Implementasi Intrusion Detection System (IDS) untuk Mendeteksi serangan Metasploit Exploit Menggunakan Snort dan Wireshark

Article Sidebar

PDF
Published: Apr 30, 2023
DOI: https://doi.org/10.37792/jukanti.v6i1.861
Keywords:
Intrusion Detection System Snort Wireshark Metasploit Exploit

Main Article Content

Julian Lirama Junior Pandari
a:1:{s:5:"en_US";s:7:"Student";}
Wiwin Sulistyo

Abstract

Abstrak


Keamanan jaringan pada saat ini memang sangat diperlukan. Seiring dengan perkembangannya serangan siber, banyak kejahatan siber yang bekerja melalui jaringan dan mengeksploitasi celah keamanan tanpa adanya akses terlebih dahulu seperti serangan Remote Exploit. Serangan Remote Exploit ini dilakukan dengan cara memanfaatkan celah pada port dan protokol yang terbuka sehingga dapat mengexploitasi sistem operasi komputer target secara jarak jauh dan dapat mencuri data-data pada komputer target. Untuk melakukan Remote Exploit membutuhkan tools Metasploit Framework dengan menggunakan exploit/multi/handler dan menggunakan payload linux/x64/meterpreter/reverse_tcp sehingga dapat mengakses sistem operasi komputer target. IDS (Intrusion Detection System) Snort adalah sebuah sistem yang digunakan untuk memantau trafik jaringan dan mendeteksi intrusi mencurigakan kemudian akan melaporkannya dalam bentuk peringatan atau alert. Dengan menggunakan Intrusion Detection System Snort bertujuan agar dapat melakukan scaning terhadap setiap serangan yang masuk ke dalam jaringan komputer dan sangat membantu dalam minimalisir kerusakan sistem yang dilakukan oleh penyerang. untuk menganalisis lalu lintas jaringan dari paket Remote Exploit digunakan Wireshark sebagai pendeteksi serangan, dan dilakukan pembuktian apakah paket tersebut merupakan virus atau bukan dengan menggunakan Virus Total.


Kata kunci : Intrusion Detection System, Snort, Wireshark, Metasploit Exploit


 


 


Abstract


Network security at this time is indeed indispensable. As cyberattacks evolve, many cyberattacks work through networks and exploit security loopholes without prior access such as Remote Exploit attacks. This Remote Exploit attack is carried out by taking advantage of loopholes in open ports so that it can exploit the targer computer operating system remotely and can steal data on the target computer. To do Remote Exploit requires Metasploit Framework tools using exploit/multi/handler and using linux/x64/meterpreter/reverse_tcp payload so that it can access the target computer's operating system. IDS (Intrusion Detection System) Snort is a system used to monitor network traffic and detect suspicious intrusions and then report it in the form of alerts. By using the Intrusion Detection System Snort aims to be able to scan every attack that enters the computer network and is very helpful in minimizing system damage done by attackers. to multiply network traffic from Remote Exploit packets, Wireshark is used as an attack detector, and proof is carried out whether the packet is a virus or not by using Virus Total.


Keywords : Intrusion Detection System, Snort, Wireshark, Metasploit Exploit/

Downloads

Download data is not yet available.

Article Details

How to Cite
[1]
J. L. J. Pandari and W. . Sulistyo, “Implementasi Intrusion Detection System (IDS) untuk Mendeteksi serangan Metasploit Exploit Menggunakan Snort dan Wireshark”, JUKANTI, vol. 6, no. 1, pp. 41–50, Apr. 2023.
Issue
Vol. 6 No. 1 (2023): Jurnal Pendidikan Teknologi Informasi (JUKANTI) Edisi April 2023
Section
Artikel
Creative Commons License

This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.

JUKANTI Journal License

JUKANTI is committed to promoting open access and the free distribution of knowledge. We implement the following license model to ensure fair and ethical use of the materials published.

Creative Commons Attribution 4.0 International License (CC BY 4.0)

All articles published by JUKANTI are licensed under the Creative Commons Attribution 4.0 International License. This license allows users to:

  • Copy and Distribute: Users are free to copy, distribute, and display the original work, provided they give appropriate credit to the authors and the source.
  • Adapt: Users can modify, change, and build upon the original work, provided they give appropriate credit and indicate if changes were made.
  • Commercial Use: Users can use the work for commercial purposes, provided they give appropriate credit.

Author Obligations

Authors publishing their articles with JUKANTI agree to:

  • Guarantee that the work is original and free from copyright infringement.
  • Grant permission to JUKANTI to publish the work under the CC BY 4.0 license.
  • Retain the original copyright of their work, with the publication license granted to JUKANTI.

Compliance with DOAJ

JUKANTI is committed to complying with the guidelines and standards set by the Directory of Open Access Journals (DOAJ). We strive to ensure integrity, transparency, and high quality in all our publications.

For further questions or clarifications regarding this license, please contact Jukanti Editor at jukanti.ejournalcbn@gmail.com.

Crossref
Scopus
Google Scholar
Europe PMC