Design and implement of intrusion prevention system based on snort and IP Tables / Lutfi Dwi Naldi and Apro Siswanto

In the era of rapid advancement in communication and computer technology, network security has become a crucial issue, especially in wireless networks. Unlimited internet access can cause security threats such as Distributed Denial of Service (DDoS) attacks, spoofing, and port scanning. This study aims to design and implement a Snort-based Intrusion Prevention System (IPS) combined with IP Tables to improve the security of wireless local area networks (WLANs). The proposed system not only detects but also prevents attacks in real-time by blocking malicious network traffic. Testing was carried out using penetration testing with various attack scenarios, including ARP spoofing and DDoS, which showed that this system successfully identified and blocked attacker access. The results of this study were measured based on the system's ability to reduce wireless network threats, which showed a significant increase in threat mitigation. This system provides a more optimal security solution compared to traditional intrusion detection systems that are only detection. Overall, the implementation of this system is able to increase the efficiency of attack prevention and show success in reducing the risk of illegal network access on WLANs.