FORENSIC NETWORK ANALYSIS AND IMPLEMENTATION OF SECURITY ATTACKS ON VIRTUAL PRIVATE SERVERS

Naikson saragih; Ridho Agus Wery Nanda Panjaitan; Mufria Jonatan Purba

doi:10.34012/jurnalsisteminformasidanilmukomputer.v6i2.2932

PDF

Published: Feb 9, 2023

DOI: https://doi.org/10.34012/jurnalsisteminformasidanilmukomputer.v6i2.2932

Naikson saragih

Universitas Methodist Indonesia

Ridho Agus Wery Nanda Panjaitan

Universitas Methodist Indonesia

Mufria Jonatan Purba

Universitas Methodist Indonesia

Abstract

ABSTRACT-PT Kodinglab Integrasi Indonesia's Virtual Private Server (VPS) product requires good quality standards, including security. The challenge that arises is still frequent disruptions to the protection of PT Kodinglab's VPS customers, where it is difficult to identify the source of the attack. Network forensics in the form of dead forensics and live forensics using the NIST method with the stages of collection, examination, Analysis, and reporting are used to find the source of the attack. Data for dead forensics comes from snort tools, and data for live forensics comes from capture Wireshark. The collection stage involves collecting attack data from snort logs and wireshark for life forensics. While the examination dataset stages are further analyzed and mapped. Advanced check on the server via syslog snort.

From the attack testing carried out to obtain information in the form of the attacker's IP address, destination IP address, date of the attack, server time, and type of attack from testing the TCP Flooding and UDP Flooding attacks, all attacks on the customer's VPS can be identified. The information obtained regarding the attacker is in the form of the date and time the attack occurred, the attacker's IP address and the victim's IP address, and the protocol used.

Kata kunci : Network Forensic, Dead Forensic, Live Forensic, Virtual Private Server, DDos, TCP Flooding, UDP Flooding.

How to Cite

[1]

N. saragih, R. A. W. N. Panjaitan, and M. J. Purba, “FORENSIC NETWORK ANALYSIS AND IMPLEMENTATION OF SECURITY ATTACKS ON VIRTUAL PRIVATE SERVERS”, JUSIKOM PRIMA, vol. 6, no. 2, pp. 28-34, Feb. 2023.

Issue

Vol. 6 No. 2 (2023): Jurnal Sistem Informasi dan Ilmu Komputer Prima (JUSIKOM Prima)

Section

Articles

This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.

Authors who publish their manuscripts through the Journal of Information Systems and Computer Science agree to the following:

Copyright to the manuscripts of scientific papers in this Journal is held by the author.
The author surrenders the rights when first publishing the manuscript of his scientific work and simultaneously the author grants permission / license by referring to the Creative Commons Attribution-ShareAlike 4.0 International License to other parties to distribute his scientific work while still giving credit to the author and the Journal of Information Systems and Computer Science as the first publication medium for the work.
Matters relating to the non-exclusivity of the distribution of the Journal that publishes the author's scientific work can be agreed separately (for example: requests to place the work in the library of an institution or publish it as a book) with the author as one of the parties to the agreement and with credit to sJournal of Information Systems and Computer Science as the first publication medium for the work in question.
Authors can and are expected to publish their work online (e.g. in a Repository or on their Organization's/Institution's website) before and during the manuscript submission process, as such efforts can increase citation exchange earlier and with a wider scope.