-
TUGAS AKHIR
ANALISIS KEAMANAN JARINGAN WLAN
MENGGUNAKAN METODE PENETRATION TESTING
(Studi Kasus : JARINGAN IT TELKOM PURWOKERTO )
ADITIA NUGRAHA PANGESTU
15102043
PROGRAM STUDI S1 INFORMATIKA
FAKULTAS TEKNOLOGI INDUSTRI DAN INFORMATIKA
INSTITUT TEKNOLOGI TELKOM PURWOKERTO
2019
-
TUGAS AKHIR
ANALISIS KEAMANAN JARINGAN WLAN
MENGGUNAKAN METODE PENETRATION TESTING
(Studi Kasus : JARINGAN IT TELKOM PURWOKERTO )
ANALYSIS OF WLAN NETWORK SECURITY USING
THE PENETRATION TESTING METHOD
(Case Study : IT TELKOM PURWOKERTO NETWORK)
Disusun Sebagai Salah Satu Syarat untuk Memperoleh Gelar Sarjana
Komputer
ADITIA NUGRAHA PANGESTU
15102043
PROGRAM STUDI S1 INFORMATIKA
FAKULTAS TEKNOLOGI INDUSTRI DAN INFORMATIKA
INSTITUT TEKNOLOGI TELKOM PURWOKERTO
2019
-
iv
KATA PENGANTAR
Puji syukur kita panjatkan kepada Allah SWT karena dengan Rahmat
dan
KaruniaNya-lah penulis akhirnya dapat menyelesaikan penulisan
tugas akhir ini
tepat waktunya dengan judul "Analisis Keamanan Jaringan WLAN
Menggunakan
Metode Penetration Testing".
Tugas akhir ini disusun untuk memenuhi salah satu persyaratan
untuk
menyelesaikan Program Studi Strata 1 Program Studi Informatika
Jurusan
Informatika tepatnya di Institut Teknologi Telkom
Purwokerto.
Selama mengikuti pendidikan sampai dengan proses penyelesaian
Tugas
Akhir, berbagai pihak telah memberikan fasilitas, membantu,
membina dan
membimbing untuk itu penulis mengucapkan Terimakasih khususnya
kepada :
1. Bapak Dr. Ali Rokhman, M.Si. selaku rektor IT Telkom
Purwokerto,
2. Bapak Didi Supriyadi, S.T., M.Kom. selaku Dekan Fakultas
Teknologi
Industri dan Informatika,
3. Bapak Fahrudin Mukti Wibowo, S.Kom., M.Eng. selaku Kepala
Program
Studi S1 Informatika,
4. Bapak Aditya Wijayanto, S.Kom.,M.Cs selaku Dosen
Pembimbing
Pertama Tugas Akhir,
5. Bapak Muhammad Fajar Sidiq, S.T.,M.T selaku Dosen
Pembimbing
Kedua Tugas Akhir,
6. Bapak/Ibu Dosen khususnya Program Studi S1 Informatika di
Institut
Teknologi Telkom Purwokerto,
7. Keluarga Penulis yang selalu memberikan doa, semangat,
serta
dorongan untuk menyelesaikan Tugas Akhir ini.
Penulis menyadari, Tugas Akhir ini masih banyak kelemahan dan
kekurangan nya.
Karena itu kritik dan saran yang membangun akan diterima dengan
senang hati,
mudah – mudahan keberadaan Tugas Akhir ini dapat bermanfaat dan
menambah
wawasan kita.
Purwokerto, 7 Agustus 2019
Penulis
-
v
DAFTAR ISI
LEMBAR PENGESAHAN PEMBIMBING
........................................................... i
LEMBAR PENETAPAN PENGUJI
......................................................................
ii
HALAMAN PERNYATAAN KEASLIAN TUGAS AKHIR
.............................. iii
KATA PENGANTAR
...........................................................................................
iv
DAFTAR ISI
............................................................................................................
v
DAFTAR TABEL
.................................................................................................
vii
DAFTAR GAMBAR
...........................................................................................
viii
DAFTAR LAMPIRAN
..........................................................................................
ix
ABSTRAK
...............................................................................................................
x
ABSTRACT
.............................................................................................................
xi
BAB I PENDAHULUAN
......................................................................................
1
1.1 Latar Belakang
...........................................................................................
1
1.2 Rumusan Masalah
......................................................................................
2
1.3 Tujuan Penelitian
.......................................................................................
3
1.4 Batasan Masalah
........................................................................................
3
1.5 Manfaat Penelitian
.....................................................................................
3
BAB II TINJAUAN PUSTAKA
............................................................................
4
2.1. Penelitian Sebelumnya
...............................................................................
4
2.2. Dasar
Teori.................................................................................................
7
2.2.1 Wireless Local Area Network (WLAN)
..................................................... 7
2.2.2 Jaringan Komputer
.....................................................................................
9
2.2.3 OSI Layer
.................................................................................................
10
2.2.4 Penetration testing
...................................................................................
12
2.2.5 Kali Linux
................................................................................................
13
2.2.6 Remote Authentication Dial-In User Service (RADIUS)
........................ 15
2.2.7 Wordlist
....................................................................................................
17
BAB III METODOLOGI PENELITIAN
.............................................................
18
3.1 Diagram Alir Penelitian
...........................................................................
18
3.2 Perangkat Keras Yang Digunakan
........................................................... 19
-
vi
3.3 Perangkat Lunak
......................................................................................
19
3.4 Metode Penetration testing
......................................................................
21
3.4.1 Planning and Preparation
..................................................................
21
3.4.2 Reconnaisance
....................................................................................
23
3.4.3 Discovery
............................................................................................
23
3.4.4 Analyzing information and risk
.......................................................... 24
3.4.5 Active intrusion attempts
....................................................................
25
3.4.6 Final analysis
.....................................................................................
25
3.4.7 Report preparation
.............................................................................
25
3.5
Pengujian..................................................................................................
25
3.5.1 Cracking the encryption
.....................................................................
25
3.5.2 Bypassing MAC authentication
......................................................... 30
3.5.3 Attacking the infrastructure
...............................................................
31
3.5.4 Man In The Middle
.............................................................................
32
BAB IV HASIL PENGUJIAN DAN ANALISIS
................................................. 34
4.1 Hasil Pengujian
........................................................................................
34
4.1.1 Cracking the encryption
.....................................................................
34
4.1.2 Bypassing MAC authentication
......................................................... 35
4.1.3 Attacking the infrastructure
...............................................................
37
4.1.4 Man In The Middle
.............................................................................
40
4.2 Analisis
....................................................................................................
41
4.2.1 Analisis Cracking the encryption
....................................................... 41
4.2.2 Analisis Bypassing MAC authentication
............................................ 42
4.2.3 Analisis Attacking the infrastructure
................................................. 43
4.2.4 Analisis Man In The Middle
...............................................................
44
4.2.5 Rangkuman Analisa
...........................................................................
46
BAB V KESIMPULAN DAN SARAN
................................................................
48
5.1 Kesimpulan
..............................................................................................
48
5.2 Saran
........................................................................................................
48
DAFTAR PUSTAKA
............................................................................................
49
LAMPIRAN
...........................................................................................................
51
-
vii
DAFTAR TABEL
Tabel 2.1 Penelitian Terdahulu
...............................................................................
6
Tabel 2.2 Kode Protokol RADIUS
.......................................................................
16
Tabel 3.1 Jenis Serangan dan Tujuan
....................................................................
21
Tabel 3.2 Jumlah Access Point di IT Telkom
Purwokerto.................................... 23
Tabel 3.3 Parameter Pengujian
.............................................................................
25
Tabel 3.4 Fungsi perintah yang digunakan
........................................................... 31
Tabel 3.5 Fungsi perintah yang digunakan
........................................................... 32
Tabel 4.1 Pembagian wordlist
...............................................................................
35
Tabel 4.2 Hasil serangan Bypassing MAC authentication
.................................... 37
Tabel 4.3 Hasil serangan Attacking the
infrastructure.......................................... 40
Tabel 4.4 Hasil Keseluruhan Penyerangan
........................................................... 46
-
viii
DAFTAR GAMBAR
Gambar 2.1 OSI Layer
..........................................................................................
11
Gambar 3.1 Diagram Alir Penelitian
....................................................................
18
Gambar 3.2 Tahapan Metode Penetration testing[4].
........................................... 22
Gambar 3.3 Tampilan Weblogin
...........................................................................
23
Gambar 3.4 Proses Three way handshake
............................................................ 24
Gambar 3.5 Proses serangan Man in the middle
................................................... 24
Gambar 3.6 Pembuatan worldist
...........................................................................
26
Gambar 3.7 Proses atur proxy
...............................................................................
27
Gambar 3.8 Mengisikan password dan username
................................................ 28
Gambar 3.9 Mencari kolom username dan password
........................................... 28
Gambar 3.10 Memasukkan username
...................................................................
29
Gambar 3.11 Memasukkan wordlist
.....................................................................
30
Gambar 3.12 Menjalankan
netdiscover.................................................................
30
Gambar 3.13 Command Hping3
...........................................................................
31
Gambar 3.14 Memilih interface
............................................................................
33
Gambar 3.15 Scan hostlist
....................................................................................
33
Gambar 4.1 Burpsuite dijalankan
..........................................................................
34
Gambar 4.2 Hasil dari Netdiscover
.......................................................................
35
Gambar 4.3 MAC Address sebelum spoofing
....................................................... 36
Gambar 4.4 Hasil setelah MAC Address spoofing
................................................ 37
Gambar 4.5 Kondisi sebelum terkena serangan DOS
........................................... 38
Gambar 4.6 Kondisi setelah terkena serangan DOS
............................................. 38
Gambar 4.7 Kondisi ping sebelum terkena serangan DOS
................................... 39
Gambar 4.8 Setelah mendapat serangan
DOS....................................................... 39
Gambar 4.9 ARP poisoning dijalankan
.................................................................
40
Gambar 4.10 Hasil saat ARP poisoning dijalankan
.............................................. 41
Gambar 4.11 Hasil rata-rata serangan Attacking the
infrastructure ..................... 43
Gambar 4.12 Capture Wireshark dari sisi korban
................................................ 43
Gambar 4.13 Capture scanning host list
...............................................................
45
Gambar 4.14 Serangan terdeteksi oleh Access Point
............................................ 45
-
ix
DAFTAR LAMPIRAN
Lampiran 1 Surat Wawancara
...............................................................................
51
Lampiran 2 Hasil Wawancara
...............................................................................
52
Lampiran 3 Wordlist
.............................................................................................
53