| Summary: | Computer networks connected to the Internet will increase the risk of
threats or disruption to the network security. Malware in the form of viruses,
worms, and trojan horses is a major threat to the network security. The objective
of this research was to detect and identify attacks on the internal network of
Muhammadiyah University of Purwokerto using Honeypot. Honeypot platform
used in this research are Honeyd and Dionaea.
Research was began by evaluating the network security, then design of
application Honeypot was performed to help secure the network. After installation
in accordance with the design, then the simulation was performed to determine the
performance of the system. Further testing system in the network to get data
across a network attack. Then conducted an analysis of the log file from the
Honeypot.
A number of attacks to Honeyd originated from several host with private
IP addresses from the internal network. Almost all attacks from hosts with
Windows XP operating system, and 96.81% of attacks aimed at port 445. Dionaea
succesfully download copy of the malware as much as 76 times that consists of
only one type of malware that is Win32.Worm.Downadup.Gen. By knowing the
type and location of the malware, an appropriate action can be performed.
|
|---|