Analisa dan Implementasi Sistem Keamanan Router Mikrotik dari Serangan Winbox Exploitation, Brute-Force, DoS
DOI:
https://doi.org/10.30865/mib.v5i3.2979Keywords:
Brute-Force, DoS, Network Security, Penetration Testing, Mikrotik Router, Winbox ExploitationAbstract
The advancement of technology development makes it easier to find and share any information using computer networks. Computer networks have been widely applied in homes and offices. The ease of exchanging data on the network makes the availability of computer networks and information security are vulnerable to attacks by threats. On a computer network, the device which has the vulnerability is a router. A router is the outermost device that connects the Local Area Network (LAN) to the internet so that it can be easily attacked by irresponsible parties. The Mikrotik router is a product that is widely used as a gateway router that connects LANs and the Internet. There are so many tools that can be used to carry out attacks on Mikrotik routers such as Hping3 (DoS), Hydra (Brute-Force), and Exploitation Script (Winbox Exploitation). To find out the security loop in Mikrotik routers, this study uses penetration testing methods and attack techniques such as Winbox Exploit, Brute-force, and DoS. After knowing the security gap, the next step is to provide and implementation recommendations so that similar attacks do not occur any more in the future.
References
C. Scholten, “Hacking the router : characterizing attacks targeting low-cost routers using a honeypot router,†2019.
J. M. Ceron, C. Scholten, A. Pras, and J. Santanna, “MikroTik Devices Landscape, Realistic Honeypots, and Automated Attack Classification,†Proc. IEEE/IFIP Netw. Oper. Manag. Symp. 2020 Manag. Age Softwarization Artif. Intell. NOMS 2020, 2020, doi: 10.1109/NOMS47738.2020.9110336.
H. L. J. Bijmans, T. M. Booij, and C. Doerr, “Just the tip of the iceberg: Internet-scale exploitation of routers for cryptojacking,†Proc. ACM Conf. Comput. Commun. Secur., pp. 449–464, 2019, doi: 10.1145/3319535.3354230.
Y. Fadlallah, M. Sbeiti, M. Hammoud, M. Nehme, and A. Fadlallah, “On the Cyber Security of Lebanon: A Large Scale Empirical Study of Critical Vulnerabilities,†8th Int. Symp. Digit. Forensics Secur. ISDFS 2020, 2020, doi: 10.1109/ISDFS49300.2020.9116446.
C. Marrison, “DNS as an attack vector - And how businesses can keep it secure,†Netw. Secur., vol. 2014, no. 6, pp. 17–20, Jun. 2014, doi: 10.1016/S1353-4858(14)70061-3.
D. Aprilianto, T. Fadila, and M. A. Muslim, “Sistem Pencegahan UDP DNS Flood Dengan Filter Firewall Pada Router Mikrotik,†Techno.Com, vol. 16, no. 2, pp. 114–119, 2017, doi: 10.33633/tc.v16i2.1291.
X. Liang and T. Znati, “On the performance of intelligent techniques for intensive and stealthy DDos detection,†Comput. Networks, vol. 164, p. 106906, Dec. 2019, doi: 10.1016/j.comnet.2019.106906.
B. Jaya, Y. Yunus, and S. Sumijan, “Peningkatan Keamanan Router Mikrotik Terhadap Serangan Denial of Service (DoS),†J. Sistim Inf. dan Teknol., vol. 2, pp. 5–9, 2020, doi: 10.37034/jsisfotek.v2i4.81.
A. Amarudin, “Desain Keamanan Jaringan Pada Mikrotik Router OS Menggunakan Metode Port Knocking,†J. Teknoinfo, vol. 12, no. 2, p. 72, 2018, doi: 10.33365/jti.v12i2.121.
R. Liza, “PEMANFAATAN MIKROTIK ROUTER BOARD SEBAGAI PENGAMAN,†pp. 492–499, 2020.
A. Bustami and S. Bahri, “Ancaman, Serangan dan Tindakan Perlindungan pada Keamanan Jaringan atau Sistem Informasi: Systematic Review,†Unistek, vol. 7, no. 2, 2020.
Y. Arta, A. Syukur, and R. Kharisma, “Simulasi Implementasi Intrusion Prevention System (IPS) Pada Router Mikrotik,†It J. Res. Dev., vol. 3, no. 1, pp. 104–114, 2018, doi: 10.25299/itjrd.2018.vol3(1).1346.
Haeruddin, “Security Design And Testing of Lan and Wlan Network in Mikrotik Router Using Penetration Testing Method FROM Mitm Attack,†J. Informatics Telecommun. Eng., vol. 4, no. 1, pp. 119–127, 2020, doi: 10.31289/jite.v4i1.3832.
M. C. Ghanem and T. M. Chen, “Reinforcement learning for efficient network penetration testing,†Inf., vol. 11, no. 1, pp. 1–23, 2020, doi: 10.3390/info11010006.
B. V. Tarigan, A. Kusyanti, and W. Yahya, “Analisis Perbandingan Penetration Testing Tool Untuk Aplikasi Web,†J. Pengemb. Teknol. Inf. dan Ilmu Komput., vol. 1, no. 3, pp. 206–214, 2017.
S. Syed et al., “Case Study : Intranet Penetration Testing of MUET,†vol. 2020, no. December, pp. 17–19, 2019.
S. A. Pamuji, C. Iswahyudi, and T. Informatika, “Analisis Dan Optimasi Dari Simulasi Keamanan Jaringan Menggunakan Firewall Mikrotik Studi Kasus Di Taman Pintar Yogyakarta,†J. JARKOM, vol. 7, no. 1, pp. 65–75, 2020.
I. Kamilah and A. Hendri Hendrawan, “Analisis Keamanan Vulnerability pada Server Absensi Kehadiran Laboratorium di Program Studi Teknik Informatika,†Pros. Semnastek, vol. 16, no. 0, pp. 1–9, 2019, [Online]. Available: https://jurnal.umj.ac.id/index.php/semnastek/article/view/5233.
Downloads
Published
Issue
Section
License
This work is licensed under a Creative Commons Attribution 4.0 International License
Authors who publish with this journal agree to the following terms:
- Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under Creative Commons Attribution 4.0 International License that allows others to share the work with an acknowledgment of the work's authorship and initial publication in this journal.
- Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgment of its initial publication in this journal.
- Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (Refer to The Effect of Open Access).
