IMPLEMENTASI METODE INTRUSION DETECTION SYSTEMS (IDS) DAN INTRUSION PREVENTION SYSTEMS (IPS) BERBASIS SNORT SERVER UNTUK KEAMANAN JARINGAN LAN

Abstract

Abstract - Currently in the world of network is being focused on computer network system, the dangerous and dangerous things from within the network itself. It requires techniques to secure the resources available in computer networks by using Intrusion Detection Systems (IDS) or intrusion detection systems, using an intruder detection system that enables preventive network and information systems (IPS) or backharming systems that will prevent intruder. In this research applied Intrusion Detection System (IDS) and Intrusion Prevention Systems (IPS) as detection and prevention system when intruders on computer network server, using Snort as rule based as alert to do security on computer network. Intrusion Detection Systems (IDS) implemented on Linux operating systems and Intrusion Prevention Systems (IPS) will be implemented with firewalls or iptables. From this research, Intrusion Detection System (IDS) system testing and response time analysis with 3 models of TCP flood attack, UDP Flood, and ICMP Flood. Results issued by the IDS system with 1 client and 2 clients simultaneously perform an attack that produces the same alert accuracy value with an average value of 99.98%. The average value of response time obtained from credit with 1 client is 0.53 seconds and when using 2 clients get an average value of 0.32 seconds. So in conclusion when an intruder detection system (IDS) is shared with 1 client or 2 client performs an attack, the system is able to detect well and produce the same performance in detecting attacks from 1 or more clients. And the results of the intruder deterrent testing system (IPS) is able to block Internet Protocol (IP) by filtering the attacker IP well. Keywords - Computer Network Security, Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), Snort, IP Tables.