205.34.243    |                   | 167.205.60.127    |                   |5,852    |         45397 > blackjack [           |                   |                   |                   |                   |TCP: 45397 > blackjack [SYN] Seq=0 Win=3072 Len=0 MSS=1460|         |(45397)  ——————>  (1025)   |                   |                   |                   |                   ||5,853    |         45397 > blackjack [           |                   |                   |                   |                   |TCP: 45397 > blackjack [SYN] Seq=0 Win=3072 Len=0 MSS=1460|         |(45397)  ——————>  (1025)   |                   |                   |                   |                   ||5,854    |         45397 > h323hostcal           |                   |                   |                   |                   |TCP: 45397 > h323hostcall [SYN] Seq=0 Win=1024 Len=0 MSS=1460|         |(45397)  ——————>  (1720)   |                   |                   |                   |                   ||5,854    |         45397 > h323hostcal           |                   |                   |                   |                   |TCP: 45397 > h323hostcall [SYN] Seq=0 Win=1024 Len=0 MSS=1460|         |(45397)  ——————>  (1720)   |                   |                   |                   |                   ||5,857    |         45397 > imap [SYN]            |                   |                   |                   |                   |TCP: 45397 > imap [SYN] Seq=0 Win=2048 Len=0 MSS=1460|         |(45397)  ——————>  (143)

4 Responses to Tugas Keamanan Informasi Lanjut

  1. Ojat says:

    udah pernah coba pake cain & abel tet (eh, nal :D)?

    • arieronaldo says:

      belom.. baru pake Nmap😀

      pelajaran dari dosen Security adalah mencoba masuk dalam security😀

      fun!

  2. Larry says:

    Halo Ronald. Gw jumpa si Angga di kL sama teman nya. Dia ngomong lu udah jadi pengajar. Congrats ya. Semoga sukses di kerjaya baru.

    • arieronaldo says:

      thank u larry🙂

      semoga sukses untuk all of friends in Malaysia

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: