PENETRATION TESTING FOR VULNERABILITY ASSESSMENT OF ACADEMIC INFORMATION SYSTEM ON HIGH SCHOOL OF TECHNOLOGY XYZ Dayan Singasatia (a*); Joko Saputro (b); M. Hafid Totohendarto (c)
Department of Informatics
STT Wastukancana
Purwakarta
Abstract
Computer security system is increasingly needed along with the increase in computer users connected to the internet network, this can lead to threats of cyber crime by irresponsible people. In this case High School of Technology XYZ is currently growing bigger and has various kinds of information systems in carrying out its operational activities, one of which is a server that stores various data such as student grades, lecturer data and other important data. Often the security problems of application systems and web servers are ignored and the importance of new security is realized after a disaster occurs. Without good security, the application of technology as great as any will seriously endanger the institution or organization itself.
Based on this background, assessment is needed to measure the level of vulnerability in the security of existing computer systems and networks. The vulnerability assessment using penetration testing methods with the blackbox pentest and the greybox pentest technique. In this case, this study uses guidelines from CEH (Certified Ethical Hacker), Acunetix, and CISSP (Certified Information System Security Professional) modules.
The results of penetration testing for the evaluation of security vulnerabilities to websites and database servers in this school are at the medium level because they have implemented a security system is quite good so that only a few vulnerabilities found that do not have a bad impact to the system.
