NETWORK SECURITY MONITORING WITH INTRUSION DETECTION SYSTEM

Computer network security is an issue that needs attention, along with the valuable and confidential information that passes through the network. The increasing use of networked computer systems has also led to an increase in cybercrimes worldwide, including Indonesia. The types of attacks carried out vary and go through several phases. Among the initial phases of the attack is the port scanning process. The process uses specific programs, such as Nmap (Network Mapper), to check on the target/victim side which ports are open and can be exploited for further attacks. IDS (Intrusion Detection System) is here to anticipate external attacks; IDS is used to detect suspicious activity in the system or network. This study aims to create a computer network security system that is lightweight, based on open-source, easy to set up, and can be analyzed by administrators by using Maltrail. Maltrail itself is a monitoring service used to detect dangerous traffic/traffic in a computer network, by utilizing a blacklist containing a list of dangerous or suspicious elements/sources. This study describes the stages of Maltrail installation and how Maltrail can detect the suspicious network, in this case, the port scanning business using Nmap. As a result, Maltrail can be relied on to log and notify network administrators of illegal system entry attempts/intrusions when there is a port scanning process from outside. Thus, it is hoped that with the existence of IDS, handling of an attack can be carried out earlier and prevent fatal consequences