Cloud a haven for cybercriminals

Cloud a haven for cybercriminals

The affordability and increasing popularity of cloud services are providing a new avenue for cybercriminals, say industry observers who note that service providers play a role in curbing such illegal activities. However, they warn that doing so will not be an easy task.

A security researcher last month warned that cloud services can be exploited for criminal purposes. At the Black Hat security conference, Thomas Roth said he was planning to release an open source kit which will enable users to crack Wi-Fi passwords by leveraging the computing power of the Amazon Web Services (AWS) cloud running on GPU-based servers.

There are other similar tools that use leasable cloud services to crack Wi-Fi security authentication mechanisms, such as Wi-Fi Protected Access (WPA), using the cloud infrastructure’s processor cluster to run dictionary attacks.

According to security players, the accessibility of such tools is not uncommon.

In an e-mail interview, Ronnie Ng, manager of systems engineering at Symantec Singapore, pointed to a 2009 blog post which noted that a Web site was purportedly selling automated Wi-Fi Protected Access (WPA) password crackers that used cloud computing technology.

The site allowed anyone to “pay a token sum of US$34 to rent time on a large 400-node computer cluster and check over 135,000,000 potential passwords against a targeted victim in just 20 minutes”. The Symantec blogger noted that even without technical knowledge, a malicious attacker would be able to obtain and use the password for illegal means such as to spy on the victim’s network.

Magnus Kalkuhl, director of Kaspersky Labs’s Europe global research and analysis team, also noted that cloud infrastructure has been misused for hosting malware. He told ZDNet Asia in an e-mail that there have been instances in the past where Amazon Elastic Compute Cloud (Amazon EC2) was used as malware hosting platforms, including a recent instance in which a trojan was spread using Rapidshare.

Kalkuhl noted that, in fact, certain malware “for years” have already been running on their own cloud. “Actually all DDoS (distributed denial-of-service) attacks and spamming services offered by cybercriminals are based on a cloud architecture, [which is] their own botnets made of thousands or even millions of infected PCs.”

In an e-mail interview, Paul Ducklin, head of technology for Sophos Asia-Pacific, added: “Almost anything you can do in the way of cybercrime on a standalone PC can be achieved through the cloud.”

In fact, he noted that cloud-based services such as social networks can make cybercrime easier.

Spams and scams can spread on Facebook, for instance, without ever raising an alarm on the user’s PC, Ducklin explained, noting that the benefit of distributing content automatically from many users to many users over social networks can work to the advantage of cybercriminals.


Responsibility on service providers

With more users moving onto the cloud platform, Ng cautioned that criminal activities on the cloud will rise.

“The cloud’s growing popularity will increase the risk of [users] being targeted by cybercriminals,” he said. He noted that the onus is on cloud service providers to “demonstrate due diligence” in ensuring organizations that lease their services do not engage in malicious activities.

Ducklin concurred: “Why would [businesses] be willing to store [their] data with a cloud provider that also allows cybercrooks and dodgy operators to use its services?”

Citing the case of DDoS attacks related to Wikileaks, he stressed that other users can be affected if a service provider is indiscriminate about whom it provides its services to.

“If your cloud provider services a wide range of businesses, the chance that one of them might become the victim of vigilantes carrying out a DDoS attack is higher,” Ducklin said. “You might lose quality of service due to sociopolitical problems suffered by someone else ‘in your cloud’.”

But while the security players agreed that cloud service providers should be vigilant when providing services, they noted that ensuring total control is not easily achieved.

Kalkuhl said concerns over privacy limit service providers’ ability to have complete control.

“Major cloud service providers like Amazon may check outgoing traffic for suspicious patterns such as DDoS attacks against other machines, [as well as instruct] customers who use virtual machines to conduct system penetration tests to inform the service provider in advance.

“However, it is not possible for the providers to scan the content of [network] traffic for keywords or malware signatures, for instance,” he explained. “Neither are they allowed to scan or manually check what files are stored in a provided [cloud] environment. Otherwise, people would lose their trust in cloud providers and the whole business model would be put at risk.”



Cloud a haven for cybercriminals





Perubahan Pengelolaan Nama Domain

Perubahan Pengelolaan Nama Domain

Selama ini domain yang kami gunakan tidak pernah didaftarkan dan tidak pernah diurus. Semua tampaknya berjalan otomatis. ISP selalu mengurusnya. Namun, ketika harus pindah ke ISP lain, persoalan domain barulah muncul. Informasi DNS ada di ISP lama sementara kontak dengan ISP lama akan segera berakhir. Jadi, perlu ada upaya untuk memindahkan informasi DNS ini agar pengakses masih tetap bisa mengakses server berdasarkan nama domain meski sudah pindah ISP.

Untuk urusan memindahkan DNS, pihak yang dihubungi adalah temen yang pernah punya pengalaman sejenis, PANDI, ISP lama dan ISP baru. Tidak hanya dihubungi per e-mail, namun juga per telpon agar bisa lebih interaktif. Temen dihubungi untuk mengetahui seluk beluk pindah ISP. PANDI dihubungi karena ia adalah lembaga resmi pengelola domain .id. ISP lama dihubungi agar pada saat yang sudah ditetapkan, ia mau melepaskan informasi DNS yang ia pegang di DNS Server. ISP baru dihubungi agar pada saat yang sudah ditetapkan juga, ia segera melakukan pendaftaran di DNS Server-nya.


Dari temen yang pernah punya pengalaman pindah ISP, didapat informasi, bahwa untuk pindah domain kita cukup melihat informasi yang berada di situs PANDI. Jangan lupa siapkan KTP dan Surat Kuasa. KTP dan Surat Kuasa tidak perlu di foto copy, cukup di-scan ke PDF atau JPG. Pihak PANDI mau menerima dokumen jenis ini. Dari temen ini juga saya bisa dipinjamkan account PANDI untuk sekedar melihat domain yang ia kelola. Rasanya jika hanya omongan saja tanpa bisa melihat domain yang temen saya kelola, kurang marem.


Berdasarkan situs http://www.pandi.or.id/perubahan-data-nama-domain/ didapat informasi bahwa selain ke 2 dokumen di atas, perlu dipersiapkan dokumen Surat Permohonan ke Pandi dan Tanda Bukti Pembayaran. Besarnya pembayaran yang harus kami lakukan adalah Rp 300.000,- dengan rincian :

  1. Biaya perubahan pengelolaan nama domain sebesar Rp 100.000,-. Jika tahun depan pindah ISP lagi, sepertinya biaya ini tidak perlu dibayar lagi, karena pengelolaan sudah ditangan sendiri.
  2. Biaya iuran selama 4 tahun hingga 2012 sebesar 4 x Rp 50.000,- = Rp 200.000,-

Tanda bukti pembayaran via ATM di-scan ke JPG. Surat Permohonan ke Pandi di-scan ke PDF. Jadi sekarang ada 4 dokumen, yaitu :

  1. Surat Kuasa
  2. KTP
  3. Surat Permohonan
  4. Bukti transfer

Ke 4 dokumen ini di-email ke helpdesk@pandi.or.id untuk diproses lebih lanjut. Kami mengirim jam 09.19 dibalas oleh PANDI jam 09.44 s/d jam 10.47 pada hari yang sama. Balasan dari PANDI terdiri dari 5 macam e-mail, yaitu :

  1. domain@pandi.or.id tentang Notifikasi Permohonan Perpanjangan Domain
  2. domain@pandi.or.id tentang Payment Confirmation Sistem Pengelolaan Domain .ID – PANDI
  3. domain@pandi.or.id tentang Payment Approval Sistem Pengelolaan Domain .ID – PANDI
  4. domain@pandi.or.id tentang Selamat, Permohonan Pembaharuan Domain Anda Disetujui
  5. pembayaran@pandi.or.id tentang Re: Fwd: Permohonan perubahan pengelolaan domain

ISP lama juga perlu disurati secara resmi agar ia bisa siap-siap untuk menghapus nama domain dari DNS Server-nya, khususnya per 31 Desember 2010 tengah malam.


ISP baru perlu ditanyai untuk hal-hal sbb :

  1. IP Address untuk DNS Primer dan DNS Sekunder. Data ini akan dimasukkan ke PANDI dan juga server-server.
  2. IP Address, Subnet Mask, dan Gatewy untuk calon DNS Server kami
  3. Penempatan DNS Server di Data Center ISP baru
  4. Mengetahui siapa pengelola DNS Server
  5. Menginformasikan IP Address DNS Server kami ke pengelola DNS Server ISP
  6. Menginformasikan agar hostmaster ISP baru siap meng-advertise per 31 Desember 2010 tengah malam.

Kira-kira berapa lama proses advertise ini ya? Kita tunggu saja.


Saat saya SSH dari rumah, pesan kesalahan yang muncul adalah sbb :

[msmunir@localhost ~]$ ssh xxx@183.91.xxx.xxx

ssh_exchange_identification: Connection closed by remote host

[msmunir@localhost ~]$



Solusi ?


DNS 2011


Untuk perpindahan DNS, pada waktu perpindahan (tengah malam 31 Desember 2010), agar mengarahkan “Name Server Data” di PANDI menjadi seperti berikut,


Name Server : ns.idola.net.id

IP Address :

Name Server : rajawali.idola.net.id

IP Address :


Pada pergantian DNS, waktu propagasi membutuhkan setidaknya 24 jam agar ter-update ke semua network di Internet.


Record DNS yang sekarang, beserta record DNS baru yg diinginkan ketika nanti server menggunakan IP Lintasarta, agar dapat kami buatkan dulu record-nya di DNS server kami, mohon untuk tidak menghapus terlebih dahulu record DNS tersebut sebelum perpindahan.


Record DNS yang sekarang :

202.46.xxx.xxx serpongx.xxxxx.go.id serpongx


Record DNS yang baru :

183.91.xxx.xxx serpongy.xxxxx.go.id serpongy




Perubahan Pengelolaan Nama Domain





Peralatan Uji Jaringan Komputer

Peralatan Uji Jaringan Komputer

Untuk mempermudah dan mempercepat diagnose kerusakan pada jaringan komputer dibutuhkan berbagai alat bantu, bisa berbentuk perangkat lunak, bisa juga berbentuk peralatan. Dengan adanya peralatan atau instrumen, kegagalan dapat diketahui secara lebih akurat, tidak hanya sekedar menggunakan feeling belaka. Peralatan dapat berbentuk hand held dan dapat berbentuk portable. Yang penting alat mudah dibawa kemana-mana dengan batere yang tahan lama, misal hingga 8 jam, bila perlu seharian kerja. Instrumen yang mungkin Anda perlukan untuk mengetahui kerusakan atau penurunan kinerja jaringan komputer antara lain :

  1. DTX CableAnalyzer™ Series
  2. EtherScope™ Series II Network Assistant
  3. LinkRunner™ Pro & Duo Network Multimeter
  4. CableIQ™ Qualification Tester
  5. NetTool™ Series II Inline Network Tester
  6. OptiView® Portable Network Analyzer
  7. AirCheck™ Wi-Fi Tester
  8. AirMagnet WiFi Analyzer
  9. AirMagnet Spectrum Analyzer
  10. AirMagnet Planner


DTX CableAnalyzer™ Series


The DTX CableAnalyzer Seriesfrom Fluke Networks is the testing platform for today and tomorrow. This revolutionary new future-proof platform significantly reduces total time to certify by improving every aspect of the testing process.


It starts with 9-second Cat 6 Autotest. That means you can meet TIA-568-C and ISO 11801:2002 certification requirements and receive structured cabling warranties faster than ever before. With all this speed also comes the highest accuracy as the DTX is the only tester to use a standards-compliant, electrically-centered permanent link test adapter. Furthermore, the DTX-1800 truly delivers on the promise of a futureproofing investment by measuring 10 Gig cable performance and Alien Crosstalk (ANEXT and AFEXT) in full compliance with the industry standards to 500 MHz. The AC Wiremap feature validates for Power over Ethernet services in accordance with TIA/EIA standards, even if a Midspan power supply is used. With over 40,000 units in use today, the DTX Series, is clearly the industry’s choice as the most trusted cable certifier.


Price Fluke Networks DTX-1800 CABLE ANALYZER = $ 7,979.80



EtherScope™ Series II Network Assistant


The handheld EtherScope analyzer assists network professionals with installation, validation and troubleshooting of Gigabit LANs and 802.11 wireless LANs. Install and integrate infrastructure easily by testing, verifying and fixing configuration issues during deployment. Validate network performance and service delivery by measuring key performance attributes and the availability and responsiveness of essential resources.


Diagnosis LAN health with one click. Close trouble tickets fast with guided drill-downs to the root cause. Audit the performance of the network on a regular, periodic basis to identify and correct emerging issues. The EtherScope Network Assistant makes testing is so simple practically anyone can troubleshoot problems instantly.


Price of Fluke Networks ES2-LAN-SX/I-LRD mainframe with LAN, RFC2544/ITO, SX Fiber, and LinkRunner DUO mainframe with Reflector =



LinkRunner™ Pro & Duo Network Multimeter


Today’s connectivity problems are more complex than ever. Users demand Gigabit connectivity. IT departments enforce stronger standards like 802.1X. And technologies like VoIP and WLAN have given rise to a greater reliance on PoE for power.


The LinkRunner Pro and Duo recognize this, and empower technicians to address today’s challenges with powerful new features and reporting capabilities. And, following the tradition of the original LinkRunner, they are designed for simplicity and ease-of-use to ensure rapid deployment and concise answers.


Vision to resolve a broader range of today’s link connectivity problems. That’s Network SuperVision.™ That’s Fluke Networks’ promise to you.


Price of LinkRunner Duo Carrier Etehrnet Tester Including Reflector & Li-Ion = $1895.00



CableIQ™ Qualification Tester


CableIQ is the first cabling bandwidth tester for network technicians. It gives even the most novice tech the vision to see what speeds existing cabling can support, quickly isolate cabling from network problems, and discover what is at the far end of any cable. That means network techs can close trouble tickets faster, reduce on-call time, and save money by better utilizing their existing infrastructure.


CableIQ’s powerful troubleshooting capability and intuitive interface enable your frontline technicians to identify and troubleshoot a wider range of problems within your infrastructure. Is the port active? Are the duplex settings matched? Is it a network problem or a cable problem? Can the cable support the required network bandwidth? CableIQ is the only tool that can answer all these questions before trouble tickets are escalated to the next level reducing problem escalation by up to 30%.


Price of Fluke Networks CIQ-100 CableIQ Qualification Tester =$930.75



NetTool™ Series II Inline Network Tester


Troubleshooting network connectivity problems can be a daunting and time-consuming task. Without the right tool, network techs can spend hours of unnecessary time with trial and error guesswork trying to isolate the problem.


Fluke Networks has put an end to the guessing game with the NetTool Series II Inline Network Tester. NetTool combines powerful NetProve diagnostics, inline Gigabit vision, VoIP Phone PC configuration testing in one palm-sized tool, so you’ll have everything you need to quickly resolve even the toughest connectivity problem. Plus, with the monitoring and authentication option, you’ll have the power to identify port-based security threats and maintain user connectivity in 802.1x environments.


Since no two networks are identical, Fluke Networks offers several NetTool models and options to match your individual requirements and to maximize the value of your NetTool investment. From our top-of-the-line NetTool Series II Network Service Kit to the entry-level NetTool 10/100, you will find a NetTool model that fits your network troubleshooting needs and your budget.


Price of Fluke Networks NTS2-PRO NETTOOL Series II Pro =



OptiView® Portable Network Analyzer


The OptiView Network Analyzer is like having a “virtual network engineer” with its advanced network analysis features, built-in expert advice and all-in-one capability for analysis, troubleshooting, monitoring, trending and alerting – you can manage the core, remote sites or critical network points with a single tool.


OptiView Portable Network Analyzer can help you:

  • Resolve network performance issues in real-time using vendor-independent infrastructure analysis, on-the-wire traffic analysis, and full-line rate packet capture/decode.
  • Solve tough problems – even if you’re not a packet decode geek – through application-centric protocol analysis that provides guidance, not just data.
  • Deploy, secure and troubleshoot wireless LANs.
  • Optimize network equipment to minimize outages and degradations.
  • Eliminate unwanted applications and enforce traffic and bandwidth policies through deep traffic analysis.
  • Assess, verify and prove network readiness for new applications, new technologies and infrastructure deployment.
  • Perform routine audits to identify regulatory compliance violations (HIPAA, PCI, SOX).
  • Maintain network integrity by discovering unauthorized devices and misuse of network equipment.
  • Save huge amounts of time and keep documentation up-to-date with OptiView’s automated reporting function.

Price of Fluke Networks OPVS3-GIG OptiView Series III Integrated Network Analyzer Pro Gigabit = $19,795.05



AirCheck™ Wi-Fi Tester


Wi-Fi is a complex technology, but testing it doesn’t have to be. The AirCheck Wi-Fi tester allows network professionals to quickly verify and troubleshoot 802.11 a/b/g/n networks.


Designed specifically for dispatched troubleshooting, AirCheck simplifies wireless testing by providing:

  • Just a few clicks to the answers you need with streamlined, guided troubleshooting
  • An instant view to required test results including network availability, connectivity, utilization, security settings, rogue hunting, and interference detection
  • A rugged, purpose-built Wi-Fi tester that’s easy to use and easy to carry

Its intuitive design makes it simple for anyone to quickly master AirCheck. Instant power-up and streamlined tests give answers in seconds so you can close trouble tickets faster – making technicians and users alike more productive. Easily manage test results and documentation using AirCheck Manager software. From start to finish, AirCheck helps take the guesswork out of everyday wireless troubleshooting.


Price of Fluke AirCheck Wi-Fi Tester 1.0 = $1,995



AirMagnet WiFi Analyzer


AirMagnet WiFi Analyzer is the industry standard tool for mobile auditing and troubleshooting enterprise Wi-Fi networks. AirMagnet WiFi Analyzer helps IT staff quickly solve end user issues while automatically detecting security threats and other wireless network vulnerabilities. The solution includes the industry’s only suite of active WLAN diagnostic tools, enabling network managers to easily test and diagnose dozens of common wireless performance issues including connectivity problems, device conflicts and signal multi-path problems.


AirMagnet WiFi Analyzer includes a full compliance reporting engine, which automatically maps collected network information to requirements for compliance with policy and regulations. AirMagnet WiFi Analyzer integrates with AirMagnet Spectrum Analyzer for simultaneous Layer 1 and Layer 2 Wi-Fi troubleshooting.


AirMagnet WiFi Analyzer is available in two versions: “WiFi Analyzer Express” provides the core building blocks of WiFi troubleshooting and auditing with the ability to see devices, automatically identify common problems and physically locate specific devices. “WiFi Analyzer PRO” significantly extends all the capabilities found in the Express version and adds many more to provide a WiFi tool to solve virtually any type of performance, security or reporting challenge in the field.





AirMagnet Spectrum Analyzer


Professional wireless networks depend on the presence of a strong reliable physical layer as the basis of communication. This fundamental requirement is a challenge for Wi-Fi networks, which must share the 2.4 GHz and 5 GHz spectrum with a variety of potentially interfering technologies.


AirMagnet Spectrum Analyzer solves this problem with an intuitive solution that allows IT staff to quickly analyze the local RF environment and identify specific sources of interference and their physical locations. It performs real-time RF spectrum analysis and pinpoints the location of problematic wireless devices, including Bluetooth, cordless phones, microwave ovens and video cameras, allowing IT staff to ensure optimal performance of their wireless networks.


The Spectrum Analyzer is an important part of the AirMagnet mobile toolset with the ability to integrate with AirMagnet Survey and AirMagnet WiFi Analyzer at critical stages of WLAN planning and deployment when Layer 1 analysis is needed most.


Price of AirMagnet Spectrum Analyzer IDs nonWiFi Includes PC card external antenna = $4,195.99



AirMagnet Planner


AirMagnet Planner takes the guess-work out of WLAN design andinstallation, making it easy for network professionals to accurately plan and deploy 802.11-based wireless networks in any indoor environment. The AirMagnet Planner accounts for building materials, obstructions, access point configurations, antenna patterns, and a host of other variables to provide a reliable predictive map of Wi-Fi signal and performance. It ensures full coverage for end-users while minimizing signal bleed into unsecured areas.


AirMagnet Planner can be purchased as a standalone product, as an integrated feature of AirMagnet Survey Express or built into AirMagnet Survey PRO.


Price of Fluke Networks AM/A4013G AirMagnet Planner Module, Software = $1,000.00



Peralatan Uji Jaringan Komputer