Analisis Implementasi Honeypot dan Firewall Mikrotik dalam Meningkatkan Keamanan Jaringan Server

Authors

  • Ardy Januantoro Universitas 17 Agustus 1945 Surabayaa https://orcid.org/0009-0007-2993-9563
  • Supangat Supangat Universitas 17 Agustus 1945 Surabaya
  • Agus Hermanto Universitas 17 Agustus 1945 Surabaya
  • Fadli Bilal Afifuddin Universitas 17 Agustus 1945 Surabaya
  • Hikmawan Nugie Ramadhan Universitas 17 Agustus 1945 Surabaya

DOI:

https://doi.org/10.26418/justin.v14i2.98337

Keywords:

Firewall Mikrotik, Honeypot, Keamanan Jaringan, Cowrie, Analisis Serangan

Abstract

Serangan terhadap jaringan server semakin meningkat, terutama dengan memanfaatkan kelemahan pada layanan yang diekspos melalui IP publik. Upaya mitigasi memerlukan strategi berlapis, salah satunya dengan penerapan firewall dan honeypot. Penelitian ini bertujuan menganalisis efektivitas implementasi firewall Mikrotik dan honeypot berbasis Cowrie dalam mendeteksi serta mencegah berbagai bentuk serangan, seperti port scanning, brute-force login, file upload berbahaya, hingga ICMP flood. Hasil pengujian menunjukkan bahwa tanpa firewall, port terdeteksi terbuka dan proses brute-force hanya membutuhkan waktu sekitar 10 detik untuk berhasil melakukan login. Dengan firewall, port terfilter secara acak, proses brute-force gagal atau timeout, dan serangan login tidak berhasil. Implementasi honeypot mencatat 20 percobaan login SSH, 18 upaya unggah file berbahaya, 231 eksekusi perintah Linux, dan 96 aktivitas port scanning. Analisis keseluruhan memperlihatkan bahwa firewall Mikrotik mampu menurunkan tingkat keberhasilan serangan, sementara honeypot berfungsi efektif sebagai sistem deteksi dini dan sumber data serangan. Meskipun konsumsi CPU server meningkat sedikit, kombinasi kedua mekanisme ini terbukti meningkatkan keamanan jaringan server

References

A. Januantoro and S. Supangat, “DETEKSI SERANGAN JARINGAN KOMPUTER BERBASIS SNORT DENGAN INTEGRASI NOTIFIKASI REAL-TIME MELALUI TELEGRAM,” Jurnal Mnemonic, vol. 8, no. 1, pp. 100–105, Mar. 2025, doi: 10.36040/mnemonic.v8i1.12175.

R. S. Sandhu and P. Samarati, “Access control: principle and practice,” IEEE Communications Magazine, vol. 32, no. 9, pp. 40–48, Sep. 1994, doi: 10.1109/35.312842.

M. Zhang, P. Zhang, and X. Tang, “Application of Firewall Technology in Computer Network Information Security,” Artificial Intelligence Technology Research, vol. 2, no. 3, Aug. 2024, doi: 10.18686/aitr.v2i3.4404.

“Firewall: A Security Point of a Network,” International Journal of Science and Research (IJSR), vol. 4, no. 12, pp. 1568–1570, Dec. 2015, doi: 10.21275/v4i12.NOV152325.

A. Singh, J. Prakash, G. Kumar, P. K. Jain, and L. S. Ambati, “Intrusion Detection System,” Journal of Database Management, vol. 35, no. 1, pp. 1–25, Feb. 2024, doi: 10.4018/JDM.338276.

“HONEYPOT BASED INTRUSION DETECTION SYSTEM,” International Journal For Innovative Engineering and Management Research, pp. 447–480, Sep. 2022, doi: 10.48047/IJIEMR/V11/I06/28.

O. R. Sanchez, I. Torre, and B. P. Knijnenburg, “Semantic-based privacy settings negotiation and management,” Future Generation Computer Systems, vol. 111, pp. 879–898, Oct. 2020, doi: 10.1016/j.future.2019.10.024.

J. Arquilla and J. Roschelle, “How WWII was won, and why CS students feel unappreciated,” Commun ACM, vol. 63, no. 8, pp. 6–7, Jul. 2020, doi: 10.1145/3403958.

N. P. de Souza, C. de A. C. César, J. de M. Bezerra, and C. M. Hirata, “Extending STPA with STRIDE to identify cybersecurity loss scenarios,” Journal of Information Security and Applications, vol. 55, p. 102620, Dec. 2020, doi: 10.1016/j.jisa.2020.102620.

S. N. Abas and P. Kaur, “Honeypot : A Trap for Attackers,” International Journal of Scientific Research in Computer Science, Engineering and Information Technology, pp. 238–243, Feb. 2021, doi: 10.32628/CSEIT217142.

Z. Zhou and W. Shen, “HoneyPot : Enhancing Cybersecurity through a computer simulation technology,” Highlights in Science, Engineering and Technology, vol. 105, pp. 97–101, Jun. 2024, doi: 10.54097/0q8h9k30.

G. Purswani, H. N., R. K. Singh, R. Parashar, and D. C. D., “HoneyPot in a Container with Detailed Analytics,” Applied and Computational Engineering, vol. 2, no. 1, pp. 1017–1025, Mar. 2023, doi: 10.54254/2755-2721/2/20220666.

R. Sulaiman, A. Mardeka Raya, L. Laurentinus, and P. Padli, “Pemanfaatan Mikrotik RB942-2ND Menggunakan Metode Firewall Filtering Untuk Keamanan Jaringan Dengan Model Forensikk,” J Teknol, vol. 17, no. 1, pp. 65–71, Jul. 2024, doi: 10.34151/jurtek.v17i1.4725.

“A Comprehensive Analysis of Network Scanning and Security Assessment Tool,” International Journal of Network Security & Its Applications, vol. 16, no. 6, pp. 101–112, Nov. 2024, doi: 10.5121/ijnsa.2024.16607.

Sarah Aulia Rahmah, “Efektifitas Penerapan Algoritma Brute Force dan Penyalahgunaannya Dalam Sistem Berbasis Web,” Journal of Computers and Digital Business, vol. 2, no. 3, pp. 112–119, Sep. 2023, doi: 10.56427/jcbd.v2i3.235.

I.-I. BRĂSLAȘU, A.-D. ANDRONESCU, and D.-I. NĂSTAC, “Easy to Remember, Hard to Guess: A Password Generation Tool for the Digital Age,” in Proceedings of the International Conference on Cybersecurity and Cybercrime (IC3), Romanian Association for Information Security Assurance, May 2023, pp. 113–119. doi: 10.19107/CYBERCON.2023.15.

Downloads

Published

2026-04-06

Issue

Section

Articles