Analisys Design Intrusion Prevention System (IPS) Based Suricata


Dwi Kuswanto


Network security is a very important thing. Technological developments have an impact on the security of the computer network with the rise of attackers. It is very threatening the existence of data on storage media from the actions of people who are not responsible. To maintain confidentiality, originality and availability of these data, we need a system to detect the presence of intruders in computer networks that can run in real time. Intrusion Prevention System (IPS) is a method that can monitor the network and can provide a particular action on a computer network. IPS is the development of IDS, which is using Suricata IPS as intruderdetection is connected with IPTables as a deterrent to intruders. IPS is equipped with a display guide user interfaces for easy admin to monitor the network from intrusion action to the server using open source (Linux Ubuntu 12.04 Precise Pangolin) at a operating system. Suricata create alerts when intrusions are detected on the network and stored in log files Suricata. At the same time WebAdmin can display the alert dialog that is accompanied by an alarm signal to instruct IPTables block IP addresses identified as an intruder, so the attacker access to the server is lost. Hopefully design is done optimally capable of detecting attacks