Enhancing Server Security: Implementation and Evaluation of the Port Knocking Method on Ubuntu Virtual Servers
DOI:
https://doi.org/10.31272/jeasd.2809الكلمات المفتاحية:
Brute force، Client، Firewall، Port knocking، Port 22، Serverالملخص
Server security is the most important thing for administrators. The server has service access via port 22, which is the most crucial point to secure because illegal access to the system is common. To overcome this problem, a firewall is implemented to act as a barrier. However, firewall users themselves are still less effective because of how it works, which closes all access without caring about anyone connected to the network. To address these issues, the port-knocking method is used in server security. The technique works by opening and closing Port 22 blocks using a firewall that detects knock attempts on network devices. Tests were conducted using port scanning, a DDoS attack, and brute-force attacks to evaluate the port-knocking method's performance in securing the server. With many tests —30, 15, and 26 times—success percentages of 0%, 90%, and 100%, the port knocking method can secure the server against unauthorized access and overcome problems caused by firewalls.
المراجع
A. Sallow, H. Dino, Z. Ageed, M. Mahmood, and M. Abdulrazaq, “Client/Server Remote Control Administration System: Design and Implementation”, International Journal of Multidisciplinary Research and Publications (IJMRAP), vol. 3, no. 2, pp. 5–11, 2020, Available: https://ijmrap.com/wp-content/uploads/2020/07/IJMRAP-V3N1P95Y20.pdf
A. U. Nabi, M. Ahmed, and A. Abro, “An Overview of Firewall Types, Technologies, and Functionalities,” International Journal of Computing and Related Technologies, vol. 3, no. 1, pp. 10–16, Aug. 2022, Accessed: Jun. 08, 2024. [Online]. Available: http://ijcrt.smiu.edu.pk/ijcrt/index.php/smiu/article/view/126/36
M. Nur et al., “The Effectiveness of the Port Knocking Method in Computer Security,” International Journal of Integrative Sciences, vol. 2, no. 6, pp. 861–868, Jun. 2023, https://doi.org/10.55927/ijis.v2i6.4526.
H. Mursyidah, et al., “Analysis and implementation of the Port Knocking method using Firewall-based Mikrotik RouterOS,” IOP Conference Series: Materials Science and Engineering, vol. 536, no. 1, p. 012129, Jun. 2019, doi: https://doi.org/10.1088/1757-899x/536/1/012129.
J. Junquera-Sánchez, C. Cilleruelo, L. de-Marcos, and José-Javier Martinez-Herréiz, "C-Lock: Local Network Resilient Port Knocking System Based on TOTP," Wireless Communications and Mobile Computing, vol. 2022, pp. 1–9, Jan. 2022, doi: https://doi.org/10.1155/2022/9153868
R. Sinha, “A Study On Client Server System In Organizational Expectations,” Journal of Management Research and Analysis, 2018, pp.2394-2770, Available: https://www.academia.edu/38493474/a_study_on_client_server_system_in_organizational_expectationS .
B. Siregar, U. Andayani, N. Fatihah, L. Hakim, and F. Fahmi, “Tropical Timber Identification using Backpropagation Neural Network,” Journal of Physics: Conference Series, vol. 801, p. 012051, Jan. 2017, doi: https://doi.org/10.1088/1742-6596/801/1/012051
P. Sahu, M. Singh, and D. Kulhare, “Implementation of Modified Hybrid Port Knocking (MHPK) with Strong Authentication,” International Journal of Computer Applications, vol. 64, no. 22, pp. 31–36, Feb. 2013, doi: https://doi.org/10.5120/10778-5478
R. Muzawi, “Aplikasi Pengendalian Port dengan Utilitas Port Knocking untuk Optimalisasi Sistem Keamanan Jaringan Komputer,” Sains dan Teknologi Informasi, vol. 2, no. 1, pp. 52–58, 2016, doi: https://doi.org/10.33372/stn.v2i1.123.
S. Jingyao, S. Chandel, Y. Yunnan, Z. Jingji, and Z. Zhipeng, "Securing a Network: How Effective Using Firewalls and VPNs Are?" Lecture Notes in Networks and Systems, vol. 70, pp. 1050–1068, Feb. 2019, doi: https://doi.org/10.1007/978-3-030-12385-7_71.
B. Pandey, G. A. Farulla, M. Indaco, L. Iovino, and P. Prinetto, “Design and Review of Water Management System Using Ethernet, Wi-Fi 802.11n, Modbus, and Other Communication Standards,” Wireless Personal Communications, vol. 106, no. 4, pp. 1677–1699, Feb. 2018, doi: https://doi.org/10.1007/s11277-018-5380-7.
M. Shah, S. Ahmed, K. Saeed, M. Junaid, H. Khan, and Ata-ur-rehman, “Penetration Testing Active Reconnaissance Phase – Optimized Port Scanning with Nmap Tool,” 2019 2nd International Conference on Computing, Mathematics and Engineering Technologies (iCoMET), Jan. 2019, doi: https://doi.org/10.1109/icomet.2019.8673520.
R. V. Deshmukh and K. K. Devadkar, “Understanding DDoS Attack & its Effect in Cloud Environment,” Procedia Computer Science, vol. 49, pp. 202–210, 2015, Doi: https://doi.org/10.1016/j.procs.2015.04.245.
L. Bosnjak, J. Sres, and B. Brumen, “Brute-force and dictionary attack on hashed real-world passwords,” 2018 41st International Convention on Information and Communication Technology, Electronics and Microelectronics (MIPRO), May 2018, doi: https://doi.org/10.23919/mipro.2018.8400211.
H. Hasdiana and H. Fahmi, “Aplikasi Pembelajaran Unified Modeling Language Berbasis Computer Assisted Instruction,” Query: Journal of Information Systems, vol. 2, no. 2, Oct. 2018.
H. E. Williams and D. Lane, “Web Database Applications with PHP and MySQL: Building Effective Database-Driven Web Sites”, O’Reilly Media, Inc. 2004. Accessed: Jun. 21, 2024. [Online]. Available: https://books.google.iq/books?hl=ar&lr=&id=WuxxvP7RZasC&oi=fnd&pg=PR5&dq=Williams
R. Wodyk and M. Skublewska-Paszkowska, "Performance comparison of relational databases SQL Server, MySQL, and PostgreSQL using a web application and the Laravel framework," Journal of Computer Sciences Institute, vol. 17, pp. 358–364, Dec. 2020, doi: https://doi.org/10.35784/jcsi.2279.
M. Idhom, H. Wahanani, and A. Fauzi, “Network Security Applications Using the Port Knocking Method,” Journal of Physics: Conference Series, vol. 1569, p. 022046, Jul. 2020, https://doi.org/10.1088/1742-6596/1569/2/022046.
Z. Amir, S. Syaifuddin, and D. Risqiwati, “Implementasi Asymmetric Encryption Rsa Pada Port Knocking Ubuntu Server Menggunakan Knockd Dan Python,” Jurnal Repositor, vol. 2, no. 6, p. 787, Apr. 2020, doi: https://doi.org/10.22219/repositor.v2i6.270.
N. Iwan and D. Kurniawan, “Mikrotik Login Security with Port-Knocking and Brute Force Firewall at PT. Time Excelindo,” International Journal of Integrative Sciences, vol. 2, no. 7, pp. 971–978, Jul. 2023, doi: https://doi.org/10.55927/ijis.v2i7.4782
Y. Christian, “Analisis Sistem Pengamanan Akses Autentikasi Jaringan dengan Metode Port Knocking dan Action Tarpit pada Router Mikrotik,” Telcomatics, vol. 4, no. 1, pp. 1–6, 2019, Accessed: Jan. 25, 2025. [Online]. Available: https://journal.uib.ac.id/index.php/telcomatics/article/view/586
I. Marzuki, “Perancangan dan Implementasi Sistem Keamanan Jaringan Komputer Menggunakan Metode Port Knocking Pada Sistem Operasi Linux,” Jurnal Teknologi Informasi Indonesia (JTII), vol. 2, no. 2, pp. 18–24, Apr. 2019, doi: https://doi.org/10.30869/jtii.v2i2.312.
T. Sanguankotchakorn and S. Kumar Arugonda, “Hybrid Controller for Securing SDN from Switched DDoS and ARP Poisoning Attacks,” 2019 20th Asia-Pacific Network Operations and Management Symposium (APNOMS), pp.1–6, Sep 2019,doi: https://doi.org/10.23919/apnoms.2019.8893030.
Y. Mulyanto, et al., “Implementasi Port Knocking Untuk Keamanan Jaringan Smkn 1 Sumbawa Besar,” Jurnal Informatika Teknologi dan Sains, vol. 3, no. 2, pp. 326–335, May 2021, doi: https://doi.org/10.51401/jinteks.v3i2.1016.
P. Mehran, E. A. Reza, and B. Laleh, “SPKT: Secure Port Knock-Tunneling, an enhanced port security authentication mechanism,” IEEE Xplore, Mar. 01, 2012. doi: https://doi.org/10.1109/ISCI.2012.6222683.
M. Nur et al., “The Effectiveness of the Port Knocking Method in Computer Security,” International Journal of Integrative Sciences, vol. 2, no. 6, pp. 861–868, Jun. 2023, doi: https://doi.org/10.55927/ijis.v2i6.4526.
J. M. Parenreng, F. Rizal, and M. S. Wahyuni, “Simulation and Analysis of Network Security using Port Knocking and Intrusion Prevention System on Linux Server,” Internet of Things and Artificial Intelligence Journal, vol. 4, no. 2, pp. 226–243, May 2024, doi: https://doi.org/10.31763/iota.v4i2.726.
التنزيلات
Key Dates
الإستلام
النسخة النهائية
الموافقة
النشر الالكتروني
منشور
إصدار
القسم
الرخصة
الحقوق الفكرية (c) 2025 Sadeer Sadeq Abduljabbar Altai, Wid Badee Abdulaziz, Rafid najim abdullah alsaadi, Mabrouka M.A. Algherini (Author)
هذا العمل مرخص بموجب Creative Commons Attribution 4.0 International License.
