ANALYSIS OF POTENTIAL SECURITY ISSUES IN REGIONAL GOVERNMENT X WEBSITE USING SCANNING METHOD IN KALI LINUX

Authors

  • Jelita Putri Deviarinda Department of Information System, Telkom University, Bandung - INDONESIA
  • Avon Budiyono Department of Information System, Telkom University, Bandung - INDONESIA
  • Ahmad Almaarif Department of Information System, Telkom University, Bandung - INDONESIA

Keywords:

Security, Website, Vulnerability Assessment, Scanning, Kali Linux

Abstract

The importance of website security is a top priority after data leakage or damage occurs. Website is a web page that is interconnected and contains a collection of information and can be accessed through the home page using a browser and internet network. According to the ministry of communications and information, 50% of the government's website is under threat from hacker attacks that can harm private information. Vulnerability assessment or process of identifying the weaknesses of a system can be an effective way to control and prevention against risks that occur. Given these problems, it is necessary to analyze the potential vulnerabilities on websites with vulnerability assessments aimed at preventing security vulnerabilities. In this study the analysis of potential website security loopholes was performed using scanning methods. The test is carried out with a vulnerability assessment using tools that are available on Linux and run on a virtual machine. Kali Linux is an operating system that has many tools including penetration testing, ethical hacking and network security assessment. This research was conducted using uniscan and nmap tools by scanning the target URL and assisted by using a web browser. The result of testing is to find a security vulnerability using a scanning method with tools and then giving the solution of the vulnerability it acquired.

References

APJII, A. P. (2018, March 22). Penetrasi Internet di Indonesia Capai 143 Juta Jiwa. Retrieved from https://apjii.or.id/downfile/file/BULETINAPJIIEDISI22Maret2018.pdf

Goel, J. N., & Mehtre, B. (2015). 3rd International Conference on Recent Trends in Computing 2015 (ICRTC-2015). Vulnerability Assessment & Penetration Testing as a Cyber Defence Technology, 712-713.

Gultom, L. M., & Mawaddah, H. (2015). Analisis Celah Keamanan Website Instansi Pemerinah Di Sumatera Utara. Teknovasi, 1.

Hambling, & Goethem. (2018). Testing Methodology. In L. J. Siagian, Software Testing Automation (pp. 6-8). Yogyakarta: Deepublish.

Iskandar, B. Y. (2016). BUKU PUTIH KOMUNIKASI DAN INFORMATIKA 2016. Jakarta: Badan Litbang, SDM Kementerian Komunikasi dan Informatika.

Raharjo, B. (2011). Belajar Pemrograman Web. Bandung: Modula.

Raphaël Hertzog, J. O., & Aharoni, M. (2017). Kali Linux Revealed Mastering the Penetration Testing Distribution. USA: Offsec Press .

Sibero, A. F. (2013). Web Programming Power Pack. Yogyakarta: MediaKom.

Suryayusra. (2014). Analisis Web Vulnerability pada Portal Pemerintahan Kota Palembang menggunakan Acunetix Vulnerability.

Technology, N. I. (2013). VULNERABILITY ASSESSMENT AND PENETRATION TESTING IN THE MILITARY AND IHL CONTEXT. Security and Privacy Controls for Federal Information Systems and Organizations, 53.

Uno, H. B., & Lamatenggo, N. (2011). Teknologi Komunikasi dan Informasi. Jakarta: PT Bumi Aksara, cet 2 .

Yaqoob, I., Hussain, S. A., Mamoon, S., Naseer, N., Akram, J., & Rehman, A. u. (2017). Penetration Testing and Vulnerability Assessment. 10-11.

Published

2021-04-22

Issue

Section

FoITIC 2020