Simulasi Sistem Keamanan Jaringan Komputer Berbasis IPS Snort dan Honeypot Artilery

Aminanto, Alja; Sulistyo, Wiwin

doi:10.24246/aiti.v16i2.135-150

Cited by 2 publications

(4 citation statements)

References 0 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…SPDLC Method SPDLC is described as a stage starting from the evaluation stage which validates the effectiveness of the initial analysis stage [10] [11]. Feedback from this evaluation can have an impact on changes in the architecture and technology used today [6] [12]. The explanation of the stages in Figure 1 is as follows:…”

Section: Methodsmentioning

confidence: 99%

“…The snort program can be operated in three modes: a. Packet Sniffer Reads packets from the network and shows an uninterrupted stream from on the console (screen). [12] If you only want to see the header packets from TCP/IP on the screen, try using the command : ./snort -v b. Packet Logger Logs the packets to disk. If you want to keep a log of packets to disk, it is necessary to include a logging directory, i.e.…”

Section: Snortmentioning

confidence: 99%

“…where the log data is stored on it. [12] Using the following command Snort will automatically run in packet logging mode:…”

Section: Snortmentioning

confidence: 99%

See 2 more Smart Citations

Analysis Performance Intrusion Detection System in Detecting Cyber-Attack on Apache Web Server

Yuwono

2022

ITJRD

View full text Add to dashboard Cite

Network security on the webserver is the most important part to ensure integrity and service for users. Web servers are often the target of attacks that result in data corruption. One of them is the SYN Flood attack, which is a type of Denial of Service (DOS) attack that provides massive SYN requests to the webserver. This research is to analyze attack indications and maintain system security from the threat of data flooding. One way to maintain a computer network security system is to use Snort as an IDS (Intrusion Detection System). Snort is software that functions to detect intrusions. Data packets passing through network traffic will be analyzed first. Data packets detected as intrusions will trigger an alert which is then stored in a log file. That way, network administrators can find out intrusions that occur on computer networks. The method of testing flood attack data is using the penetration testing method. The three test samples are data flooding attacks against ICMP, UDP, and TCP protocols. The results obtained when testing flooding attack data where detection sensors can detect all attacks and all attack samples, while the warnings generated by Snort are shown in a web form which can be seen in the detail of each attack that occurred.

show abstract

Section: Methodsmentioning

confidence: 99%

Section: Snortmentioning

confidence: 99%

See 1 more Smart Citation

Analysis Performance Intrusion Detection System in Detecting Cyber-Attack on Apache Web Server

Yuwono

2022

ITJRD

View full text Add to dashboard Cite

show abstract

“…cara kerja honeyd memungkinkan pengguna untuk membuat dan menjalankan beberapa virtual host dalam jaringan komputer. Dari virtual host tersebut pengguna dapat mensimulasikan suatu konfigurasi jaringan komputer untuk meniru beberapa jenis server [15].…”

Section: Honeydunclassified

Analisis dan Implementasi Honeypot Honeyd Sebagai Low Interaction Terhadap Serangan Distributed Denial Of Service (DDOS) dan Malware

Ubaidillah,

Taryo,

Hindasyah

2023

jtim

View full text Add to dashboard Cite

Every computer device connected to a wide computer network is vulnerable to security risks. These threats encompass vulnerabilities to data, information, resources, and services within the system. These threats include intrusion, eavesdropping, theft of vital data, as well as damage to the network system. These actions are carried out by parties who are not accountable, commonly referred to as intruders or attackers. One method to prevent or anticipate these malicious actions is by utilizing the honeyd Honeypot technique. The honeyd Honeypot adopts a low-interaction approach, which involves indirect interaction with attackers. This Honeypot serves as a decoy or simulated server intentionally presented as a target for attacks. The purpose of this Honeypot is to detect and analyze ongoing attacks. In this research, the honeyd Honeypot is implemented as a simulated server resembling an authentic server. This server provides various services and opens several ports deliberately prepared as attack targets, such as Port 139, and Port 21.The results of this research unveil the existence of attacks. Signs of these attacks include a surge in network traffic, reaching up to 100 Megabits above the normal level. Another indicator is a sudden spike in CPU usage, reaching 100%. The activities of these attacks can be analyzed through the installed Wireshark application on the Honeypot server. Information obtained from this analysis encompasses details about the attacker's activities, enabling more effective preventive, anticipatory, and corrective measures. These steps encompass securing the server, network system, and existing services.

show abstract

Simulasi Sistem Keamanan Jaringan Komputer Berbasis IPS Snort dan Honeypot Artilery

Cited by 2 publications

References 0 publications

Analysis Performance Intrusion Detection System in Detecting Cyber-Attack on Apache Web Server

Analysis Performance Intrusion Detection System in Detecting Cyber-Attack on Apache Web Server

Analisis dan Implementasi Honeypot Honeyd Sebagai Low Interaction Terhadap Serangan Distributed Denial Of Service (DDOS) dan Malware

Contact Info

Product

Resources

About