Analysis And Evaluation Snort, Bro, And Suricata As Intrusion Detection System Based On Linux Serverud

摘要

Security and confidentiality of data on computer networks is currently audproblem that continues to grow. Installation of firewalls, antivirus, IDS (IntrusionudDetection System) / IPS (Intrusion Prevention System) and various other securityudapplications often require the best available installation cost is not small. Openudsource is the best solution to address the security issues that expensive. IntrusionudDetection System is a system designed to collect information about the activitiesudin the network, analyzing information, and give a warning. Snort, Bro andudSuricata is an open source Intrusion Detection System. By comparing how theudinstallation, configuration, warnings are displayed, and the resulting informationudcan to know the advantages and disadvantages of snort Snort, Bro and Suricata asudIntrusion Detection System.udThere are two stages of testing, such as scanning and penetration. Phaseudscanning is a scan of all ports, scanning is done by using NMAP applicationudwhich is found on Armitage. Stage penetration is done by using the menu hailudmary which is contained in Attack tab, hail mary is used to try all the exploitsudagainst computer target.udBased on Scanning and penetration process, Snort detects 926 alert,udSuricata detects 1218 alerts and Bro detects 128 low alerts. Snort and Suricataudease to install and update rule, Bro requires the least amount of resources.ud