Pencegahan dan Visualisasi Serangan Brute Force Menggunakan Fail2Ban, Prometheus, dan Grafana Studi Kasus di Sekolah Tinggi Teknologi Terpadu Nurul Fikri
DOI:
https://doi.org/10.55606/jupti.v4i2.5144Keywords:
Brute Force Attack, Fail2Ban, Prometheus, SSH Security, WordPress LoginAbstract
Brute force attacks are a common method used by attackers to breach authentication systems, both on Secure Shell (SSH) services and website login pages such as WordPress. In educational institutions, particularly at the Nurul Fikri Integrated Technology College, authentication system security is crucial for maintaining data confidentiality and integrity. Prior to this research, the system in use was not equipped with an automated defense mechanism capable of responding to brute force attacks quickly and effectively. This research aims to implement Fail2Ban, an open-source application designed to automatically block IP addresses that make failed login attempts exceeding a certain threshold. The research method involved testing two scenarios: an attack on the SSH service using Nmap, and an attack on the WordPress login page using a Python script. The Fail2Ban configuration set the maxretry parameters to five failed attempts, a findtime of 10 minutes, and a bantime of 3 minutes. The test results showed that Fail2Ban successfully blocked the attacker's IP address according to the specified parameters, thus preventing further login attempts. To enhance monitoring capabilities, Fail2Ban is integrated with Prometheus and Grafana using a combination of the Fail2Ban Exporter, Python scripts, and Push Gateway. This integration produces an interactive dashboard that displays metrics such as the number of blocked IP addresses, total failed login attempts, and the status of active blocks. This data visualization allows system administrators to monitor attack activity in real-time and take additional precautions if necessary. Thus, Fail2Ban implementation is not only effective in preventing brute-force attacks but also improves situational awareness and rapid response to security incidents in educational institutions.
References
Azzahrah, B. T., Naufal, M., Hamdi, R., Raynee, R., & Layla, Z. (2024). Tantangan pertahanan dan keamanan data cyber dalam era digital: Studi kasus dan implementasi. Jurnal Pendidikan Tambusai, 8(2), 23934–23943.
Dawamsyach, F., Ruslianto, I., & Ristian, U. (2023). Implementation of IPS (Intrusion Prevention System) Fail2ban on server for DDoS and brute force attacks. CESS (Journal of Computer Engineering and System Sciences), 8(1), 149. https://doi.org/10.24114/cess.v8i1.40259
Dm, M. Y., & Lim, J. (2022). Jurnal Pendidikan dan Konseling, 4, 8018–8023.
Dwiyatno, S., Rachmat, E., Sari, A. P., & Gustiawan, O. (2020). Implementasi virtualisasi server berbasis Docker container. PROSISKO: Jurnal Pengembangan Riset dan Observasi Sistem Komputer, 7(2), 165–175. https://doi.org/10.30656/prosisko.v7i2.2520
Febriyanti, N. M. D., Sudana, A., & ... (2021). Implementasi black box testing pada sistem informasi manajemen dosen. Jurnal Teknologi Rekayasa Teknik Informatika, 2(3). https://doi.org/10.24843/JTRTI.2021.v02.i03.p12
Hartono, B. (2023). Ransomware: Memahami ancaman keamanan digital. Bincang Sains dan Teknologi, 2(02), 55–62. https://doi.org/10.56741/bst.v2i02.353
Helmiawan, M. A., Akbar, Y. H., & Mahardika, F. (2024). Keamanan teknologi informasi: Teori, risiko, dan strategi pertahanan di era digital. https://ebook.lppmunsap.org/index.php/books/article/view/6/8
Holopainen, M. (2021). Monitoring container environment with Prometheus and Grafana (p. 50). https://www.theseus.fi/bitstream/handle/10024/497467/Holopainen_Matti.pdf
Horeb, A. (2023). Perancangan dashboard untuk memantau kinerja dosen Fakultas Teknologi Informasi di Universitas Tarumanagara. Jurnal Ilmu Komputer dan Sistem Informasi, 11(1). https://doi.org/10.24912/jiksi.v11i1.24084
Kustyandi, A., & Noor, S. (2021). Sistem informasi monitoring serangan keamanan mail. Jurnal Ilmiah, 8(2), 42–54.
Prometheus. (n.d.). Push gateway. https://prometheus.io/docs/practices/pushing
Puriwigati, A. N., & Buana, U. M. (2020). Sistem informasi manajemen-keamanan informasi.
Rahman, D., Amnur, H., & Rahmayuni, I. (2020). Monitoring server dengan Prometheus dan Grafana serta notifikasi Telegram. JITSI: Jurnal Ilmiah Teknologi Sistem Informasi, 1(4), 133–138. https://doi.org/10.30630/jitsi.1.4.19
Rifandi, R. (2021). Raspberry dengan aplikasi Telegram berbasis Internet of Things. PROSISKO: Jurnal Pengembangan Riset dan Observasi Sistem Komputer, 8(1). https://doi.org/10.30656/prosisko.v8i1.3101
Siddiq, A., Yudiastuti, H., & Panjaitan, F. (2020). Analisis perilaku malware dengan metode surface analysis dan runtime analysis. Jurnal Software Engineering Ampera, 1(3), 160–174. https://doi.org/10.51519/journalsea.v1i3.53
Sumayyah, Z. I., Permana, S. D. S., Tsabit, M., & Setiawan, A. (2024). Penerapan dan mitigasi teknik Slowloris dalam serangan distributed denial-of-service (DDoS) terhadap website ilegal dengan Kali Linux. Jurnal Internet Software Engineering, 1(2), 14. https://doi.org/10.47134/pjise.v1i2.2694
Syaputera, A., Riska, R., & Mardiana, Y. (2023). Hotspot network security system from brute force attack using Pfsense external firewall (Case study of Wifi-Ku.Net Hotspot). Jurnal Komputer, Informasi dan Teknologi, 3(1), 205–218. https://doi.org/10.53697/jkomitek.v3i1.1286
Taufan, P. (2022). Pengamanan jaringan komputer dengan intrusion prevention system (IPS) berbasis SMS Gateway. Teknologipintar.org, 2(6), 1–13.
Downloads
Published
How to Cite
Issue
Section
License
Copyright (c) 2025 Jurnal Publikasi Teknik Informatika
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.
