Analisis Keamanan Layanan SSH terhadap Brute Force Attack
DOI:
https://doi.org/10.61132/merkurius.v3i4.949Keywords:
SSH, brute force, Fail2Ban, network security, cyberattackAbstract
To securely access servers remotely, an important protocol in the modern era is Secure Shell (SSH). However, brute force attacks, which are automated attempts to guess repeated username and password combinations, are often the main target of this service. The purpose of this research is to evaluate the vulnerability of SSH services to brute force attacks and evaluate how effective Fail2Ban is as a mitigation tool. This method uses simulated experiments with two virtual machines; Kali Linux is used as the attacker with the Hydra tool and Ubuntu Server is used as the target. The results show that SSH is highly vulnerable to brute force attacks if not protected. Hundreds of login failures from the same IP without restrictions show this. After using Fail2Ban, the system can automatically find and block the attacker IP after three unsuccessful logins. With easy configuration and fast threat detection, Fail2Ban has been proven to improve the security of SSH services. This study suggests using Fail2Ban to improve the defense of SSH services against cyberattacks, especially brute force attacks.
References
. Christopher, W., & Hermawan, R. Z. (2024). Pemantauan dan Pengawasan Serangan Siber SSH Brute Force di Indonesia dengan IBM QRadar Community Edition. Jurnal Ilmiah Teknik Informatika (TEKINFO), 25(2), 120-127.
. Utomo, B. R., Jati, N. H., Jati, A. K., Saputro, I. A., & Purwidiantoro, M. H. (2024, December). Analisis Implementasi Keamanan Jaringan dengan Fail2ban Terhadap serangan Bruteforce. In Prosiding Seminar Nasional Amikom Surakarta (Vol. 2, pp. 1211-1223).
. Ridho, M. R. M., Hafizh, A., Dani, I., & Ariyadi, T. (2025). Peningkatan Keamanan SSH Server Berbasis Linux melalui Implementasi Fail2Ban dan Uji Serangan Brute Force. Jurnal Penelitian Multidisiplin Bangsa, 1(12), 2206-2214.
. Mubarok, K., & Romli, M. A. (2025). Implementasi Metode Rule Based dalam Mendeteksi Serangan Brute Force pada Owncloud: Implementation of Rule Based Method in Detecting Brute Force Attacks on Owncloud. MALCOM: Indonesian Journal of Machine Learning and Computer Science, 5(1), 159-167.
Downloads
Published
How to Cite
Issue
Section
License
Copyright (c) 2025 Merkurius : Jurnal Riset Sistem Informasi dan Teknik Informatika

This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.