RANCANG BANGUN INTRUSION DETECTION SYSTEM (IDS) MENGGUNAKAN SNORT (STUDI KASUS PT PLN BATAM)

Abstract

Security is an important aspect in building a network. The use and utilization of information technology for PT PLN Batam has become an important component for the daily activities of employees in improving company performance. This research was conducted to assist network administrators in monitoring traffic and supervising suspicious activities at PT PLN Batam. For monitoring of suspicious activities at PT PLN Batam, the intruder detection system that the author uses is Snort which runs on the Linux Operating System, namely Debian, because Snort is open source and can detect attack patterns in accordance with existing rules. The author uses Snort which is assisted by the Snorby interface to make it easier for a network administrator in terms of monitoring. Log or Alert results from Snort are presented in the form of a Graphical User Interface (GUI) using the Snorby application as a monitoring system in the form of Line Charts and Pie Charts. Snort can also display Logs or Alerts based on the severity level which is divided into 3 colors, namely High severity in red which is categorized as a dangerous attack, Medium severity in yellow which is categorized as an attack with a moderate level, and Low severity in green which is categorized as an attack that is not dangerous or weak. In general, Snort only works as a detector and is unable to withstand attacks. It is hoped that in the future Snort can be developed which is able to prevent attacks automatically.