Network Security Monitoring System via Whatsapp using Snort on Ubuntu

Abstract

This research addresses critical network security vulnerabilities identified at the Palembang City Office of Culture and Tourism (Dinas Kebudayaan Dan Pariwisata Kota Palembang), an agency responsible for managing regional tourism and cultural assets. The necessity for heightened security became apparent following a successful Distributed Denial of Service (DDOS) attack against the agency's operational website. The investigation diagnosed the incident's root causes as high network vulnerability stemming from reliance on standard, inadequately secured infrastructure, coupled with insufficient human resource (HR) capacity and the complete absence of effective legacy prevention systems [1]. The solution implemented involves the construction of a Network Security Monitoring System utilizing the open-source Snort application, configured as an Intrusion Detection System (IDS) deployed on an Ubuntu platform. The core technical innovation of this system lies in its capacity for real-time alert delivery, leveraging the ubiquitous Whatsapp instant messaging application to notify the network administrator immediately upon the detection of an intrusion [1]. Validation testing confirms the system's efficacy in detecting specific, high-risk attack vectors, including SSH brute force login attempts, Telnet access probes, File Transfer Protocol (FTP) access attempts, and high-volume DDOS flooding [1]. The successful deployment demonstrates a viable, low-cost, and responsive strategy for public sector entities to transition from a passive security approach to a proactive, real-time security monitoring posture.