Analisis Keamanan Website SMA Negeri 2 Sumbawa Besar Menggunakan Metode Penetration Testing (Pentest)


  • Yudi Mulyanto Universitas Teknologi Sumbawa, Sumbawa, Indonesia
  • Mohammad Taufan Asri Zaen * Mail STMIK Lombok, Lombok Tengah, Indonesia https://orcid.org/0000-0002-9640-1735
  • Yuliadi Yuliadi Universitas Teknologi Sumbawa, Sumbawa, Indonesia
  • Safwan Sihab Universitas Teknologi Sumbawa, Sumbawa, Indonesia
  • (*) Corresponding Author
Keywords: Website; School; Cyber Crime; Analysis; Pentest Method

Abstract

Website security is becoming a very important aspect along with the increasing volume of data exchanged on the internet. High School 2 Sumbawa Besar provides information on a website, both information for school introductions or information related to schools can be through several media. Some time ago the school's website was attacked by information criminals who caused the appearance of the website to change and steal some important school data. Weak website security systems can be easy targets for cyber criminals. They know various ways to get into the website security system and perform various actions that can harm the organization. Based on the conditions that occurred on the school's website, a research was conducted to analyze the level of security and look for loopholes in the weaknesses of the High School 2 Sumbawa Besar  website. In this analysis, researchers tested the school's website using the Penetration Testing method. Test is carried out in several stages, namely Footprinting, Scanning Fingerprinting, Exploit and Reporting. The process of testing the website security of High School 2 Sumbawa Besar found several loopholes that detected 13 sub-file vulnerabilities with low and medium status. Results of this study are the results of security testing in the form of a list of vulnerabilities that can be a recommendation for the school in improving website security.

Downloads

Download data is not yet available.

References

R. Rodianto, I. Idham, Y. Yuliadi, M. T. A. Zaen, and W. Ramadhan, “Penerapan Network Development Life Cycle (NDLC) Dalam Pengembangan Jaringan Komputer Pada Badan Pengelolaan Keuangan dan Aset Daerah (BPKAD) Provinsi NTB,” J. Ilm. FIFO, vol. 14, no. 1, p. 35, 2022, doi: 10.22441/fifo.2022.v14i1.004.

J. R. Situmorang, “Pemanfaatan Internet Sebagai New Media Dalam Bidang Politik, Bisnis, Pendidikan dan Sosial Budaya,” J. Adm. Bisnis, vol. 8, no. 1, pp. 77–91, 2012, doi: 10.26593/jab.v8i1.418.

M. Reni Sehaffudin, N. Indrihastuti, and E. Gunawan, “Pengisi Air Minum Otomatis Dengan Gelas Khusus Berbasis Arduino Uno,” Cahaya Bagaskara J. Ilm. Tek. Elektron., vol. 2, no. 1, pp. 17–23, 2017, [Online]. Available: https://journal.trunojoyo.ac.id/jim/article/download/3958/2883

M. H. Ali, “Cyber Crime Menurut Undang-Undang Republik Indonesia Nomor 11 Tahun 2008 tentang Informasi dan Transaksi Elektronik (Perspektif Hukum Pidana Islam),” UIN ALAUDDIN MAKASSAR, 2012. [Online]. Available: http://repositori.uin-alauddin.ac.id/5756/1/Tesis_Moh. Haidar Ali_opt.pdf

F. Fachri, A. Fadlil, and I. Riadi, “Analisis Keamanan Webserver menggunakan Penetration Test,” J. Inform., vol. 8, no. 2, pp. 183–190, 2021, doi: 10.31294/ji.v8i2.10854.

I. Riadi, A. Yudhana, and Y. W, “Analisis Keamanan Website Open Journal System Menggunakan Metode Vulnerability Assessment,” J. Teknol. Inf. dan Ilmu Komput., vol. 7, no. 4, p. 853, 2020, doi: 10.25126/jtiik.2020701928.

I. SMANDA, “Website SMANDA Laman Resmi SMA Negeri 2 Sumbawa Besar,” 2018. https://sman2sumbawabesar.sch.id/ (accessed Jan. 23, 2018).

B. Wicaksono, Y. R. Kusumaningsih, and C. Iswahyudi, “Pengujian Celah Keamanan Aplikasi Berbasis Web Menggunakan Teknik Penetration Testing Dan Dast (Dynamic Application Security Testing),” Jarkom, vol. 8, no. 1, pp. 1–9, 2020, [Online]. Available: http://bagusw.win.

I. G. A. S. Sanjaya, G. M. A. Sasmita, and D. M. S. Arsa, “Evaluasi Keamanan Website Lembaga X Melalui Penetration Testing Menggunakan Framework ISSAF,” J. Ilm. Merpati (Menara Penelit. Akad. Teknol. Informasi), vol. 8, no. 2, p. 113, 2020, doi: 10.24843/jim.2020.v08.i02.p05.

F. Yudha, A. Muhammad, and P. Muryadi, “Perancangan Aplikasi Pengujian Celah Keamanan Pada Aplikasi Berbasis Web,” vol. 1, no. 1, pp. 1–6, 2018, [Online]. Available: https://ejournal.uin-suka.ac.id/saintek/cybersecurity/article/view/1101/1153

Y. Yunanri.W, Doddy Teguh Yuwono, Rodianto and 134Program, “Deteksi Serangan Vulnerability Pada Open Jurnal System Menggunakan Metode Black-Box,” J. Dea Mas, vol. 4, no. 1, pp. 68–77, 2021, [Online]. Available: www.uts.ac.id

Y. C. Ika Yusnita Sari, Muttaqin, Jamaludin, Janner Simarmata, M. Arif Rahman, AKbar Iskandar, ANdrew Fernando Pakpahan, Abdul Karim, Sugianto, Keamanan Data dan Informasi, Cetakan 1. Yayasan Kita Menulis. [Online]. Available: https://www.google.co.id/books/edition/Keamanan_Data_dan_Informasi/WFoMEAAAQBAJ?hl=en&gbpv=1&dq=keamanan+data+dan+informasi&pg=PA96&printsec=frontcover

A. M. Elu, “Rancang Bangun Aplikasi Pendeteksian Vulnerability Structured Query Language (SQL) Injection Untuk Keamanan Website,” J. Teknol. Inf., vol. VII, no. 1, pp. 111–124, 2013, [Online]. Available: https://jti.respati.ac.id/index.php/jurnaljti/article/download/53/46

D. K. Abdul Kholiq, “Analisis Keamanan Wireless Local Area Network (WLAN) Dengan Metode Penetration Testing Execution Standard (PTES) (Studi Kasus : PT. Win Prima Logistik),” 46 J. Ilm. Fak. Tek. LIMIT’S Vol.15, vol. 15, no. 1, pp. 46–55, 2019, [Online]. Available: https://teknik.usni.ac.id/jurnal/ABDUL KHOLIQ.pdf

B. V. Tarigan, A. Kusyanti, and W. Yahya, “Analisis Perbandingan Penetration Testing Tool Untuk Aplikasi Web,” J. Pengemb. Teknol. Inf. dan Ilmu Komput., vol. 1, no. 3, pp. 206–214, 2017, [Online]. Available: http://j-ptiik.ub.ac.id/index.php/j-ptiik/article/download/73/37

F. Y. Fauzan, “Analisis Metode Web Security PTES ( Penetration Testing Execution And Standart ) Pada Aplikasi E-Learning Universitas Negeri Padang dari keamanan web adalah sebanyak 96 dengan disimpulkan Acunetix Threat Level 2 yaitu pada level Medium yang artinya tidak,” J. Vocat. Tek. Elektron. dan Inform., vol. 9, no. 2, 2021, [Online]. Available: http://ejournal.unp.ac.id/index.php/voteknika/article/download/111778/105248


Bila bermanfaat silahkan share artikel ini

Berikan Komentar Anda terhadap artikel Analisis Keamanan Website SMA Negeri 2 Sumbawa Besar Menggunakan Metode Penetration Testing (Pentest)

Dimensions Badge
Article History
Submitted: 2022-10-07
Published: 2022-10-31
Abstract View: 184 times
PDF Download: 206 times
How to Cite
Mulyanto, Y., Zaen, M., Yuliadi, Y., & Sihab, S. (2022). Analisis Keamanan Website SMA Negeri 2 Sumbawa Besar Menggunakan Metode Penetration Testing (Pentest). Journal of Information System Research (JOSH), 4(1), 202-209. https://doi.org/10.47065/josh.v4i1.2335
Section
Articles