Suricata: Test DDoS Attack

From OnnoWiki
Revision as of 09:37, 30 March 2020 by Onnowpurbo (talk | contribs) (Created page with "Sumber: https://kifarunix.com/install-and-setup-suricata-on-ubuntu-18-04/ Kita akan uji nyali melakukan DDoS Attack ke server yan menjalankan SURICATA. ==Menyiapkan Rules===...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

Sumber: https://kifarunix.com/install-and-setup-suricata-on-ubuntu-18-04/

Kita akan uji nyali melakukan DDoS Attack ke server yan menjalankan SURICATA.

Menyiapkan Rules=

Edit file 

vi /etc/suricata/rules/test-ddos.rules

alert tcp any any -> $HOME_NET 80 (msg: "Possible DDoS attack"; flags: S; flow: stateless; threshold: type both, track by_dst, count 200, seconds 1; sid:1000001; rev:1;)

Rule ini akan mencatat jika ada 100 usaha connection dalam 10 detik.

Kita masukan rules ini di bagian rule-files: 

vi /etc/suricata/suricata.yaml

rule-files:
 - botcc.rules
 - ciarmy.rules
...
# - Custom Test rules
 - test-ddos.rules



Referensi

Pranala Menarik

Retrieved from "https://onnocenter.or.id/wiki/index.php?title=Suricata:_Test_DDoS_Attack&oldid=60588"