Wazuh sebagai Log Event Management dan Deteksi Celah Keamanan pada Server dari Serangan Dos
Article Sidebar
Main Article Content
Abstract
Server monitoring is the process of monitoring server system resources such as monitoring server performance also helps identify other performance-related problems such as resource utilization, application downtime, and response time to a service. File Integrity Monitoring (FIM) is the activity of monitoring the integrity of a file to maintain the integrity of a file from unauthorized changes, by utilizing Wazuh as one of the open source applications to monitor has various features to perform monitoring. Computer network security becomes something that needs to be considered as technology develops rapidly. It is the responsibility of a network administrator to monitor system security at any time. Given the various threats that can enter the system at any time, an application is needed that can detect and prevent the threat in real time. The problem raises the idea for the author to utilize one of the applications, namely Suricata in which there is an IDS (Intruction Detection System) method that will serve as an attacker detection. Suricata will display an alert when there is a suspicious package. The resulting alert will be stored in the file log. Then the log will be displayed on the Wazuh web interface. Alerts that appear on Wazuh will be sent to network administrators via e-mail
Article Details
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.
References
[2] H. Juliansyah, “Analisa dan Perancangan Sistem Keamanan Jaringan Webserver dari Serangan Denial of Service (DoS) Dengan Menggunakan Metode Penetration,” pp. 1–6, 2015.
[3] Kaspersky. (2021). DDoS attacks in Q3 grow by 24%, become more sophisticated. Dari https://www.kaspersky.com/about/press- releases/2021_ddos-attacks-in-q3-grow-by-24-become-more-sophisticated Diakses pada 27 Desember 2021.
[4] I. Amazon Web Service, Cloud Platform. Dari https://aws.amazon.com/what-is- aws/?nc1=h_ls. Diakses pada 20 Januari 2022.
[5] I. Efendi, (2015), “Apa Yang di Maksud Dengan Server ?”. Dari https://www.it- jurnal.com/apa-yang-di-maksud-dengan-server/. Diakses pada 23 Januari 2022.
[6] BSSN, (2021), “Tutorial instalasi wazuh 4.0 endpoint security pada centOS7”. Dari https://govcsirt.bssn.go.id/tutorial-instalasi-wazuh-4-0-endpoint-security- padacentos7/#:~:text=Wazuh%20merupakan%20perangkat%20berbasis%20Op en,berbasis%20waktu%2C%20dan%20respons%20aktif. Diakses 21 Januari 2022.
[7] A. S. Fadhlillah, A. I. Irawan, F. T. Elektro, U. Telkom, and K. Jaringan, “Analisis Performansi Ids Menggunakan Metode Deteksi Anomaly- Based Terhadap Serangan Dos Ids Performance Analysis Using Anomaly-Based Detection Methods,” e-Proceeding Eng., vol. 6, no. 2, pp. 3398–3405, 2019.
[8] N. Febrianto (2019), “Macam - macam serangan DDoS Dan CaraMengantisipasinya,” . Dari https://www.tagar.id/macammacam-serangan-ddos- dan-cara-mengantisipasinya. Diakses pada 21 Januari 2022.
[9] S. Sanplippo, “Hping.” http://www.hping.org/ (accessed Jan. 23, 2022).
[10] M. Azmi, C. Foozy, K. Sukri, N. Abdullah, I. Hamid, & H. Amnur "Feature Selection Approach to Detect DDoS Attack Using Machine Learning Algorithms," JOIV : International Journal on Informatics Visualization, vol. 5, no. 4, , pp. 395-401, Dec. 2021. https://doi.org/10.30630/joiv.5.4.734
[11] Die.net, “hping3(8) - Linux man page,” linux.die.net. Dari https://linux.die.net/man/8/hping3. Diakses pada 21 Januari 2022