A. M. Elhanafi,M. Hasibuan

DOI: https://doi.org/10.56211/sudo.v1i4.160

2022-12-08

Abstract:Sebuah perusahaan yang berkembang memerlukan sebuah website untuk menunjang kegiatan operasionalnya, namun yang sering menjadi permasalahan adalah bagaimana cara mengamankan data yang ada di web server agar terhindar dari pihak yang tidak bersangkutan. Dalam penelitian ini akan ditulis bagaimana cara mengetahui tingkat keamanan pada web server diva karaoke dengan melakukan pengujian penetrasi dalam suatu sistem dengan menggunakan perangkat lunak virtualisasi virtualbox untuk mengeksekusi sistem operasi kali linux. Pengujian penetrasi ini hanya untuk menguji tingkat keamanan sistem jaringan web server diva karaoke dengan menggunakan uji coba non destruktif yaitu uji coba yang tidak membuat kerusakan sistem. Penelitian ini dilakukan dengan melakukan analisis dan perancangan dengan menggunakan tools-tools yang ada di kali linux. Hasil penelitian ini menunjukkan tingkat kerentanan pada web server diva karaoke masih rendah, dibuktikan dengan adanya beberapa port TCP yang terbuka, situs web beresiko terhadap serangan clickjacking. Selain itu penelitian ini juga dapat menjadi tolak ukur sejauh mana perusahaan yang dievaluasi ini sudah bisa mengamankan data dari pihak yang seharusnya tidak mendapatkan akses terhadap data.

Michelle Cantika Pontoan,Jay Idoan SIhotang,Erienika Lompoliu

DOI: https://doi.org/10.30812/matrik.v22i2.2474

2023-03-31

Abstract:The rapid development of information affects many aspects of human life. So that the field of information security becomes one aspect that must be considered. This study aims to measure the information security awareness and to improve daily operational activities of managing IT services effectively and efficiently. Salemba Adventist Academy has used the Wium Online Education Management System (WIOEM) online system, but in its implementation the security aspects of the system are not yet known. The Information Technology Infrastructure Library (ITIL) v3 framework which is globally recognized for managing information technology is broken down into five parts: Service Strategy, Service Design, Service Transition, Service Operation, Continual Service Improvement. This study focuses on Service Operations with 4 attributes, namely: Security, Privacy, Risk, and Trust. The data collection method used by the researcher was through observation in the form of a questionnaire in taking the number of samples to several students by taking population samples using the Lemeshow method. After the data were collected, the results of the ITIL indicator questionnaire are calculated based on the data security level. The results show that the Security indicator is Level 1, the Privacy indicator is level 3, the Risk indicator is level 3, and the Trust indicator is level 4 on the Data Security Level scale. This shows that the WIOEM system can be used properly according to user expectations and meets several levels of data security according to ITIL v3 framework.

Esti Zakia Darojat,Eko Sediyono,Irwan Sembiring

DOI: https://doi.org/10.21456/vol12iss1pp36-44

2022-09-22

JURNAL SISTEM INFORMASI BISNIS

Abstract:E-Government is one of the local government's means of implementing service-oriented values and public information disclosure by providing the local government's official website. Vulnerability Assessment (VA) is a vulnerability assessment method by testing security vulnerabilities to find out all potential critical weaknesses of e-government websites, the aims is to support convenience and service improvement when using e-government websites. The method is using descriptive quantitative to analyze and evaluate security level of both e-government websites based on the NIST SP 800-115 method regarding technical guidelines for testing and assessing information security parameters and OWASP using two web vulnerability scanners. This study is to analyze and evaluate the results of vulnerability scanning on two different types of e-government web, namely the e-government web belonging to the local government and village government, the sample assessment using the semarangkab.go.id website belonging to the local government of Semarang Regency, Central Java Province. and gunungtumpeng.id which is the official e-government website owned by the Gunung Tumpeng Village Government, Suruh District, Semarang Regency, Central Java Province, Indonesia. Hasil penelitian menunjukkan ditemukan persamaan penilaian dalam hal kategori level ancaman dan jumlah kerentanan menggunakan kedua alat web vulnerability scanner, dan hasil yang berbeda terdapat pada durasi, kecepatan pemindaian, dan jenis temuan kerentanan. Kedua parameter OWASP dapat memberikan petunjuk dan penjelasan kompleks untuk membantu pengembang atau pihak pemerintah daerah melakukan pengambilan keputusan mengenai keamanan informasi pada web e-government yang dikelola.

Isnania .

DOI: https://doi.org/10.36382/jti-tki.v3i1.116

2012-03-16

JURNAL TEKNOLOGI INFORMASI

Abstract:E-commerce is one of the major networks to do the transaction, where security is an issue that must be considered vital to the security of customer data and transactions. To realize the process of e-commerce, let prepared operating system (OS) that are reliable to secure the transaction path and also Dynamic Database back end that provides a product catalog that will be sold online. For technology, we can adopt open source technologies that are all available on linux. On linux it's too bundles Apache web server that integrates with SSL technology (Secure Socket Layer) server and email facilities (able to use sendmail, small or qmaill) and also has the availability of MySQL Database. For the front end we can use Perl, C and PHP which has been used about 1,000,000 Website / sereer in the world. SSL technology (Secure Socket Layer) encryption method, wherein the method is a mathematical method to randomize the information submitted. SSL also supports the identification of even complex digital systems. Keywords: SSL (Secure Socket Layer), E-commerce, Linux, Firewall, Web server

Rayco William,Ikhwan Ruslianto,Uray Ristian

DOI: https://doi.org/10.24114/cess.v8i1.40258

2023-01-21

Abstract:Server is a center for providing services and storing data in a computer network. A server is managed by server administrator who has a duty of monitoring security server. While on duty, there are deficiencies in detecting attacks, the slow information about the attacks, and how to handle attacks on the server. In this research, a server security system was created by implementing an Intrusion Prevention System (IPS) based on website and mobile applications. Attack detection focuses on ICMP and TCP port attacks with the latency time when the system responds to an attack is 99,89 ms (very good). The attack handling system was successfully carried out using Iptables against the attacker's IP that detected by the Suricata system through the website and mobile applications, to be given action which is divided into Drop, Reject and Accept. Administrators can quickly take the necessary precautions after receiving an automatic notification when the server is under attack via Telegram with an average speed is 3.41second. The ping attack, port scanning and ping of death (DoS) attacks resulted in an increase in the performance load on the local server with the initial conditions of CPU performance ranging from 10-19%, increasing when a ping attack occurred to 21,6%, memory 41,7%, and disk 19,6%. Port scanning increased by 85,9% CPU, memory 41,9%, and disk 20,3%. Ping of death increased CPU 90,4%, memory 42,9%, and disk 20,8%. Based on the tests that have been done, an excessive increase is found in the ping of death attack which results in server performance increasing to 90,4%, if the attack occurs for a long time then the server condition will be hang (damaged).

Yuni Wardatul Indriani

DOI: https://doi.org/10.31219/osf.io/f2uer

2020-04-05

Abstract:AbstractInformasi sangatlah dibutuhkan dalam kehidupan, untuk mendapatkan informasi dan bertukar informasi sangatlah mudah untuk dilakukan kapan saja dan dimana saja. Informasi meliputi file dan data, jaringan komputer merupakan salah satu hal yang penting untuk pertukaran informasi. Salah satu media yang dapat digunakan adalah FTP (File Transfer Protocol) yaitu aplikasi untuk tukar menukar data antara client dengan server dalam satu jaringan, dengan cara client mengupload file yang tersimpan di hard disk server dan dapat diakses selama client terhubung dengan jaringan internet.Seiring berkembangnya teknologi saat ini file penting yang diupload dan didownload sangat rentan dengan kejahatan dunia internet seperti tool wireshark yang dapat mengetahuiusername, password, dan file yang diupload dan didownload oleh client. Maka dari itu dibuatlah FTP server dengan sistem keamanan transfer data. FTP server yang telah diaktifkan fitur TLS (Transfer Layer Security) dapat mengamankan informasi username, password, dan file yang diupload dan didownload oleh client tidak dapat dibaca oleh tool wireshark.Dalam mencegah penuhnya kapasitas hard disk server, maka digunakanlah Disk Quota yang berfungsi untuk memberikan batasan kuota client dalam melakukan upload. Dengan demikian FTP server yang belum menggunakan TLS maka username, password dan file dapat dibaca oleh tool wireshark. Sedangkan FTP server yang telah menggunakan TLS lebih aman karena username, password dan file tidak dibaca oleh tool wireshark.

Deuis Nur Astrida,Agung Restu Saputra,Akhmad Ikhza Assaufi

DOI: https://doi.org/10.33395/sinkron.v7i1.11249

2022-01-13

SinkrOn

Abstract:The use of computer networks in an agency aims to facilitate communication and data transfer between devices. The network that can be applied can be using wireless media or LAN cable. At SMP XYZ, most of the computers still use wireless networks. Based on the findings in the field, it was found that there was no user management problem. Therefore, an analysis and audit of the network security system is needed to ensure that the network security system at SMP XYZ is safe and running well. In conducting this analysis, a tool is needed which will be used as a benchmark to determine the security of the wireless network. The tools used are Penetration Testing Execution Standard (PTES) which is one of the tools to become a standard in analyzing or auditing network security systems in a company in this case, namely analyzing and auditing wireless network security systems. After conducting an analysis based on these tools, there are still many security holes in the XYZ wireless SMP that allow outsiders to illegally access and obtain vulnerabilities in terms of WPA2 cracking, DoS, wireless router password cracking, and access point isolation so that it can be said that network security at SMP XYZ is still not safe

Mohd Faiz Hilmi,Yanti Mustapha

DOI: https://doi.org/10.48550/arXiv.2209.11196

2022-06-03

Cryptography and Security

Abstract:Information technology has made e-learning possible and available on a large scale. Learning management system (LMS) has been widely used and is accessible through the Internet. However, LMS are exposed to various threats. Proper understanding of the threats is required. Furthermore strategy and best practices countermeasures will ensure a safe learning environment. Therefore, this study looks into the information security aspect of LMS. Specifically, there are two main purposes of this study. First, this study provides a review of information security in e-learning environments and explains the importance of information security. Second, this study looks at how student perceived the security of their e-learning portal. A total of 497 students responded to a survey questionnaires. Frequencies analysis was conducted to show the profile of the respondent. Overall, respondent has strong positive perceptions towards security of their LMS. This study serve as an introduction which help LMS administrator to understand the issues and possibilities related to the safety of LMS.

Terttiaavini,I Made Agus Oka Gunawan,Kraugusteeliana,Edy Winarno,Rony Sandra Yofa Zebua

DOI: https://doi.org/10.37034/jidt.v5i1.290

2023-04-02

Jurnal Informasi dan Teknologi

Abstract:Sistem pengaduan masyarakat berbasis web sangat penting bagi Polsek Banda Sakti dalam meningkatkan efisiensi dalam menerima dan menangani pengaduan masyarakat. Dengan mengembangkan sistem pengaduan masyarakat berbasis web, Polsek Banda Sakti dapat memberikan sarana yang mudah digunakan dan efisien bagi masyarakat untuk melaporkan masalah yang dihadapinya. Hal ini akan memudahkan masyarakat dalam melaporkan masalah yang dihadapi sehingga dapat ditangani dengan cepat dan tepat. Selain itu, sistem ini juga memberikan kesempatan bagi Polsek Banda Sakti untuk mengaplikasikan ilmu dan keterampilan yang telah didapat dalam bidang pemrograman web dan pengembangan sistem. Dengan mengaplikasikan ilmu dan keterampilan tersebut, Polsek Banda Sakti dapat memberikan kontribusi nyata dalam pengembangan sistem pengaduan masyarakat. Sistem pengaduan masyarakat berbasis web ini dapat digunakan oleh masyarakat di wilayah Banda Sakti untuk melaporkan masalah yang dihadapi. Masyarakat dapat mengirimkan laporan dengan mengisi form yang tersedia di website. Setelah masyarakat mengirimkan laporan, laporan tersebut akan diterima oleh Polsek Banda Sakti dan ditindaklanjuti sesuai dengan prosedur yang berlaku. Sistem ini juga dilengkapi dengan fitur untuk melacak status laporan yang telah diterima oleh Polsek Banda Sakti. Website ini di rancang dan di desain dengan beberapa tool pemograman diantara nya dengan menggunakan framework laravel, boostrap dan lain-lain. Framework laravel digunakan untuk pengembangan sistem yang cepat dan mudah, sedangkan bootstrap digunakan untuk membuat tampilan website yang responsive dan mudah dibaca oleh masyarakat. Website ini di desain dengan user friendly dan sesuai dengan kebutuhan masyarakat. Hasil dari sistem website ini adalah dapat digunakan dan di implementasikan di polsek banda sakti serta memudahkan masyarakat di wilayah banda sakti dalam melaporkan masalah yang dihadapi. Sistem ini juga akan membantu Polsek Banda Sakti dalam meningkatkan efisiensi dalam menerima dan menangani pengaduan masyarakat.

Irfan Ardiansah,Rahmat Subrata Kardaya,Devi Maulida Rahmah,Selly Harnesa Putri,Ryan Hara Permana

DOI: https://doi.org/10.32520/jupel.v5i2.2605

2023-06-30

JURNAL PERANGKAT LUNAK

Abstract:This study involves the creation and deployment of a Laravel framework-based web-based management information system for a business entity referred to as Buluk Lupa. The website serves as a platform for all transactions in Buluk Lupa, as well as a medium for promotion and storage of product and stock data online. The website employs a bootstrap with the Magenta theme, organizing the appearance of the website like a table while also providing separate pages for each menu item. The website also includes a shopping cart feature for users to purchase products, as well as a cookie system to streamline the user experience during login and order placement. The website underwent black box testing to ensure all functions align with the intended requirements. The text also discusses the economic feasibility analysis of Buluk Lupa's products and the proposed system modifications to make the existing information system more effective and provide a positive impact on sales and data collection, affecting Buluk Lupa's growth.

Utama Hasiolan Panggabean,Benfano Soewito

DOI: https://doi.org/10.19109/jusifo.v9i1.17365

2023-06-30

JUSIFO (JURNAL SISTEM INFORMASI)

Abstract:This study concentrates on examining the security of network infrastructure using the cyber kill chain framework approach. The research is conducted within a company operating in network security services. In its operations, it offers a Virtual Private Cloud (VPC) containing various crucial information such as applications, internal data, client data, and product demos. Despite the attractive features of cloud computing, there are significant threats as well. Handling attacks cannot be swiftly and efficiently executed, resulting in temporary operational unavailability until the attacks are resolved. This research delves into the security of the company's infrastructure by testing several points of vulnerability exploited by malicious parties. The cyber kill chain framework approach is employed to systematically assess the company's infrastructure. The study reveals that certain issues have been adequately detected; however, security gaps persist, as evidenced by the testing conducted and the inadequate response from the company's security systems.

Heru Pranata,Leon Andretti Abdillah,Usman Ependi

DOI: https://doi.org/10.48550/arXiv.1508.05457

2015-08-22

Abstract:Development of information technology, especially in the field of computer network allows the exchange of information faster and more complex and the data that is exchanged can vary. Security of data on communication in the network is a major thing. Secure socket layer (SSL) is the solution to the problem, but further research on the security of the SSL protocol transactions should be done to determine the extent of SSL can secure the data on the network. When the computer sends data across the network, the data is transmitted in packets. Sniffing is a technique of monitoring of every packet traversing the network. Security threat presented by sniffers is their ability to capture all incoming and outgoing packets through the network, which includes the passwords, usernames and other sensitive issues. Packet sniffer captures the data addressed to other devices, which will then be stored for later analysis later. Sniffing can also be used by system administrators to monitor the network and solve problems in the network.

Cryptography and Security

Suharmadi Suharmadi,Hendrik Setyo Utomo

DOI: https://doi.org/10.34128/jsi.v5i1.168

2019-07-14

Jurnal Sains dan Informatika

Abstract:The process of filing the Company PT. PLN (Persero) Unit Induk Pembangkitan dan Penyaluran Kalimantan UPDK Barito ULPLTA Ir. P.M. Noor is storing files in the computers of each department. Communication between departments in archiving is done by means of whatapps or other tools, so that it requires a large file size. The purpose of the research is to design an electronic file archive (EFA) that applies to local networks that are connected to all departments. EFA is doing filing electronically and can communicate between users. Testing using the black box throughout the functional application is successful.

English Else

Nopri Dwipoyono,Khairil Khairil,Aji Sudarsono

DOI: https://doi.org/10.37676/jmi.v19i2.4355

2023-10-11

JURNAL MEDIA INFOTAMA

Abstract:Abstract- The Seluma 5 State Vocational High School does not yet have a firewall, so the computer network security at school is still very minimal, both in terms of limiting access to the network. Besides that, internet access at Seluma 5 State Vocational High School is used by teachers and staff to access internet pages by browsing to get information, but there are several teachers and staff who access social media pages and other pages which decreases the effectiveness of the performance of these teachers and staff. Implementation of a Firewall on a computer network security system at the Seluma 5 Vocational High School uses Iptables to monitor packet data traffic processes in the network. With iptables, you can manage network traffic on the server such as allowing, blocking or skipping incoming and outgoing connections, managing ports and so on on the Seluma 5 State Vocational High School Computer Network. Based on the tests that have been carried out, it can be concluded that the implementation of a firewall on the computer network security system at the State Vocational High School 5 Seluma is able to block the ping of death attack and is also able to open and close access to several ports in the network and block the websites facebook.com, instragram .com, and tokopedia.com

Fauzan Aziz,Leon Andretti Abdillah,Novri Hadinata

DOI: https://doi.org/10.48550/arXiv.1508.06775

2015-08-27

Computers and Society

Abstract:Information technology (IT) is able to fulfill one of the main needs of an organization, such as how the executive know and manage the performance of the organization he leads, including the human resources (HR). Faculty of Agriculture, University of Muhammadiyah Palembang (UMP) has had personnel information system which is used to manage HR data both employees and lecturers. However, the information system is to support the operational activities only. Therefore it is necessary to build an executive information system (SIE) in the faculty is the dean. By using the SIE, the dean can easily access summary data visualization, namely the appearance of information in the form of graphs making it easier for executives to make decisions.

Andika,Leon Andretti Abdillah,Muhammad Ariandi

DOI: https://doi.org/10.48550/arXiv.1509.02984

2015-09-10

Computers and Society

Abstract:Geographic Information System (GIS) is a computer-based system used to store and manipulate geographic information. In this study, GIS is used to obtain information about "open green space of urban areas" (RTHKP). Office of street lighting and Cemetery Palembang is one agency that regulates the green open spaces but not using media such as websites that support the community to get information about the open green space of urban areas in the city of Palembang, so it was apparent from the author will build a system RTKHP with geographic information system development methodology Rational Unified Process (RUP), the programming language PHP and uses a MySQL database. With the GIS open green space of urban areas that will be made later can help facilitate the public to get information related to RTHKP and assist the Department of street lighting and landscaping burial in managing and providing related information RTHKP in Palembang so that delivery of information to be more effective.

Niswatun Baroroh,Rahmat Rustiana,Tita Hermalia,Yadi Hermawan

DOI: https://doi.org/10.61553/ascent.v1i1.71

2023-08-31

Abstract:Libraries are the main supporting facilities for education, be it primary, secondary or higher education. The main purpose of the library is to provide facilities that can improve the quality of learning where students and educators can add insights easily through various books and other references provided. Book circulation arrangements in the library have a very important role in improving the effectiveness of library management, especially those related to the process of borrowing and returning books borrowed by participants. However, Mentari Indonesia Islamic Junior High School does not have these supporting facilities, so participants cannot find out what collections are in the library. In addition, the process of borrowing and returning books by members is not recorded properly because it still relies on manual recording with paper that is prone to loss or damage. Therefore, a technology is needed that can make it easier for students and teachers to find books, manage the process of borrowing and returning books and keep the data from these activities from being easily lost. To realise this, a website-based library information system needs to be designed and created. The method used in website development is the waterfall method which is one of the popular methods in software development. The result of this design is a website application that is able to support library administration work while being able to handle existing problems. As an effort to evaluate the results of the design, the website was tested using the black box method to show that functionally the application can run well. The test results show that all the features designed can run well and without causing errors.

Agus Prianto,Henri Septanto

DOI: https://doi.org/10.55606/jitek.v3i3.2368

2023-11-21

Abstract:This study aims to design and develop an effective and efficient learning media at Wipama Cikupa Vocational School, because this Vocational School faces obstacles in terms of limited classroom space and learning time which is divided into two shifts. To overcome this problem, the development of an LMS (Learning Management System) was implemented as a solution to provide learning without distance, place and time limitations. E-learning was chosen as the main approach in this research, because of its flexibility, self-learning ability, and cost efficiency for both administrators and students. The development of this LMS includes the stages of system requirements analysis, user interface design, database design, coding using the PHP programming language, and testing. The development method used is the Waterfall model to ensure planned and systematic development. The testing phase is carried out using a black box approach to ensure compatibility between the system being developed and the desired requirements. The result of this research is the implementation of the LMS (Learning Management System) which allows online learning through a website platform, so that this school can overcome the limitations of classrooms and time, and increase the effectiveness and efficiency of the learning process in this school.

Bambang Sugiantoro,Muhammad Anshari,Danang Sudrajat

DOI: https://doi.org/10.1088/1742-6596/1566/1/012020

2020-06-01

Journal of Physics: Conference Series

Abstract:Abstract Software development usually follows the stages known as the Software Development Life Cycle (SDLC). Development begins with the requirements phase and then continues with the design, development of test plans, implementation (coding), testing, and deployment. However, the security aspect has not been explicitly reflected in SDLC. In fact security must be present at every stage of the SDLC. Application of security in the process of developing software, especially e-Commerce, one of which uses the Security Development Lifecycle-Agile (SDL-Agile) method. The advantage of the SDL-Agile method is the application development process which incorporates a safety factor in each application development process, which is concise, and emphasizes user satisfaction. This objective of this paper examine the deployment of SDL Agile Method for eCommerce website to measure its confidentiality, integrity, and availability of the systems.

Arsha Setya Pradita,Sumarno Sumarno

DOI: https://doi.org/10.21070/ijins.v20i.740

2022-10-05

Indonesian Journal of Innovation Studies

Abstract:In the current era of globalization, the advancement of information systems is now very much needed because it can facilitate performance in a company, one of which is in the online sales business. PT Safra Asia Gemilang is a large company engaged in the sale of cosmetics and nutrition, in selling its products it still uses a manual system. So we need a system that is useful for simplifying and accelerating sales of the company's products. Therefore, the purpose of this research is to design a system, namely the Design of a Web-Based Online Sales Information System at PT Safra Asia Gemilang. The system development method used in this study is the Waterfall Method. The data collection stage used was literature study, observation, and interviews. PHP is a programming language in making the system, and MySQL as the database. The results of system testing from this study using blackbox testing by providing input to the program indicate that the features in the system have no errors and are running according to function very well.