ABSTRAKSI: Keamanan sistem mampu memberikan garansi keamanan bagi user dalam berkomunikasi dengan user lain ataupun dengan server. Setiap user dalam suatu jaringan khususnya jaringan nirkabel lokal (Wireless Local Area Network ‐ WLAN) membutuhkan mobilitas tinggi dan jaminan privasi serta confidentiality. Semakin berkembangnya teknologi nirkabel membutuhkan pengamanan dari berbagai sisi, baik itu pengamanan jaringan secara aktif maupun secara pasif. Pengamanan secara aktif berarti memberikan jaminan kepada user atas availability jaringan nirkabel terhadap ancaman aktif seperti injeksi trafik (traffic injection), Denial of Service (DoS) maupun Distributed Denial of Service (DDoS). Pengamanan secara pasif berarti memberikan jaminan kerahasiaan data yang ditransmisikan user melalui jaringan terhadap tindakan penyadapan informasi
Crypto IP Encapsulation (CIPE) adalah suatu metode yang utamanya digunakan untuk mengamankan koneksi Virtual Private Network (VPN). Implementasi CIPE pada jaringan nirkabel dimungkinkan karena CIPE hanya menambahkan interface virtual yang berada antara layer transport dan layer network pada Open System Interconnection (OSI) Layer sehingga tidak berpengaruh pada layer fisik. Sistem operasi yang digunakan dalam implementasi CIPE adalah Debian 4 Etch dengan kompilasi ulang kernel 2.6.18.8.
Dengan menggunakan CIPE, serangan man‐in‐the‐middle berupa eavesdropping dan analisa trafik dapat dicegah meskipun fungsi enkripsi CIPE dinonaktifkan. Fungsi enkripsi tidak digunakan karena ketidaksesuaian dengan platform hardware yang digunakan, yaitu prosesor Symmetric Multi Processing (SMP).
Kata Kunci : keamanan jaringan, serangan man-in-the-middle, CIPEABSTRACT: System security can guarantee user in security aspect to communicate with another user or with the server. Each user in a network, especially Wireless Local Area Network (WLAN) needs high mobility, and guarantee in privacy and confidentiality. With the development of wireless network needs security from every aspect, whether it is active security or passive security. Active security means giving user a guarantee of availability in accessing wireless network against active attack, such as Denial of Service (DoS) or Distributed Denial of Service (DDoS). Passive security means giving guarantee in data confidentiality which is transmitted through the network against sniffing.
Crypto IP Encapsulation (CIPE) is a method which is mainly used to secure Virtual Private Network (VPN) connection. The implementation in wireless network is possible because CIPE just adding a virtual interface which is placed between transport layer and network layer in Open System Interconnection (OSI) layer, so it does not affect the physical layer. The Operating System that will be used in CIPE implementation is Debian 4 Etch with recompiled kernel of 2.6.18.8.
By using CIPE, man-in-the-middle attack such as eavesdropping and traffic analysis can be prevented though the encryption function is deactivated. The encryption function is not used because incompatibility with the hardware platform, which is Symmetric Multi Processing (SMP) processor.
Keyword: : network security, man‐in‐the‐middle attack, CIPE.