Vulnerability Testing pada Sistem Administrasi Rumah Sakit X

David Harjowinoto(1*), Agustinus Noertjahyana(2), Justinus Andjarwirawan(3),


(1) Program Studi Teknik Informatika
(2) Program Studi Teknik Informatika
(3) Program Studi Teknik Informatika
(*) Corresponding Author

Abstract


The development and growth of Hospital X is getting bigger and bigger, and has information system in running their operational activities. Hospital X itself has a server to support its activities, especially the administration system which contains data about their patients. With the availability of the network at the Hospital X, either through Wi-Fi or an Ethernet cable, therefore it should be noted the bonds between networks and servers. Furthermore it is an important need nowadays to help minimize and anticipate the hacking crimes of the existing servers. One of the things that can be done is to monitor the administration and conduct vulnerability testing.

Based on the background of the problem, it is necessary to evaluate server and network security using the vulnerability / penetration testing. In addition, this study also uses the guidelines of the CEH (Certified Ethical Hacker), Acunetix, and CISSP (Certified Information Systems Security Professional) modules. The testing of this thesis aims to find weaknesses in the administration system at Hospital X. Some problems were discovered after testing, which each of the weaknesses has different handling or treatment, physical security server weak, and unused opened ports that should not be open.

The solution offered to solve these problems, are: the use of Acunetix and CISSP as a standard network security as the solution to anticipate weaknesses, to perform maintenance on a regular basis for the hardware, software, and network, to filter the existing port, to increase the level of security of the server, and to test security regularly and periodically, either through consultation with the related field experts or using a guide (like Acunetix, CEH, and CISSP).


Keywords


Penetration Testing; Vulnerability Testing; Certified Ethical Hacker; Administration System; Hospital

Full Text:

PDF

References


Acunetix. 2015. Analyzing the Scan Results. URI= http://www.acunetix.com/support/docs/wvs/analyzing-scan-results/

Conrad, E. 2011. Eleventh Hour CISSP Study Guide. Amerika: SYNGRESS

EC-Council. 2012. Certified Ethical Hacker v8: Module 01 Introduction to Ethical Hacking. Amerika: EC-Council.

EC-Council. 2012. Certified Ethical Hacker v8: Module 02 Footprinting and Reconnaissance. Amerika: EC-Council

EC-Council. 2012. Certified Ethical Hacker v8: Module 03 Scanning Networks. Amerika: EC-Council.

EC-Council. 2012. Certified Ethical Hacker v8: Module 04 Enumeration. Amerika: EC-Council.

EC-Council. 2012. Certified Ethical Hacker v8: Module 05 System Hacking. Amerika: EC-Council.

EC-Council. 2012. Certified Ethical Hacker v8: Module 20 Penetration Testing. Amerika: EC-Council.


Refbacks

  • There are currently no refbacks.


Jurnal telah terindeks oleh :