IMPLEMENTASI SNORT SEBAGAI ALAT PENDETEKSI INTRUSI MENGGUNAKAN LINUX
Abstract
Network security system on the server is an important factor to ensure the stability , integrity and validity of the data . Implementation of Snort -based Intrusion Detection System can save the cost of procurement of software because it is free and quite reliable in detecting security attacks . Snort -based IDS systems can be implemented on the Linux operating system . Snort main settings and network settings , especially on existing Snort rule . An attack can be detected or not by SnortI IDS , depending on the presence or absence of an appropriate rule.
Testing the IDS system was done with several attack patterns to test the reliability of Snort to detect an attack against the security system . Based on the results of testing the system Snort IDS with ping , nmap port scanning , exploits , SQL Injection , accessing the database . Snort can provide warning of an attack against the security of a network system . The warning results can be used as a reference for determining the network security policy.
Key words : Linux , Intrusion Detection System , Snort
References
Beale, Jay. 2003. “Snort 2.0 Intrusion Detection”, Masachusset : Syngress Publishing, Inc.
Fauziah, Lilis. 2009. “Pendeteksian Serangan Pada Jaringan Komputer Berbasis IDS Snort Dengan Algoritma Clustering K-Means”, Surabaya : Institut Teknologi Sepuluh November, Surabaya.
Rafiudin, Rahmat. 2010. “Mengganyang Hacker dengan SNORT”. Surabaya : ANDI OFFSET
Snort Teams. Desember 7, 2011. "Snort User Manual 2.9.2". Columbia: Sourcefire, Inc.
The Ubuntu Manual Team. Juli 30, 2012. "Getting Started with Ubuntu 12.04" California: Creative Commons.
Wagoner, Richard. 2007. “Performance Testing An Inline Network Intrusion Detection System Snort”. Master Thesis, Morehead State University.
