SlideShare a Scribd company logo

Access RouterOS using Multi-Factor Authentication

D
Didiet Kusumadihardja

This document discusses the implementation of multi-factor authentication on MikroTik RouterOS, emphasizing security practices for network management. It details the necessary steps for generating and utilizing SSH keys, recommends securing access through specific IP addresses, and highlights additional security measures such as VPN and port knocking. The author, Didiet Kusumadihardja, is a seasoned IT professional with extensive experience in various IT services and emphasizes the importance of layered security strategies.

Internet
Related topics:
Cyber-SecurityComputer Networking Information Security
1 of 29
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
ACCESS ROUTEROS USING MULTI-FACTOR AUTHENTICATION MIKROTIK USER MEETING 2018 Didiet Kusumadihardja | didiet@arch.web.id Yogyakarta, Indonesia | 20 Oktober 2018
About Me Didiet Kusumadihardja | didiet@arch.web.id 2 Didiet Kusumadihardja  12 tahun pengalaman di IT RT/RW Net, Startup (e-commerce), Manage Service, IT Consulting, IT Auditor, Penetration Tester & Training Service  Penguji UKK TKJ  Mikrotik Certified Trainer  Mikrotik Certified Consultant https://about.me/didiet
Services Offered Didiet Kusumadihardja | didiet@arch.web.id 3 1. Network Assessment/Design Service 2. IT General Control Audit Service 3. Vulnerability Assessment & Penetration Testing Service 4. IT Due Diligence Service 5. Training Service • UU ITE No 11 Tahun 2008 • POJK 38/POJK.03/2016 • SEOJK 21/SEOJK.03/2017 • PBI 16/8/PBI/2014  PCI DSS  ISO 27001 Planning Discovery Attack Reporting Additional Discovery
Background4 Didiet Kusumadihardja | didiet@arch.web.id
Data Breaches News 2016 Didiet Kusumadihardja | didiet@arch.web.id 5
Data Breaches News 2017 Didiet Kusumadihardja | didiet@arch.web.id 6
Data Breaches News 2018 Didiet Kusumadihardja | didiet@arch.web.id 7
MikroTik Security Fixed Didiet Kusumadihardja | didiet@arch.web.id 8  6.38.5 (9 Maret 2017) www - fixed http server vulnerability  6.41.3 (8 Maret 2018) smb - fixed buffer overflow vulnerability, everyone using this feature is urged to upgrade  6.42.1 (23 April 2018) winbox - fixed vulnerability that allowed to gain access to an unsecured router  6.42.7 (17 Agustus 2018) security - fixed vulnerabilities CVE-2018-1156, CVE- 2018-1157, CVE-2018-1158, CVE-2018-1159
Exploits Didiet Kusumadihardja | didiet@arch.web.id 9
Amount of Time to Crack Passwords Didiet Kusumadihardja | didiet@arch.web.id 10
Processing Power vs Passwords Didiet Kusumadihardja | didiet@arch.web.id 11
Reality Didiet Kusumadihardja | didiet@arch.web.id 12 Dictionary Attack Brute Force Attack ExploitsPassword Dictionary Bad Guys
Humans and Password Didiet Kusumadihardja | didiet@arch.web.id 13
Password Tips Didiet Kusumadihardja | didiet@arch.web.id 14
Indonesia Regulation Didiet Kusumadihardja | didiet@arch.web.id 15
How we do it with RouterOS?16 Didiet Kusumadihardja | didiet@arch.web.id
Multi-Factor Authentication on RouterOS Didiet Kusumadihardja | didiet@arch.web.id 17  Something you know  Password  Something you have  SSH Keys  Somewhere you from  IP Address
Create SSH Public & Private Key Didiet Kusumadihardja | didiet@arch.web.id 18 1. Generate 2. Save Private Key 3. Copy Public Key and save to file 1 2 3 For OS X and Linux users can use ‘ssh-keygen’
RouterOS Configuration Didiet Kusumadihardja | didiet@arch.web.id 19 1. Upload Public Key 2. Create New User 3. Import SSH Key
Login using SSH Keys Didiet Kusumadihardja | didiet@arch.web.id 20 1 2 Connection > SSH > Auth
Only permit from specific IP address Didiet Kusumadihardja | didiet@arch.web.id 21
Other Methods (1/3) Didiet Kusumadihardja | didiet@arch.web.id 22 Port Knocking https://wiki.mikrotik.com/wiki/Port_Knocking
Other Methods (2/3) Didiet Kusumadihardja | didiet@arch.web.id 23 VPN then remote access 1. VPN (PPTP/SSTP/OpenVPN) 2. Remote Access (Winbox/SSH) VPN Network Address
Other Methods (3/3) Didiet Kusumadihardja | didiet@arch.web.id 24 Out of Band Network Management Network
Audit Trail / Log as Evidence Didiet Kusumadihardja | didiet@arch.web.id 25
Audit Trail / Log using The Dude Didiet Kusumadihardja | didiet@arch.web.id 26
Summary Didiet Kusumadihardja | didiet@arch.web.id 27 Defense in Depth Layers 1. Policies, Procedure, and Awareness 2. Physical 3. Perimeter 4. Internal Network 5. Host 6. Application 7. Data
Reference Didiet Kusumadihardja | didiet@arch.web.id 28  ArsTechnica. 2012. 25-GPU cluster cracks every standard Windows password in <6 hours. https://arstechnica.com/information-technology/2012/12/25-gpu-cluster-cracks-every-standard-windows- password-in-6-hours/.  BetterBuys. Estimating Password-Cracking Times. https://www.betterbuys.com/estimating-password-cracking- times/.  C# Corner. 2015. Passphrase vs Password For Security. https://www.c- sharpcorner.com/UploadFile/66489a/passphrase-vs-password-for-the-security/.  Information is beautiful. 2018. World’s Biggest Data Breaches. http://www.informationisbeautiful.net/visualizations/worlds-biggest-data-breaches-hacks/.  MikroTik. 2015. Port Knocking. https://wiki.mikrotik.com/wiki/Port_Knocking.  MikroTik. 2016. Manual: The Dude v6/Syslog. https://wiki.mikrotik.com/wiki/Manual:The_Dude_v6/Syslog.  NIST. 2017. Easy Ways to Build a Better P@$5w0rd. https://www.nist.gov/blogs/taking-measure/easy-ways-build- better-p5w0rd.  Records Management Center. 2017. Identity Theft – Is It All Digital. https://rmcmaine.com/identity-theft-report/.  Reuters. 2017. Yahoo says all three billion accounts hacked in 2013 data theft. https://www.reuters.com/article/us- yahoo-cyber/yahoo-says-all-three-billion-accounts-hacked-in-2013-data-theft-idUSKCN1C82O1.  ScienceDirect. 2017. Towards port-knocking authentication methods for mobile cloud computing. https://www.sciencedirect.com/science/article/pii/S1084804517302813 (Accessed 2018-09-04).  The Hacker News. 2018. Hackers Infect Over 200,000 MikroTik Routers With Crypto Mining Malware. https://thehackernews.com/2018/08/mikrotik-router-hacking.html.  The New York Times. 2016. Yahoo Says 1 Billion User Accounts Were Hacked. https://www.nytimes.com/2016/12/14/technology/yahoo-hack.html.
Diijinkan menggunakan sebagian atau seluruh materi pada modul ini, baik berupa ide, foto, tulisan, konfigurasi dan diagram selama untuk kepentingan pengajaran, dan memberikan kredit kepada penulis serta link ke www.arch.web.id 29 Didiet Kusumadihardja Mobile: +62 813 1115 0054 e-mail: didiet@arch.web.id Didiet Kusumadihardja | didiet@arch.web.id

More Related Content

PDF
IoT Security in Action - Boston Sept 2015
Eurotech
 
PPTX
Security and Authentication of Internet of Things (IoT) Devices
SanjayKumarYadav58
 
PPTX
Internet of things security challenges
Hadi Fadlallah
 
PPTX
Cybersecurity Implementation and Certification in Practice for IoT Equipment
Onward Security
 
PDF
IoT security fresh thinking 2017 sep 9
Arvind Tiwary
 
PDF
IoT Security Challenges
Forest Interactive
 
PDF
AuthentiThings: The Pitfalls and Promises of Authentication in the IoT
TransUnion
 
PPTX
Internet of Things Security
Tutun Juhana
 
IoT Security in Action - Boston Sept 2015
Eurotech
 
Security and Authentication of Internet of Things (IoT) Devices
SanjayKumarYadav58
 
Internet of things security challenges
Hadi Fadlallah
 
Cybersecurity Implementation and Certification in Practice for IoT Equipment
Onward Security
 
IoT security fresh thinking 2017 sep 9
Arvind Tiwary
 
IoT Security Challenges
Forest Interactive
 
AuthentiThings: The Pitfalls and Promises of Authentication in the IoT
TransUnion
 
Internet of Things Security
Tutun Juhana
 

What's hot (20)

PDF
国际物联网安全标准与认证大解析
Onward Security
 
PPTX
Enabling Data Protection through PKI encryption in IoT m-Health Devices
Charalampos Doukas
 
PDF
Technology & Policy Interaction Panel at Inform[ED] IoT Security
CableLabs
 
PPTX
Security Testing for IoT Systems
Security Innovation
 
PDF
Cybersecurity Summit AHR20 Protect Cimetrics
Cimetrics Inc
 
PDF
The Future of Authentication for IoT
FIDO Alliance
 
PDF
IoT/M2M Security
Yu-Hsin Hung
 
PDF
Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...
CableLabs
 
PDF
Cybersecurity Summit 2020 Slide Deck
Cimetrics Inc
 
PDF
Understanding IoT Security: How to Quantify Security Risk of IoT Technologies
Denim Group
 
PDF
IoT Security Challenges and Solutions
Intel® Software
 
PDF
Security Aspects in IoT - A Review
Asiri Hewage
 
DOC
Adarsh Resume ISO27001
Adarsh HIRENALLUR
 
PDF
IoT Security
Narudom Roongsiriwong, CISSP
 
PPTX
Security for iot and cloud aug 25b 2017
Ulf Mattsson
 
PPTX
IoT Security: Cases and Methods
Leonardo De Moura Rocha Lima
 
PDF
1 importance of light weight authentication in iot
Chintan Patel
 
PPTX
Addressing Healthcare Challenges Today
Ivanti
 
PDF
SCADA Cyber Sec | ISACA 2013 | Patricia Watson
Patricia M Watson
 
PPTX
Industrial IoT Security Standards & Frameworks
Priyanka Aash
 
国际物联网安全标准与认证大解析
Onward Security
 
Enabling Data Protection through PKI encryption in IoT m-Health Devices
Charalampos Doukas
 
Technology & Policy Interaction Panel at Inform[ED] IoT Security
CableLabs
 
Security Testing for IoT Systems
Security Innovation
 
Cybersecurity Summit AHR20 Protect Cimetrics
Cimetrics Inc
 
The Future of Authentication for IoT
FIDO Alliance
 
IoT/M2M Security
Yu-Hsin Hung
 
Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...
CableLabs
 
Cybersecurity Summit 2020 Slide Deck
Cimetrics Inc
 
Understanding IoT Security: How to Quantify Security Risk of IoT Technologies
Denim Group
 
IoT Security Challenges and Solutions
Intel® Software
 
Security Aspects in IoT - A Review
Asiri Hewage
 
Adarsh Resume ISO27001
Adarsh HIRENALLUR
 
IoT Security
Narudom Roongsiriwong, CISSP
 
Security for iot and cloud aug 25b 2017
Ulf Mattsson
 
IoT Security: Cases and Methods
Leonardo De Moura Rocha Lima
 
1 importance of light weight authentication in iot
Chintan Patel
 
Addressing Healthcare Challenges Today
Ivanti
 
SCADA Cyber Sec | ISACA 2013 | Patricia Watson
Patricia M Watson
 
Industrial IoT Security Standards & Frameworks
Priyanka Aash
 
Ad

Similar to Access RouterOS using Multi-Factor Authentication (20)

PPTX
Fools your enemy with MikroTik
Didiet Kusumadihardja
 
PPTX
Presentation ANS Lab.pptx
MuhammadArbabMaalik
 
PDF
MikroTik Hotspot 2.0 (IEEE 802.11u) - MUM Jakarta 2016
Rofiq Fauzi
 
PDF
ADRecon - Detection CHCON 2018
prashant3535
 
PDF
State of the ATT&CK
MITRE ATT&CK
 
PDF
515727533-sy0-601-07-9082366-06yop-12.pdf
pspc139
 
PDF
Appliquez le modèle Zero Trust pour le Hardening de votre Azure AD !
Identity Days
 
PPTX
Enter The Matrix Securing Azure’s Assets
BizTalk360
 
PPTX
CCSA Treinamento_CheckPoint.pptx
EBERTE
 
PPTX
DUO-CSC-Information Technology Presentation-Solution.pptx
eskielll1
 
PDF
Ariyo - EUDAT CDI B2 services documentation
EUDAT
 
PPTX
How to Simplify and Accelerate Passkey Adoption.pptx
LoriGlavin3
 
PDF
OpenID 4 Verifiable Credentials + HAIP (Update)
Torsten Lodderstedt
 
PDF
Compliance and Zero Trust Ambient Mesh
Christian Posta
 
PPTX
Distributed Ledger PKI Risk Management Framework, Rob Campbell
Napier University
 
PPTX
FIDO Masterclass
FIDO Alliance
 
PDF
MikroTik Security
Rofiq Fauzi
 
PPTX
Security in microservices architectures
inovia
 
PPTX
CIRA Labs - Secure Home Gateway Project 2019-03.pptx
ssuserfb92ae
 
PPTX
Webinar: Securing IoT with FIDO Authentication
FIDO Alliance
 
Fools your enemy with MikroTik
Didiet Kusumadihardja
 
Presentation ANS Lab.pptx
MuhammadArbabMaalik
 
MikroTik Hotspot 2.0 (IEEE 802.11u) - MUM Jakarta 2016
Rofiq Fauzi
 
ADRecon - Detection CHCON 2018
prashant3535
 
State of the ATT&CK
MITRE ATT&CK
 
515727533-sy0-601-07-9082366-06yop-12.pdf
pspc139
 
Appliquez le modèle Zero Trust pour le Hardening de votre Azure AD !
Identity Days
 
Enter The Matrix Securing Azure’s Assets
BizTalk360
 
CCSA Treinamento_CheckPoint.pptx
EBERTE
 
DUO-CSC-Information Technology Presentation-Solution.pptx
eskielll1
 
Ariyo - EUDAT CDI B2 services documentation
EUDAT
 
How to Simplify and Accelerate Passkey Adoption.pptx
LoriGlavin3
 
OpenID 4 Verifiable Credentials + HAIP (Update)
Torsten Lodderstedt
 
Compliance and Zero Trust Ambient Mesh
Christian Posta
 
Distributed Ledger PKI Risk Management Framework, Rob Campbell
Napier University
 
FIDO Masterclass
FIDO Alliance
 
MikroTik Security
Rofiq Fauzi
 
Security in microservices architectures
inovia
 
CIRA Labs - Secure Home Gateway Project 2019-03.pptx
ssuserfb92ae
 
Webinar: Securing IoT with FIDO Authentication
FIDO Alliance
 
Ad

More from Didiet Kusumadihardja (6)

PDF
Didiet Cybersecurity Consultant Portfolio - English
Didiet Kusumadihardja
 
PDF
Manajemen wireless rogue
Didiet Kusumadihardja
 
PDF
Personally identifiable information
Didiet Kusumadihardja
 
PDF
Adequate password policy
Didiet Kusumadihardja
 
PDF
Notifikasi penggunaan sistem
Didiet Kusumadihardja
 
PDF
Didiet Cyber Security Consultant Portfolio - Bahasa Indonesia
Didiet Kusumadihardja
 
Didiet Cybersecurity Consultant Portfolio - English
Didiet Kusumadihardja
 
Manajemen wireless rogue
Didiet Kusumadihardja
 
Personally identifiable information
Didiet Kusumadihardja
 
Adequate password policy
Didiet Kusumadihardja
 
Notifikasi penggunaan sistem
Didiet Kusumadihardja
 
Didiet Cyber Security Consultant Portfolio - Bahasa Indonesia
Didiet Kusumadihardja
 

Recently uploaded (20)

PDF
APNIC Update, presented at PHNOG 2025 by Shane Hermoso
APNIC
 
PPTX
Introduction to Information and Communication Technology
AkmadArzieAyao1
 
PDF
The New Creative Director: How AI Tools for Social Media Content Creation Are...
SageTitans
 
PPTX
artificial intelligence overview of it and more
yafotin445
 
PDF
Testing WebRTC applications at scale.pdf
Giacomo Vacca
 
PDF
Introduction to the IoT system, how the IoT system works
TinBinh
 
PPTX
June-4-Sermon-Powerpoint.pptx USE THIS FOR YOUR MOTIVATION
KuyaRogie
 
PPT
tcp ip networks nd ip layering assotred slides
pakadamfdp
 
PPTX
Internet___Basics___Styled_ presentation
poonam62133
 
PPTX
INTERNET------BASICS-------UPDATED PPT PRESENTATION
poonam62133
 
PPTX
Funds Management Learning Material for Beg
NKKumar16
 
PPTX
CHE NAA, , b,mn,mblblblbljb jb jlb ,j , ,C PPT.pptx
sumodmjohn3
 
PDF
Unit-1 introduction to cyber security discuss about how to secure a system
shivangisharma636228
 
PDF
Sims 4 Historia para lo sims 4 para jugar
lolpopy34
 
PDF
SASE Traffic Flow - ZTNA Connector-1.pdf
mackwell7777
 
PDF
RPKI Status Update, presented by Makito Lay at IDNOG 10
APNIC
 
PPTX
Introuction about WHO-FIC in ICD-10.pptx
naveenithkrishnan
 
PDF
Paper PDF World Game (s) Great Redesign.pdf
Steven McGee
 
PPTX
international classification of diseases ICD-10 review PPT.pptx
naveenithkrishnan
 
PPTX
Module 1 - Cyber Law and Ethics 101.pptx
anantyakhrisna1
 
APNIC Update, presented at PHNOG 2025 by Shane Hermoso
APNIC
 
Introduction to Information and Communication Technology
AkmadArzieAyao1
 
The New Creative Director: How AI Tools for Social Media Content Creation Are...
SageTitans
 
artificial intelligence overview of it and more
yafotin445
 
Testing WebRTC applications at scale.pdf
Giacomo Vacca
 
Introduction to the IoT system, how the IoT system works
TinBinh
 
June-4-Sermon-Powerpoint.pptx USE THIS FOR YOUR MOTIVATION
KuyaRogie
 
tcp ip networks nd ip layering assotred slides
pakadamfdp
 
Internet___Basics___Styled_ presentation
poonam62133
 
INTERNET------BASICS-------UPDATED PPT PRESENTATION
poonam62133
 
Funds Management Learning Material for Beg
NKKumar16
 
CHE NAA, , b,mn,mblblblbljb jb jlb ,j , ,C PPT.pptx
sumodmjohn3
 
Unit-1 introduction to cyber security discuss about how to secure a system
shivangisharma636228
 
Sims 4 Historia para lo sims 4 para jugar
lolpopy34
 
SASE Traffic Flow - ZTNA Connector-1.pdf
mackwell7777
 
RPKI Status Update, presented by Makito Lay at IDNOG 10
APNIC
 
Introuction about WHO-FIC in ICD-10.pptx
naveenithkrishnan
 
Paper PDF World Game (s) Great Redesign.pdf
Steven McGee
 
international classification of diseases ICD-10 review PPT.pptx
naveenithkrishnan
 
Module 1 - Cyber Law and Ethics 101.pptx
anantyakhrisna1
 

Access RouterOS using Multi-Factor Authentication

  • 1. ACCESS ROUTEROS USING MULTI-FACTOR AUTHENTICATION MIKROTIK USER MEETING 2018 Didiet Kusumadihardja | didiet@arch.web.id Yogyakarta, Indonesia | 20 Oktober 2018
  • 2. About Me Didiet Kusumadihardja | didiet@arch.web.id 2 Didiet Kusumadihardja  12 tahun pengalaman di IT RT/RW Net, Startup (e-commerce), Manage Service, IT Consulting, IT Auditor, Penetration Tester & Training Service  Penguji UKK TKJ  Mikrotik Certified Trainer  Mikrotik Certified Consultant https://about.me/didiet
  • 3. Services Offered Didiet Kusumadihardja | didiet@arch.web.id 3 1. Network Assessment/Design Service 2. IT General Control Audit Service 3. Vulnerability Assessment & Penetration Testing Service 4. IT Due Diligence Service 5. Training Service • UU ITE No 11 Tahun 2008 • POJK 38/POJK.03/2016 • SEOJK 21/SEOJK.03/2017 • PBI 16/8/PBI/2014  PCI DSS  ISO 27001 Planning Discovery Attack Reporting Additional Discovery
  • 5. Data Breaches News 2016 Didiet Kusumadihardja | didiet@arch.web.id 5
  • 6. Data Breaches News 2017 Didiet Kusumadihardja | didiet@arch.web.id 6
  • 7. Data Breaches News 2018 Didiet Kusumadihardja | didiet@arch.web.id 7
  • 8. MikroTik Security Fixed Didiet Kusumadihardja | didiet@arch.web.id 8  6.38.5 (9 Maret 2017) www - fixed http server vulnerability  6.41.3 (8 Maret 2018) smb - fixed buffer overflow vulnerability, everyone using this feature is urged to upgrade  6.42.1 (23 April 2018) winbox - fixed vulnerability that allowed to gain access to an unsecured router  6.42.7 (17 Agustus 2018) security - fixed vulnerabilities CVE-2018-1156, CVE- 2018-1157, CVE-2018-1158, CVE-2018-1159
  • 9. Exploits Didiet Kusumadihardja | didiet@arch.web.id 9
  • 10. Amount of Time to Crack Passwords Didiet Kusumadihardja | didiet@arch.web.id 10
  • 11. Processing Power vs Passwords Didiet Kusumadihardja | didiet@arch.web.id 11
  • 12. Reality Didiet Kusumadihardja | didiet@arch.web.id 12 Dictionary Attack Brute Force Attack ExploitsPassword Dictionary Bad Guys
  • 13. Humans and Password Didiet Kusumadihardja | didiet@arch.web.id 13
  • 14. Password Tips Didiet Kusumadihardja | didiet@arch.web.id 14
  • 16. How we do it with RouterOS?16 Didiet Kusumadihardja | didiet@arch.web.id
  • 17. Multi-Factor Authentication on RouterOS Didiet Kusumadihardja | didiet@arch.web.id 17  Something you know  Password  Something you have  SSH Keys  Somewhere you from  IP Address
  • 18. Create SSH Public & Private Key Didiet Kusumadihardja | didiet@arch.web.id 18 1. Generate 2. Save Private Key 3. Copy Public Key and save to file 1 2 3 For OS X and Linux users can use ‘ssh-keygen’
  • 19. RouterOS Configuration Didiet Kusumadihardja | didiet@arch.web.id 19 1. Upload Public Key 2. Create New User 3. Import SSH Key
  • 20. Login using SSH Keys Didiet Kusumadihardja | didiet@arch.web.id 20 1 2 Connection > SSH > Auth
  • 21. Only permit from specific IP address Didiet Kusumadihardja | didiet@arch.web.id 21
  • 22. Other Methods (1/3) Didiet Kusumadihardja | didiet@arch.web.id 22 Port Knocking https://wiki.mikrotik.com/wiki/Port_Knocking
  • 23. Other Methods (2/3) Didiet Kusumadihardja | didiet@arch.web.id 23 VPN then remote access 1. VPN (PPTP/SSTP/OpenVPN) 2. Remote Access (Winbox/SSH) VPN Network Address
  • 24. Other Methods (3/3) Didiet Kusumadihardja | didiet@arch.web.id 24 Out of Band Network Management Network
  • 25. Audit Trail / Log as Evidence Didiet Kusumadihardja | didiet@arch.web.id 25
  • 26. Audit Trail / Log using The Dude Didiet Kusumadihardja | didiet@arch.web.id 26
  • 27. Summary Didiet Kusumadihardja | didiet@arch.web.id 27 Defense in Depth Layers 1. Policies, Procedure, and Awareness 2. Physical 3. Perimeter 4. Internal Network 5. Host 6. Application 7. Data
  • 28. Reference Didiet Kusumadihardja | didiet@arch.web.id 28  ArsTechnica. 2012. 25-GPU cluster cracks every standard Windows password in <6 hours. https://arstechnica.com/information-technology/2012/12/25-gpu-cluster-cracks-every-standard-windows- password-in-6-hours/.  BetterBuys. Estimating Password-Cracking Times. https://www.betterbuys.com/estimating-password-cracking- times/.  C# Corner. 2015. Passphrase vs Password For Security. https://www.c- sharpcorner.com/UploadFile/66489a/passphrase-vs-password-for-the-security/.  Information is beautiful. 2018. World’s Biggest Data Breaches. http://www.informationisbeautiful.net/visualizations/worlds-biggest-data-breaches-hacks/.  MikroTik. 2015. Port Knocking. https://wiki.mikrotik.com/wiki/Port_Knocking.  MikroTik. 2016. Manual: The Dude v6/Syslog. https://wiki.mikrotik.com/wiki/Manual:The_Dude_v6/Syslog.  NIST. 2017. Easy Ways to Build a Better P@$5w0rd. https://www.nist.gov/blogs/taking-measure/easy-ways-build- better-p5w0rd.  Records Management Center. 2017. Identity Theft – Is It All Digital. https://rmcmaine.com/identity-theft-report/.  Reuters. 2017. Yahoo says all three billion accounts hacked in 2013 data theft. https://www.reuters.com/article/us- yahoo-cyber/yahoo-says-all-three-billion-accounts-hacked-in-2013-data-theft-idUSKCN1C82O1.  ScienceDirect. 2017. Towards port-knocking authentication methods for mobile cloud computing. https://www.sciencedirect.com/science/article/pii/S1084804517302813 (Accessed 2018-09-04).  The Hacker News. 2018. Hackers Infect Over 200,000 MikroTik Routers With Crypto Mining Malware. https://thehackernews.com/2018/08/mikrotik-router-hacking.html.  The New York Times. 2016. Yahoo Says 1 Billion User Accounts Were Hacked. https://www.nytimes.com/2016/12/14/technology/yahoo-hack.html.
  • 29. Diijinkan menggunakan sebagian atau seluruh materi pada modul ini, baik berupa ide, foto, tulisan, konfigurasi dan diagram selama untuk kepentingan pengajaran, dan memberikan kredit kepada penulis serta link ke www.arch.web.id 29 Didiet Kusumadihardja Mobile: +62 813 1115 0054 e-mail: didiet@arch.web.id Didiet Kusumadihardja | didiet@arch.web.id