Optimization Of Server Computer Security Using The Port Knoking Method On Ubuntu Server 12.04 LTS
Each online based server cannot be fully secured from various external attacks that attempt to infiltrate the system. Server security is the most important part for administrators against intruders who carry out their actions in attacking computer systems, there are several attack methods that can be done, method like brute-force are usually deployed to attack computer security systems that are connected to the internet. In this study to overcome attacks penetrating into the server system, the port knoking method can be used as a step taken to prevent attacks that enter the system or also known as the authentication method. By using this port knoking method the administrator can control the system to be more secure from brute-force attackers addressed in certain parts such as SSH server and FTP server. So that users can perform services connected with SSH server and FTP server services, knocked functions as a port knocking daemon that is ready to receive port knocking authentication from the user then rewrites the firewall, so that the connected services can be secured from attacks that try to infiltrate the server system. Furthermore, Ip tables and uncomplicated firewalls function to build firewalls that will deny connections to the SSH server and FTP server services. So when a foreign user accesses SSH and FPT without first doing the autendiction, the firewall will reject the connection, but if the user passes the port knocking autendiction stage via sending SYN packets to the port provided in the knocking daemon port, then the knocking daemon port is will rewrite the firewall so users can connect to the SSH server and FPT server services.
I. Riadi, “Optimalisasi Keamanan Jaringan Menggunakan Pemfilteran Aplikasi Berbasis Mikrotik Pendahuluan Landasan Teori,” JUSI, Univ. Ahmad Dahlan Yogyakarta, vol. 1, no. 1, pp. 71–80, 2011.
T. J. Misa, “Computer Security Discourse at RAND, SDC, and NSA (1958-1970),” IEEE Ann. Hist. Comput., vol. 38, no. 4, pp. 12–25, 2016
A. Amarudin, “Desain Keamanan Jaringan Pada Mikrotik Router OS Menggunakan Metode Port Knocking,” J. Teknoinfo, vol. 12, no. 2, p. 72, 2018
S. Tan, X. Li, and Q. Dong, “TrustR: An integrated router security framework for protecting computer networks,” IEEE Commun. Lett., vol. 20, no. 2, pp. 376–379, 2016
R. D. Mooi and R. A. Botha, “A management model for building a computer security incident response capability,” SAIEE Africa Res. J., vol. 107, no. 2, pp. 78–91, 2016
P. Riska, P. Sugiartawan, and I. Wiratama, “Sistem Keamanan Jaringan Komputer Dan Data Dengan Menggunakan Metode Port Knocking,” J. Sist. Inf. dan Komput. Terap. Indones., vol. 1, no. 2, pp. 53–64, 2018
R. Abdillah, “SISTEM PENDEKTEKSIAN PENYUSUP BERBASIS SMS GATEWAY PADA PROSES OTENTIKASI FILE TRANSFER PROTOCOL ( FTP ),” pp. 95–100.
- Syaifuddin, D. Risqiwati, and E. A. Irawan, “Realtime Pencegahan Serangan Brute Force dan DDOS Pada Ubuntu Server,” Techno.Com, vol. 17, no. 4, pp. 347–354, 2018
R. A. Purnama, “Optimalisasi Keamanan Jaringan Wireless Menggunakan Firewall Filtering MAC Address,” vol. 8, no. 4, 2019.