mum kuta,bali 2019 › presentations › id19 › presentation... · 2019-10-28 · secure data...
TRANSCRIPT
![Page 1: MuM Kuta,Bali 2019 › presentations › ID19 › presentation... · 2019-10-28 · Secure data from MITM (Man in the Middle Attack) with SSTP Mikrotik MuM Kuta,Bali 2019](https://reader036.vdocuments.site/reader036/viewer/2022081406/5f10470a7e708231d44850bd/html5/thumbnails/1.jpg)
Secure data from MITM (Man in the Middle Attack) with SSTP Mikrotik
MuM Kuta,Bali 2019
![Page 2: MuM Kuta,Bali 2019 › presentations › ID19 › presentation... · 2019-10-28 · Secure data from MITM (Man in the Middle Attack) with SSTP Mikrotik MuM Kuta,Bali 2019](https://reader036.vdocuments.site/reader036/viewer/2022081406/5f10470a7e708231d44850bd/html5/thumbnails/2.jpg)
MY PROFILE
Haris Hardiansyah
Network Engineer – Poltek Citra Widya Edukasi , Cibitung
Mahasiswa Universitas Bina Insani , Bekasi
Ig : @haris_pc Email : [email protected]
![Page 3: MuM Kuta,Bali 2019 › presentations › ID19 › presentation... · 2019-10-28 · Secure data from MITM (Man in the Middle Attack) with SSTP Mikrotik MuM Kuta,Bali 2019](https://reader036.vdocuments.site/reader036/viewer/2022081406/5f10470a7e708231d44850bd/html5/thumbnails/3.jpg)
PROFILE POLITEKNIK CITRA WIDYA EDUKASI
Program (Diploma 4)
- Teknologi Produksi Tanaman Perkebunan
Program (Diploma 3)
- Manajemen Logistik
- Tekhnologi Pengolahan Kelapa Sawit
- Budidaya Perkebunan Kelapa Sawit
![Page 4: MuM Kuta,Bali 2019 › presentations › ID19 › presentation... · 2019-10-28 · Secure data from MITM (Man in the Middle Attack) with SSTP Mikrotik MuM Kuta,Bali 2019](https://reader036.vdocuments.site/reader036/viewer/2022081406/5f10470a7e708231d44850bd/html5/thumbnails/4.jpg)
NETWORK TRAINING POLTEK CWE
![Page 5: MuM Kuta,Bali 2019 › presentations › ID19 › presentation... · 2019-10-28 · Secure data from MITM (Man in the Middle Attack) with SSTP Mikrotik MuM Kuta,Bali 2019](https://reader036.vdocuments.site/reader036/viewer/2022081406/5f10470a7e708231d44850bd/html5/thumbnails/5.jpg)
MITM (MAN IN THE MIDDLE ATTACK)
Suatu serangan yg berada diantara posisi
client dan server
MITM biasanya terjadi karena kelalaian dalam
proses otentikasi oleh pengguna.
Original connection
Man in the Middle
![Page 6: MuM Kuta,Bali 2019 › presentations › ID19 › presentation... · 2019-10-28 · Secure data from MITM (Man in the Middle Attack) with SSTP Mikrotik MuM Kuta,Bali 2019](https://reader036.vdocuments.site/reader036/viewer/2022081406/5f10470a7e708231d44850bd/html5/thumbnails/6.jpg)
WHAT ATTACKED ?
ARP
Mengirimkan pesan ARP palsu kepada
client, penyerang akan menggambil frame data
lalu memodifikasinya dan mengirim ke user
(Arp Spoofing)
https://en.wikipedia.org/wiki/ARP_spoofing
![Page 7: MuM Kuta,Bali 2019 › presentations › ID19 › presentation... · 2019-10-28 · Secure data from MITM (Man in the Middle Attack) with SSTP Mikrotik MuM Kuta,Bali 2019](https://reader036.vdocuments.site/reader036/viewer/2022081406/5f10470a7e708231d44850bd/html5/thumbnails/7.jpg)
Solution?
![Page 8: MuM Kuta,Bali 2019 › presentations › ID19 › presentation... · 2019-10-28 · Secure data from MITM (Man in the Middle Attack) with SSTP Mikrotik MuM Kuta,Bali 2019](https://reader036.vdocuments.site/reader036/viewer/2022081406/5f10470a7e708231d44850bd/html5/thumbnails/8.jpg)
WHAT IS SSTP
SSL memvalidasi sertifikat server.
Secure Socket Tunneling Protocol
(SSTP)
Memungkinkan server untuk
memeriksa apakah koneksi aman.
![Page 9: MuM Kuta,Bali 2019 › presentations › ID19 › presentation... · 2019-10-28 · Secure data from MITM (Man in the Middle Attack) with SSTP Mikrotik MuM Kuta,Bali 2019](https://reader036.vdocuments.site/reader036/viewer/2022081406/5f10470a7e708231d44850bd/html5/thumbnails/9.jpg)
TLS / SSL
Transport Layer Security (TLS) , Secure Socket
Layer (SSL)
Protokol SSL / TLS menggunakan kriptografi
public-key dan sertifikat publik key, yg digunakan
untuk memastikan identitas dari pihak yang
dimaksud.
![Page 10: MuM Kuta,Bali 2019 › presentations › ID19 › presentation... · 2019-10-28 · Secure data from MITM (Man in the Middle Attack) with SSTP Mikrotik MuM Kuta,Bali 2019](https://reader036.vdocuments.site/reader036/viewer/2022081406/5f10470a7e708231d44850bd/html5/thumbnails/10.jpg)
TLS / SSL
- Enkripsi
- Otentikasi
- Integritas
- Kriptografi security
![Page 11: MuM Kuta,Bali 2019 › presentations › ID19 › presentation... · 2019-10-28 · Secure data from MITM (Man in the Middle Attack) with SSTP Mikrotik MuM Kuta,Bali 2019](https://reader036.vdocuments.site/reader036/viewer/2022081406/5f10470a7e708231d44850bd/html5/thumbnails/11.jpg)
SSTP - TLS 1.2 VERSION
Protokol ini menyediakan authentikasi akhir dan
privasi komunikasi di Internet menggunakan
cryptography.
Langkah dasar TLS / SSL
- Negosiasi
- Public key, encryption-based-key, dan certificate-
based authentication
- Symmetric - Asymmetric cryptography
![Page 12: MuM Kuta,Bali 2019 › presentations › ID19 › presentation... · 2019-10-28 · Secure data from MITM (Man in the Middle Attack) with SSTP Mikrotik MuM Kuta,Bali 2019](https://reader036.vdocuments.site/reader036/viewer/2022081406/5f10470a7e708231d44850bd/html5/thumbnails/12.jpg)
RouterOS mengimpor sertifikat CA dan
mengaktifkan opsi verifikasi-server-sertifikat.
Dalam skenario ini, serangan Man-in-the-
Middle tidak dimungkinkan.
SSTP Server SSTP Client
![Page 13: MuM Kuta,Bali 2019 › presentations › ID19 › presentation... · 2019-10-28 · Secure data from MITM (Man in the Middle Attack) with SSTP Mikrotik MuM Kuta,Bali 2019](https://reader036.vdocuments.site/reader036/viewer/2022081406/5f10470a7e708231d44850bd/html5/thumbnails/13.jpg)
Configuration requirements are:
- Sertifikat di server dan klien
- Opsi verifikasi diaktifkan di server dan klien
Attacker
![Page 14: MuM Kuta,Bali 2019 › presentations › ID19 › presentation... · 2019-10-28 · Secure data from MITM (Man in the Middle Attack) with SSTP Mikrotik MuM Kuta,Bali 2019](https://reader036.vdocuments.site/reader036/viewer/2022081406/5f10470a7e708231d44850bd/html5/thumbnails/14.jpg)
Ini tidak hanya dilakukan dengan
username dan password, tetapi pada
client-server juga diautentikasi
menggunakan sertifikat server.
this means that the servers to check if
both channels are secure.
![Page 15: MuM Kuta,Bali 2019 › presentations › ID19 › presentation... · 2019-10-28 · Secure data from MITM (Man in the Middle Attack) with SSTP Mikrotik MuM Kuta,Bali 2019](https://reader036.vdocuments.site/reader036/viewer/2022081406/5f10470a7e708231d44850bd/html5/thumbnails/15.jpg)
WHY SSTP ?
https://thebestvpn.com/p
ptp-l2tp-openvpn-sstp-
ikev2-protocols/
![Page 16: MuM Kuta,Bali 2019 › presentations › ID19 › presentation... · 2019-10-28 · Secure data from MITM (Man in the Middle Attack) with SSTP Mikrotik MuM Kuta,Bali 2019](https://reader036.vdocuments.site/reader036/viewer/2022081406/5f10470a7e708231d44850bd/html5/thumbnails/16.jpg)
NOT USE IPSEC?
"TLS menjaga konteks antara
pengirim dan penerima dan
pembaruan yang menyatakan
(seperti nomor urut)"
"Dengan IPsec, semua itu
perlu dibuat eksplisit (karena
tidak ada jaminan bahwa
penerima akan mendapatkan
paket yang sama dalam urutan
yang sama dengan yang dikirim
pengirim)"
https://searchsecurity.techtarget.com/tip/IPSec-VPN-vs-SSL-VPN-Comparing-respective-VPN-security-risks
![Page 17: MuM Kuta,Bali 2019 › presentations › ID19 › presentation... · 2019-10-28 · Secure data from MITM (Man in the Middle Attack) with SSTP Mikrotik MuM Kuta,Bali 2019](https://reader036.vdocuments.site/reader036/viewer/2022081406/5f10470a7e708231d44850bd/html5/thumbnails/17.jpg)
SSL VPN that operates through
a web browser will usually be
able to manage connections
faster than ip sec.
SSTP support mobile
connection, IPSEC not
support
![Page 18: MuM Kuta,Bali 2019 › presentations › ID19 › presentation... · 2019-10-28 · Secure data from MITM (Man in the Middle Attack) with SSTP Mikrotik MuM Kuta,Bali 2019](https://reader036.vdocuments.site/reader036/viewer/2022081406/5f10470a7e708231d44850bd/html5/thumbnails/18.jpg)
Network administrators who
operate VPNs tend to find client
management a lot easier and
less time-consuming with SSL
than with IPSec.
![Page 19: MuM Kuta,Bali 2019 › presentations › ID19 › presentation... · 2019-10-28 · Secure data from MITM (Man in the Middle Attack) with SSTP Mikrotik MuM Kuta,Bali 2019](https://reader036.vdocuments.site/reader036/viewer/2022081406/5f10470a7e708231d44850bd/html5/thumbnails/19.jpg)
SSTP uses TLS 1.2
- Server & Client
Certificate
Publik key
Disertifikasi oleh Sertifikat
dengan Kepercayaan dari
client.
https://blog.trendmicro.com/trendlabs-security-
intelligence/poodle-vulnerability-puts-online-
transactions-at-risk/
![Page 20: MuM Kuta,Bali 2019 › presentations › ID19 › presentation... · 2019-10-28 · Secure data from MITM (Man in the Middle Attack) with SSTP Mikrotik MuM Kuta,Bali 2019](https://reader036.vdocuments.site/reader036/viewer/2022081406/5f10470a7e708231d44850bd/html5/thumbnails/20.jpg)
PROSES HANDSHAKE SSL/TLS
https://www.ibm.com/support/knowledgecenter/
en/SSFKSJ_7.1.0/com.ibm.mq.doc/sy10660_.htm
![Page 21: MuM Kuta,Bali 2019 › presentations › ID19 › presentation... · 2019-10-28 · Secure data from MITM (Man in the Middle Attack) with SSTP Mikrotik MuM Kuta,Bali 2019](https://reader036.vdocuments.site/reader036/viewer/2022081406/5f10470a7e708231d44850bd/html5/thumbnails/21.jpg)
ASYMMETRIC
SSTP It uses 2048 bit encryption and authentication certificates.
Enkripsi asimetris (atau kriptografi kunci publik)
menggunakan kunci terpisah untuk enkripsi dan dekripsi
https://www.digicert.com/ssl-cryptography.htm
![Page 22: MuM Kuta,Bali 2019 › presentations › ID19 › presentation... · 2019-10-28 · Secure data from MITM (Man in the Middle Attack) with SSTP Mikrotik MuM Kuta,Bali 2019](https://reader036.vdocuments.site/reader036/viewer/2022081406/5f10470a7e708231d44850bd/html5/thumbnails/22.jpg)
SYMMETRIC
Enkripsi simetris (atau enkripsi kunci yang dibagikan sebelumnya)
menggunakan kunci tunggal untuk mengenkripsi dan mendekripsi data.
![Page 23: MuM Kuta,Bali 2019 › presentations › ID19 › presentation... · 2019-10-28 · Secure data from MITM (Man in the Middle Attack) with SSTP Mikrotik MuM Kuta,Bali 2019](https://reader036.vdocuments.site/reader036/viewer/2022081406/5f10470a7e708231d44850bd/html5/thumbnails/23.jpg)
HOW SSL USES ASYMMETRIC AND SYMMETRIC
Server mengirimkan salinan kunci publik
asimetrisnya.
Browser membuat kunci sesi simetris dan
mengenkripsinya dengan kunci publik
asimetris server. Kemudian
mengirimkannya ke server.1
2
![Page 24: MuM Kuta,Bali 2019 › presentations › ID19 › presentation... · 2019-10-28 · Secure data from MITM (Man in the Middle Attack) with SSTP Mikrotik MuM Kuta,Bali 2019](https://reader036.vdocuments.site/reader036/viewer/2022081406/5f10470a7e708231d44850bd/html5/thumbnails/24.jpg)
Server dan Browser sekarang
mengenkripsi dan mendekripsi semua data
yang dikirimkan dengan kunci sesi
“This allows for a secure channel because the
browser and the server know the session key” 3
4
![Page 25: MuM Kuta,Bali 2019 › presentations › ID19 › presentation... · 2019-10-28 · Secure data from MITM (Man in the Middle Attack) with SSTP Mikrotik MuM Kuta,Bali 2019](https://reader036.vdocuments.site/reader036/viewer/2022081406/5f10470a7e708231d44850bd/html5/thumbnails/25.jpg)
TOPOLOGI
Site to Site
Mobile Connection
![Page 26: MuM Kuta,Bali 2019 › presentations › ID19 › presentation... · 2019-10-28 · Secure data from MITM (Man in the Middle Attack) with SSTP Mikrotik MuM Kuta,Bali 2019](https://reader036.vdocuments.site/reader036/viewer/2022081406/5f10470a7e708231d44850bd/html5/thumbnails/26.jpg)
SSTP CLIENT ON LINUX
Currently, SSTP clients exist in
Windows Vista, Windows 7,
Windows 8, Linux and RouterOS.
Public/Wan
203.77.250.
192.168.0.5
![Page 27: MuM Kuta,Bali 2019 › presentations › ID19 › presentation... · 2019-10-28 · Secure data from MITM (Man in the Middle Attack) with SSTP Mikrotik MuM Kuta,Bali 2019](https://reader036.vdocuments.site/reader036/viewer/2022081406/5f10470a7e708231d44850bd/html5/thumbnails/27.jpg)
CONFIG MOBILE CONNECTION
Membuat Certificate
Disini kita akan membuat 3 Certificate
1. CA Template
2. Server
3. Client
![Page 28: MuM Kuta,Bali 2019 › presentations › ID19 › presentation... · 2019-10-28 · Secure data from MITM (Man in the Middle Attack) with SSTP Mikrotik MuM Kuta,Bali 2019](https://reader036.vdocuments.site/reader036/viewer/2022081406/5f10470a7e708231d44850bd/html5/thumbnails/28.jpg)
Key Usage
- TLS Server & Client
![Page 29: MuM Kuta,Bali 2019 › presentations › ID19 › presentation... · 2019-10-28 · Secure data from MITM (Man in the Middle Attack) with SSTP Mikrotik MuM Kuta,Bali 2019](https://reader036.vdocuments.site/reader036/viewer/2022081406/5f10470a7e708231d44850bd/html5/thumbnails/29.jpg)
Lakukan settingan yg sama , yang
membedakan hanya common name
dan name nya saja
![Page 30: MuM Kuta,Bali 2019 › presentations › ID19 › presentation... · 2019-10-28 · Secure data from MITM (Man in the Middle Attack) with SSTP Mikrotik MuM Kuta,Bali 2019](https://reader036.vdocuments.site/reader036/viewer/2022081406/5f10470a7e708231d44850bd/html5/thumbnails/30.jpg)
Kita tanda tangani (sel-signed)
server dan client nya dan jangan
lupa trusted
![Page 31: MuM Kuta,Bali 2019 › presentations › ID19 › presentation... · 2019-10-28 · Secure data from MITM (Man in the Middle Attack) with SSTP Mikrotik MuM Kuta,Bali 2019](https://reader036.vdocuments.site/reader036/viewer/2022081406/5f10470a7e708231d44850bd/html5/thumbnails/31.jpg)
Export certificate untuk nanti di
pindahkan ke client
![Page 32: MuM Kuta,Bali 2019 › presentations › ID19 › presentation... · 2019-10-28 · Secure data from MITM (Man in the Middle Attack) with SSTP Mikrotik MuM Kuta,Bali 2019](https://reader036.vdocuments.site/reader036/viewer/2022081406/5f10470a7e708231d44850bd/html5/thumbnails/32.jpg)
Aktifkan SSTP Server dan buat
secret untuk akses login client
Disini kita pilih TLS version 1.2
TLS/SSL validates server certificate.
![Page 33: MuM Kuta,Bali 2019 › presentations › ID19 › presentation... · 2019-10-28 · Secure data from MITM (Man in the Middle Attack) with SSTP Mikrotik MuM Kuta,Bali 2019](https://reader036.vdocuments.site/reader036/viewer/2022081406/5f10470a7e708231d44850bd/html5/thumbnails/33.jpg)
Sekarang kita aktifkan VPN
connection nya
Buat koneksi vpn baru
![Page 34: MuM Kuta,Bali 2019 › presentations › ID19 › presentation... · 2019-10-28 · Secure data from MITM (Man in the Middle Attack) with SSTP Mikrotik MuM Kuta,Bali 2019](https://reader036.vdocuments.site/reader036/viewer/2022081406/5f10470a7e708231d44850bd/html5/thumbnails/34.jpg)
CONNECTED ON LINUX
Jika VPN berhasil terhubung ke
SSTP Server , coba test ping ke ip
public router
Dan coba ping ke ip private yang
ada di router
![Page 35: MuM Kuta,Bali 2019 › presentations › ID19 › presentation... · 2019-10-28 · Secure data from MITM (Man in the Middle Attack) with SSTP Mikrotik MuM Kuta,Bali 2019](https://reader036.vdocuments.site/reader036/viewer/2022081406/5f10470a7e708231d44850bd/html5/thumbnails/35.jpg)
CONNECTED ON MIKROTIK
Cek apakah user sudah terhubung pada
server di “Active Connections”
Jika user terhubung pada server , maka di menu interface akan muncul
IP yang di dapatkan otomatis
![Page 36: MuM Kuta,Bali 2019 › presentations › ID19 › presentation... · 2019-10-28 · Secure data from MITM (Man in the Middle Attack) with SSTP Mikrotik MuM Kuta,Bali 2019](https://reader036.vdocuments.site/reader036/viewer/2022081406/5f10470a7e708231d44850bd/html5/thumbnails/36.jpg)
Disini saya mencoba mengakses
salah satu web server yg saya
setting dengan ip local yaitu
192.168.0.5
![Page 37: MuM Kuta,Bali 2019 › presentations › ID19 › presentation... · 2019-10-28 · Secure data from MITM (Man in the Middle Attack) with SSTP Mikrotik MuM Kuta,Bali 2019](https://reader036.vdocuments.site/reader036/viewer/2022081406/5f10470a7e708231d44850bd/html5/thumbnails/37.jpg)
EXAMPLE SITE TO SITE
![Page 38: MuM Kuta,Bali 2019 › presentations › ID19 › presentation... · 2019-10-28 · Secure data from MITM (Man in the Middle Attack) with SSTP Mikrotik MuM Kuta,Bali 2019](https://reader036.vdocuments.site/reader036/viewer/2022081406/5f10470a7e708231d44850bd/html5/thumbnails/38.jpg)
![Page 39: MuM Kuta,Bali 2019 › presentations › ID19 › presentation... · 2019-10-28 · Secure data from MITM (Man in the Middle Attack) with SSTP Mikrotik MuM Kuta,Bali 2019](https://reader036.vdocuments.site/reader036/viewer/2022081406/5f10470a7e708231d44850bd/html5/thumbnails/39.jpg)
![Page 40: MuM Kuta,Bali 2019 › presentations › ID19 › presentation... · 2019-10-28 · Secure data from MITM (Man in the Middle Attack) with SSTP Mikrotik MuM Kuta,Bali 2019](https://reader036.vdocuments.site/reader036/viewer/2022081406/5f10470a7e708231d44850bd/html5/thumbnails/40.jpg)
THE CONCLUSION IS
SSL dan IPSec keduanya memiliki silsilah keamanan yang kuat dengan kecepatan throughput, keamanan, dan
kemudahan penggunaan yang sebanding untuk sebagian besar pelanggan layananVPN komersial.
Sstp bisa menjadi alternatif yang mudah diimplementasikan untuk mencegah MITM, Otentikasi dengan sertifikat akan
membuatnya aman
Jadi, keduanya memiliki pro dan kontra, sehingga tidak boleh dilihat sebagai lebih baik atau lebih buruk tetapi lebih
seperti alat yang digunakan untuk menyelesaikan pekerjaan.
![Page 41: MuM Kuta,Bali 2019 › presentations › ID19 › presentation... · 2019-10-28 · Secure data from MITM (Man in the Middle Attack) with SSTP Mikrotik MuM Kuta,Bali 2019](https://reader036.vdocuments.site/reader036/viewer/2022081406/5f10470a7e708231d44850bd/html5/thumbnails/41.jpg)
REFERENCE
wiki.mikrotik.com
blogs.akamai.com
thebestvpn.com
mikrotik.co.id
digicert.com
searchsecurity.techtarget.com
![Page 42: MuM Kuta,Bali 2019 › presentations › ID19 › presentation... · 2019-10-28 · Secure data from MITM (Man in the Middle Attack) with SSTP Mikrotik MuM Kuta,Bali 2019](https://reader036.vdocuments.site/reader036/viewer/2022081406/5f10470a7e708231d44850bd/html5/thumbnails/42.jpg)
PERTANYAAN ?
?
![Page 43: MuM Kuta,Bali 2019 › presentations › ID19 › presentation... · 2019-10-28 · Secure data from MITM (Man in the Middle Attack) with SSTP Mikrotik MuM Kuta,Bali 2019](https://reader036.vdocuments.site/reader036/viewer/2022081406/5f10470a7e708231d44850bd/html5/thumbnails/43.jpg)
THANK YOU
Mikrotik & MuM Bali 2019
Politeknik Citra Widya Edukasi
Fullstack Team
NBH Team