Active IDS Firewall Using MikroTik

Authors

  • Nadzirah Binti Ramli Universiti Kuala Lumpur

Abstract

Nowadays, network vulnerabilities getting more advance and complex. Some small business or enterprise company will buy third party Advance Firewall such as Cisco, WatchGuard and Sangfor for their network protection because not all integrated service router can perform firewall function very well. So this project Active IDS Firewall Using MikroTik, perform Intrusion Detection System (IDS) to detect intrusion or attack and prevent it from intruder to enter the network. Active IDS Firewall is the rule set that will react to block intrusion from getting in from certain condition. When the attacker attack network, it will send alert to admin via e-Mail and then the MikroTik itself will solve the detection and prevent it without admin action. The attack that are going to be prevent using this Intrusion Detection System are SSH Brute Force attack, Port Scanning attack, and DDoS attack. Port scanning attack is very dangerous because attacker can trace all open ports in the organization especially Port NAT Forwarding and DMZ. By using this Active IDS Firewall, protocol like SSH can improve their level of security by slowing down the attacker to attack the network and also can block from DDoS attack that can cause slow network performance and high network utilization.

Published

2019-08-29

Issue

Vol. 3 No. 2 (2018)

Section

Articles

Submission of an original manuscript to the Journal of Computing Technologies and Creative Content (JTeC) will be taken to mean that it represents original work not previoussly published, that it is not being considered elsewhere for publication. All submitted articles that are published by JTeC cannot be published anywhere by the authors unless with the permission by JTeC Editors. JTeC reserves the right to the publications of the articles it published, and reserves the right to reuse the articles elsewhere for academic purposes, while still retaining the names of the original authors with the original articles.

JTeC takes the stance that the publication of scholarly research is meant to disseminate knowledge and in a not-for-profit regime, benefits neither publisher nor author financially. It sees itself as having obligation to its author and to society to make content available online now that the technology allows for such possibility.