Difference between revisions of "Suricata: Test DDoS Attack"
Jump to navigation
Jump to search
Onnowpurbo (talk | contribs) (Created page with "Sumber: https://kifarunix.com/install-and-setup-suricata-on-ubuntu-18-04/ Kita akan uji nyali melakukan DDoS Attack ke server yan menjalankan SURICATA. ==Menyiapkan Rules===...") |
Onnowpurbo (talk | contribs) |
||
| Line 3: | Line 3: | ||
Kita akan uji nyali melakukan DDoS Attack ke server yan menjalankan SURICATA. | Kita akan uji nyali melakukan DDoS Attack ke server yan menjalankan SURICATA. | ||
| − | ==Menyiapkan Rules | + | ==Menyiapkan Rules== |
Edit file | Edit file | ||
| Line 13: | Line 13: | ||
Rule ini akan mencatat jika ada 100 usaha connection dalam 10 detik. | Rule ini akan mencatat jika ada 100 usaha connection dalam 10 detik. | ||
| − | Kita masukan rules | + | Kita masukan rules test-ddos.rules di bagian rule-files: |
vi /etc/suricata/suricata.yaml | vi /etc/suricata/suricata.yaml | ||
rule-files: | rule-files: | ||
| − | + | - suricata.rules | |
| − | |||
| − | |||
# - Custom Test rules | # - Custom Test rules | ||
| − | + | - test-ddos.rules | |
| − | |||
| − | |||
| − | |||
==Referensi== | ==Referensi== | ||
Revision as of 09:39, 30 March 2020
Sumber: https://kifarunix.com/install-and-setup-suricata-on-ubuntu-18-04/
Kita akan uji nyali melakukan DDoS Attack ke server yan menjalankan SURICATA.
Menyiapkan Rules
Edit file
vi /etc/suricata/rules/test-ddos.rules
alert tcp any any -> $HOME_NET 80 (msg: "Possible DDoS attack"; flags: S; flow: stateless; threshold: type both, track by_dst, count 200, seconds 1; sid:1000001; rev:1;)
Rule ini akan mencatat jika ada 100 usaha connection dalam 10 detik.
Kita masukan rules test-ddos.rules di bagian rule-files:
vi /etc/suricata/suricata.yaml
rule-files: - suricata.rules # - Custom Test rules - test-ddos.rules