Analisis Keamanan Layanan SSH terhadap Brute Force Attack

Authors

  • Putri Balqis Institut Teknologi Bacharuddin Jusuf Habibie
  • Rakhmadi Rahman Institut Teknologi Bacharuddin Jusuf Habibie

DOI:

https://doi.org/10.61132/merkurius.v3i4.949

Keywords:

SSH, brute force, Fail2Ban, network security, cyberattack

Abstract

To securely access servers remotely, an important protocol in the modern era is Secure Shell (SSH). However, brute force attacks, which are automated attempts to guess repeated username and password combinations, are often the main target of this service. The purpose of this research is to evaluate the vulnerability of SSH services to brute force attacks and evaluate how effective Fail2Ban is as a mitigation tool. This method uses simulated experiments with two virtual machines; Kali Linux is used as the attacker with the Hydra tool and Ubuntu Server is used as the target. The results show that SSH is highly vulnerable to brute force attacks if not protected. Hundreds of login failures from the same IP without restrictions show this. After using Fail2Ban, the system can automatically find and block the attacker IP after three unsuccessful logins. With easy configuration and fast threat detection, Fail2Ban has been proven to improve the security of SSH services. This study suggests using Fail2Ban to improve the defense of SSH services against cyberattacks, especially brute force attacks.

References

. Christopher, W., & Hermawan, R. Z. (2024). Pemantauan dan Pengawasan Serangan Siber SSH Brute Force di Indonesia dengan IBM QRadar Community Edition. Jurnal Ilmiah Teknik Informatika (TEKINFO), 25(2), 120-127.

. Utomo, B. R., Jati, N. H., Jati, A. K., Saputro, I. A., & Purwidiantoro, M. H. (2024, December). Analisis Implementasi Keamanan Jaringan dengan Fail2ban Terhadap serangan Bruteforce. In Prosiding Seminar Nasional Amikom Surakarta (Vol. 2, pp. 1211-1223).

. Ridho, M. R. M., Hafizh, A., Dani, I., & Ariyadi, T. (2025). Peningkatan Keamanan SSH Server Berbasis Linux melalui Implementasi Fail2Ban dan Uji Serangan Brute Force. Jurnal Penelitian Multidisiplin Bangsa, 1(12), 2206-2214.

. Mubarok, K., & Romli, M. A. (2025). Implementasi Metode Rule Based dalam Mendeteksi Serangan Brute Force pada Owncloud: Implementation of Rule Based Method in Detecting Brute Force Attacks on Owncloud. MALCOM: Indonesian Journal of Machine Learning and Computer Science, 5(1), 159-167.

Downloads

Published

2025-07-08

How to Cite

Putri Balqis, & Rakhmadi Rahman. (2025). Analisis Keamanan Layanan SSH terhadap Brute Force Attack. Merkurius : Jurnal Riset Sistem Informasi Dan Teknik Informatika, 3(4), 240–246. https://doi.org/10.61132/merkurius.v3i4.949

Issue

Vol. 3 No. 4 (2025): Juli : Merkurius : Jurnal Riset Sistem Informasi dan Teknik Informatika

Section

Articles

License

Copyright (c) 2025 Merkurius : Jurnal Riset Sistem Informasi dan Teknik Informatika

Creative Commons License

This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.