93 lines
3.3 KiB
Plaintext
93 lines
3.3 KiB
Plaintext
Kode program dalam Implementasi Snort Untuk Mendeteksi Serangan DDOS Pada Jaringan Web Server adalah sebagai berikut:
|
||
a. Install LOIC di Kali Linux
|
||
1) # apt-get update
|
||
2) # git clone https://github.com/nicolargo/loicinstaller.git
|
||
3) # cd Downloads
|
||
4) # chmod 777 loic.sh
|
||
5) # ./loic.sh install
|
||
6) # ./loic.sh update
|
||
7) # cd LOIC-master
|
||
8) # ./loic.sh run
|
||
|
||
b. Install Hping3 di Kali Linux
|
||
1) # sudo apt-get update
|
||
2) # sudo apt-get install hping3
|
||
3) # hping3 –version
|
||
|
||
c. Install Apache di Ubuntu
|
||
1) # sudo apt-get update
|
||
2) # sudo apt-get install apache2
|
||
3) # sudo systemctl start apache2
|
||
4) # sudo systemctl enable apache2
|
||
|
||
d. Install Snort 3 di Ubuntu
|
||
1) # sudo apt-get update
|
||
2) # apt install build-essential libpcap-dev libpcre3-dev libnet1-dev zlib1g-dev luajit hwloc libdnet-dev libdumbnet-dev bison flex liblzma-dev openssl libssl-dev pkg-config libhwloc-dev cmake cpputest libsqlite3-dev uuid-dev libcmocka-dev libnetfilter-queue-dev libmnl-dev autotools-dev libluajit-5.1-dev libunwind-dev libfl-dev -y
|
||
3) # git clone https://github.com/snort3/libdaq.git
|
||
4) # cd libdaq
|
||
5) # ./bootstrap
|
||
6) # ./configure
|
||
7) # cd
|
||
8) wget https://github.com/snort3/snort3/archive/refs/tags/3.1.43.0.tar.gz
|
||
9) # tar -xvzf 3.1.43.0.tar.gz
|
||
10) # cd snort3-3.1.43.0 ./configure_cmake.sh --prefix=/usr/local --enable-tcmalloc
|
||
11) # cd build
|
||
make
|
||
make install
|
||
ldconfig
|
||
12) # snort -V
|
||
|
||
e. Penyerangan TCP Syn Flood
|
||
1) # sudo hping3 -S --flood -V -p 80 -–rand-source 192.168.0.199
|
||
|
||
f. Monitoring Apache Server Status
|
||
1) # sudo a2enmod status
|
||
2) # sudo nano /etc/apache2/sites-available/000-default.conf
|
||
3) # sudo systemctl restart apache2
|
||
|
||
g. Konfigurasi Network Interface
|
||
1) # ip link set dev enp0s3 pormisc on
|
||
2) # ip add sh enp0s3
|
||
3) # ethtool -k enp0s3 | grep receive-offload
|
||
4) # ethtool -K enp0s3 gro off lro off
|
||
|
||
h. Konfigurasi NIC Snort
|
||
1) # sudo nano /etc/systemd/system/snort3-nic.service
|
||
2) # sudo systemctl daemon-reload
|
||
3) # sudo systemctl start snort3-nic.service
|
||
4) # sudo systemctl status snort3-nic.service
|
||
5) # sudo systemctl enable snort3-nic.service
|
||
6) # sudo journalctl -u snort3-nic.service
|
||
|
||
i. Konfigurasi Snort
|
||
1) # mkdir /usr/local/etc/rules
|
||
2) # wget -qO- https://www.snort.org/downloads/community/snort3-community-rules.tar.gz | tar xz -C /usr/local/etc/rules/
|
||
3) # nano /usr/local/etc/snort/snort.lua
|
||
4) HOME_NET = '192.168.0.199'
|
||
EXTERNAL_NET = 'any'
|
||
|
||
j. Konfigurasi Ruleset Snort
|
||
1) # nano /usr/local/etc/rules/local.rules
|
||
2) # snort -c /usr/local/etc/snort/snort.lua -R /usr/local/etc/rules/local.rules
|
||
3) # snort -c /usr/local/etc/snort/snort.lua -R /usr/local/etc/rules/local.rules -i enp0s3 -A alert_fast -s 65535 -k none
|
||
|
||
k. Konfigurasi Systemd Service Snort
|
||
1. # nano /etc/systemd/system/snort3.service
|
||
2. # systemctl daemon-reload
|
||
3. # systemctl enable --now snort3
|
||
4. # systemctl status snort3
|
||
|
||
l. Pengujian Snort Menggunakan Hping3
|
||
1) # sudo systemctl start snort3-nic
|
||
2) # sudo systemctl status snort3-nic
|
||
3) # sudo hping3 -S --flood -V -p 80 192.168.0.199
|
||
4) # tail -f /var/log/snort/alert_fast.txt
|
||
5) # snort -c /usr/local/etc/snort/snort.lua -R /usr/local/etc/rules/local.rules -i enp0s3 -A alert_fast -s 65535 -k none
|
||
|
||
m. Install Cockpit
|
||
1. # sudo apt install cockpit
|
||
2. # sudo systemctl start cockpit
|
||
3. # systemctl status cockpit
|
||
4. https://192.168.189.70:9090
|
||
|