ANALISIS KEAMANAN JARINGAN WLAN MENGGUNAKAN METODE ...repository.ittelkom-pwt.ac.id/5684/3/Cover.pdf · tepat waktunya dengan judul "Analisis Keamanan Jaringan WLAN Menggunakan Metode

TUGAS AKHIR

ANALISIS KEAMANAN JARINGAN WLAN

MENGGUNAKAN METODE PENETRATION TESTING

(Studi Kasus : JARINGAN IT TELKOM PURWOKERTO )

ADITIA NUGRAHA PANGESTU

15102043

PROGRAM STUDI S1 INFORMATIKA

FAKULTAS TEKNOLOGI INDUSTRI DAN INFORMATIKA

INSTITUT TEKNOLOGI TELKOM PURWOKERTO

2019

TUGAS AKHIR

ANALISIS KEAMANAN JARINGAN WLAN

MENGGUNAKAN METODE PENETRATION TESTING

(Studi Kasus : JARINGAN IT TELKOM PURWOKERTO )

ANALYSIS OF WLAN NETWORK SECURITY USING

THE PENETRATION TESTING METHOD

(Case Study : IT TELKOM PURWOKERTO NETWORK)

Disusun Sebagai Salah Satu Syarat untuk Memperoleh Gelar Sarjana Komputer

ADITIA NUGRAHA PANGESTU

15102043

PROGRAM STUDI S1 INFORMATIKA

FAKULTAS TEKNOLOGI INDUSTRI DAN INFORMATIKA

INSTITUT TEKNOLOGI TELKOM PURWOKERTO

2019

iv

KATA PENGANTAR

Puji syukur kita panjatkan kepada Allah SWT karena dengan Rahmat dan

KaruniaNya-lah penulis akhirnya dapat menyelesaikan penulisan tugas akhir ini

tepat waktunya dengan judul "Analisis Keamanan Jaringan WLAN Menggunakan

Metode Penetration Testing".

Tugas akhir ini disusun untuk memenuhi salah satu persyaratan untuk

menyelesaikan Program Studi Strata 1 Program Studi Informatika Jurusan

Informatika tepatnya di Institut Teknologi Telkom Purwokerto.

Selama mengikuti pendidikan sampai dengan proses penyelesaian Tugas

Akhir, berbagai pihak telah memberikan fasilitas, membantu, membina dan

membimbing untuk itu penulis mengucapkan Terimakasih khususnya kepada :

1. Bapak Dr. Ali Rokhman, M.Si. selaku rektor IT Telkom Purwokerto,

2. Bapak Didi Supriyadi, S.T., M.Kom. selaku Dekan Fakultas Teknologi

Industri dan Informatika,

3. Bapak Fahrudin Mukti Wibowo, S.Kom., M.Eng. selaku Kepala Program

Studi S1 Informatika,

4. Bapak Aditya Wijayanto, S.Kom.,M.Cs selaku Dosen Pembimbing

Pertama Tugas Akhir,

5. Bapak Muhammad Fajar Sidiq, S.T.,M.T selaku Dosen Pembimbing

Kedua Tugas Akhir,

6. Bapak/Ibu Dosen khususnya Program Studi S1 Informatika di Institut

Teknologi Telkom Purwokerto,

7. Keluarga Penulis yang selalu memberikan doa, semangat, serta

dorongan untuk menyelesaikan Tugas Akhir ini.

Penulis menyadari, Tugas Akhir ini masih banyak kelemahan dan kekurangan nya.

Karena itu kritik dan saran yang membangun akan diterima dengan senang hati,

mudah – mudahan keberadaan Tugas Akhir ini dapat bermanfaat dan menambah

wawasan kita.

Purwokerto, 7 Agustus 2019

Penulis

v

DAFTAR ISI

LEMBAR PENGESAHAN PEMBIMBING ........................................................... i

LEMBAR PENETAPAN PENGUJI ...................................................................... ii

HALAMAN PERNYATAAN KEASLIAN TUGAS AKHIR .............................. iii

KATA PENGANTAR ........................................................................................... iv

DAFTAR ISI ............................................................................................................ v

DAFTAR TABEL ................................................................................................. vii

DAFTAR GAMBAR ........................................................................................... viii

DAFTAR LAMPIRAN .......................................................................................... ix

ABSTRAK ............................................................................................................... x

ABSTRACT ............................................................................................................. xi

BAB I PENDAHULUAN ...................................................................................... 1

1.1 Latar Belakang ........................................................................................... 1

1.2 Rumusan Masalah ...................................................................................... 2

1.3 Tujuan Penelitian ....................................................................................... 3

1.4 Batasan Masalah ........................................................................................ 3

1.5 Manfaat Penelitian ..................................................................................... 3

BAB II TINJAUAN PUSTAKA ............................................................................ 4

2.1. Penelitian Sebelumnya ............................................................................... 4

2.2. Dasar Teori................................................................................................. 7

2.2.1 Wireless Local Area Network (WLAN) ..................................................... 7

2.2.2 Jaringan Komputer ..................................................................................... 9

2.2.3 OSI Layer ................................................................................................. 10

2.2.4 Penetration testing ................................................................................... 12

2.2.5 Kali Linux ................................................................................................ 13

2.2.6 Remote Authentication Dial-In User Service (RADIUS) ........................ 15

2.2.7 Wordlist .................................................................................................... 17

BAB III METODOLOGI PENELITIAN ............................................................. 18

3.1 Diagram Alir Penelitian ........................................................................... 18

3.2 Perangkat Keras Yang Digunakan ........................................................... 19

vi

3.3 Perangkat Lunak ...................................................................................... 19

3.4 Metode Penetration testing ...................................................................... 21

3.4.1 Planning and Preparation .................................................................. 21

3.4.2 Reconnaisance .................................................................................... 23

3.4.3 Discovery ............................................................................................ 23

3.4.4 Analyzing information and risk .......................................................... 24

3.4.5 Active intrusion attempts .................................................................... 25

3.4.6 Final analysis ..................................................................................... 25

3.4.7 Report preparation ............................................................................. 25

3.5 Pengujian.................................................................................................. 25

3.5.1 Cracking the encryption ..................................................................... 25

3.5.2 Bypassing MAC authentication ......................................................... 30

3.5.3 Attacking the infrastructure ............................................................... 31

3.5.4 Man In The Middle ............................................................................. 32

BAB IV HASIL PENGUJIAN DAN ANALISIS ................................................. 34

4.1 Hasil Pengujian ........................................................................................ 34

4.1.1 Cracking the encryption ..................................................................... 34

4.1.2 Bypassing MAC authentication ......................................................... 35

4.1.3 Attacking the infrastructure ............................................................... 37

4.1.4 Man In The Middle ............................................................................. 40

4.2 Analisis .................................................................................................... 41

4.2.1 Analisis Cracking the encryption ....................................................... 41

4.2.2 Analisis Bypassing MAC authentication ............................................ 42

4.2.3 Analisis Attacking the infrastructure ................................................. 43

4.2.4 Analisis Man In The Middle ............................................................... 44

4.2.5 Rangkuman Analisa ........................................................................... 46

BAB V KESIMPULAN DAN SARAN ................................................................ 48

5.1 Kesimpulan .............................................................................................. 48

5.2 Saran ........................................................................................................ 48

DAFTAR PUSTAKA ............................................................................................ 49

LAMPIRAN ........................................................................................................... 51

vii

DAFTAR TABEL

Tabel 2.1 Penelitian Terdahulu ............................................................................... 6

Tabel 2.2 Kode Protokol RADIUS ....................................................................... 16

Tabel 3.1 Jenis Serangan dan Tujuan .................................................................... 21

Tabel 3.2 Jumlah Access Point di IT Telkom Purwokerto.................................... 23

Tabel 3.3 Parameter Pengujian ............................................................................. 25

Tabel 3.4 Fungsi perintah yang digunakan ........................................................... 31

Tabel 3.5 Fungsi perintah yang digunakan ........................................................... 32

Tabel 4.1 Pembagian wordlist ............................................................................... 35

Tabel 4.2 Hasil serangan Bypassing MAC authentication .................................... 37

Tabel 4.3 Hasil serangan Attacking the infrastructure.......................................... 40

Tabel 4.4 Hasil Keseluruhan Penyerangan ........................................................... 46

viii

DAFTAR GAMBAR

Gambar 2.1 OSI Layer .......................................................................................... 11

Gambar 3.1 Diagram Alir Penelitian .................................................................... 18

Gambar 3.2 Tahapan Metode Penetration testing[4]. ........................................... 22

Gambar 3.3 Tampilan Weblogin ........................................................................... 23

Gambar 3.4 Proses Three way handshake ............................................................ 24

Gambar 3.5 Proses serangan Man in the middle ................................................... 24

Gambar 3.6 Pembuatan worldist ........................................................................... 26

Gambar 3.7 Proses atur proxy ............................................................................... 27

Gambar 3.8 Mengisikan password dan username ................................................ 28

Gambar 3.9 Mencari kolom username dan password ........................................... 28

Gambar 3.10 Memasukkan username ................................................................... 29

Gambar 3.11 Memasukkan wordlist ..................................................................... 30

Gambar 3.12 Menjalankan netdiscover................................................................. 30

Gambar 3.13 Command Hping3 ........................................................................... 31

Gambar 3.14 Memilih interface ............................................................................ 33

Gambar 3.15 Scan hostlist .................................................................................... 33

Gambar 4.1 Burpsuite dijalankan .......................................................................... 34

Gambar 4.2 Hasil dari Netdiscover ....................................................................... 35

Gambar 4.3 MAC Address sebelum spoofing ....................................................... 36

Gambar 4.4 Hasil setelah MAC Address spoofing ................................................ 37

Gambar 4.5 Kondisi sebelum terkena serangan DOS ........................................... 38

Gambar 4.6 Kondisi setelah terkena serangan DOS ............................................. 38

Gambar 4.7 Kondisi ping sebelum terkena serangan DOS ................................... 39

Gambar 4.8 Setelah mendapat serangan DOS....................................................... 39

Gambar 4.9 ARP poisoning dijalankan ................................................................. 40

Gambar 4.10 Hasil saat ARP poisoning dijalankan .............................................. 41

Gambar 4.11 Hasil rata-rata serangan Attacking the infrastructure ..................... 43

Gambar 4.12 Capture Wireshark dari sisi korban ................................................ 43

Gambar 4.13 Capture scanning host list ............................................................... 45

Gambar 4.14 Serangan terdeteksi oleh Access Point ............................................ 45

ix

DAFTAR LAMPIRAN

Lampiran 1 Surat Wawancara ............................................................................... 51

Lampiran 2 Hasil Wawancara ............................................................................... 52

Lampiran 3 Wordlist ............................................................................................. 53