Implementation of Port Knocking with Telegram Notifications to Protect Against Scanner Vulnerabilities

  • Husain Husain Universitas Bumigora
  • I Putu Hariyadi Universitas Bumigora, Mataram, Indonesia
  • Kurniadin Abd Latif Universitas Bumigora, Mataram, Indonesia
  • Galih Tri Aditya Universitas Bumigora, Mataram, Indonesia
DOI: https://doi.org/10.30812/matrik.v23i1.3459
Keywords: Mikrotik Router, Port Knocking, Telegram Notification, Vulnerability

Abstract

The opening of the service port on the Mikrotik router provides an opening for hackers to enter the Mikrotik service to access the router illegally. This research aimed to close certain ports that are gaps for hackers and uses port knocking and telegram bots. The Telegram bot was used as a message notification to managers in real-time to provide information that occurs when the vulnerability scanning process is carried out to find and map weaknesses in the network system. Searching for weaknesses also includes looking for open router service ports such as ports 22, 23, 80, and 8291. This research used the Network Development Life Cycle method, which started from analysis design and prototype simulation to implementation. The research results after testing were able to secure local network service ports against vulnerability scanners on routers using the port knocking method, and testing attack schemes carried out from each scheme could run well on the router’s local network and obtain notifications via telegram bots in real time to administrators. This research contributes to administrators’ ability to secure networks so irresponsible people do not easily infiltrate them.

Downloads

Download data is not yet available.

References

[1] L. Grinin and A. Grinin, “Technologies: Limitless possibilities and effective control,” in Reconsidering the Limits to Growth: A
Report to the Russian Association of the Club of Rome. Springer, 2023, pp. 139–154.
[2] Y. Edan, G. Adamides, and R. Oberti, “Agriculture automation,” Springer Handbook of Automation, pp. 1055–1078, 2023.
[3] H. Husain, A. Anggrawan, H. Santoso, H. T. Sihotang, D. Pyanto, and F. R. Hidayat, “Pengaturan Bandwidth Management Dan
Time Limitation Berbasis User Manajer Mikrotik,” Jurnal Mantik Penusa, vol. 2, no. 2, 2018.
[4] A. Georgiadou, A. Michalitsi-Psarrou, and D. Askounis, “A security awareness and competency evaluation in the energy sector,”
Computers & Security, vol. 129, p. 103199, 2023.
[5] V. Mahendra and B. Soewito, “Penerapan Kerangka Kerja NIST Cybersecurity dan CIS Controls sebagai Manajemen Risiko
Keamanan Siber,” Techno. Com, vol. 22, no. 3, pp. 527–538, 2023.
[6] B. S. Prawiraharjo, F. X. Priyono, and N. Trihastuti, “The Jurisprudence Regarding the Protection of Personal Data for the
Communities and Business Actors in Indonesia,” in Proceedings of the 1st International Workshop on Law, Economics and
Governance, IWLEG 2022, 27 July 2022, Semarang, Indonesia, 2023.
[7] T. Sutikno and D. Stiawan, “Cyberattacks and data breaches in Indonesia by Bjorka: hacker or data collector?” Bulletin of
Electrical Engineering and Informatics, vol. 11, no. 6, pp. 2989–2994, 2022.
[8] K. Kimani, V. Oduol, and K. Langat, “Cyber security challenges for IoT-based smart grid networks,” International journal of
critical infrastructure protection, vol. 25, pp. 36–49, 2019.
[9] R. Adrian, T. Widiasari, M. A. R. Somardani, and A. J. Okke, “Malware Clustering System using Moth-Flame Optimization as
IoT Security Strengthening,” in 2023 International Conference on Computer Science, Information Technology and Engineering
(ICCoSITE). IEEE, 2023, pp. 279–283.
[10] I. Pali and R. Amin, “PortSec: Securing Port Knocking System using Sequence Mechanism in SDN Environment,” in 2022
International Wireless Communications and Mobile Computing (IWCMC). IEEE, 2022, pp. 1009–1014.
[11] R. R and Y. Muin, “MikroTik Router Vulnerability Testing for Network Vulnerability Evaluation using Penetration Testing
Method,” International Journal of Computer Applications, vol. 183, no. 47, pp. 33–37, 2022.
[12] A. Mursyidah, Husaini, Atthariq, Muhammad Arhami, Hari Toha Hidayat and Ramadhona, “Analysis and implementation of the
Port Knocking method using Firewall-based Mikrotik RouterOS,” IOP Conference Series: Materials Science and Engineering,
vol. 536, no. 1, 2019.
[13] H. Hui, Y. Ding, Q. Shi, F. Li, Y. Song, and J. Yan, “5G network-based Internet of Things for demand response in smart grid: A
survey on application potential,” Applied Energy, vol. 257, p. 113972, 2020.
[14] A. Tewari and B. B. Gupta, “Security, privacy and trust of different layers in Internet-of-Things (IoTs) framework,” Future
generation computer systems, vol. 108, pp. 909–920, 2020.
[15] M. Alawida, A. E. Omolara, O. I. Abiodun, and M. Al-Rajab, “A deeper look into cybersecurity issues in the wake of Covid-19:
A survey,” Journal of King Saud University-Computer and Information Sciences, 2022.
[16] A. Aldahmani, B. Ouni, T. Lestable, and M. Debbah, “Cyber-security of embedded IoTs in smart homes: challenges, requirements,
countermeasures, and trends,” IEEE Open Journal of Vehicular Technology, vol. 4, pp. 281–292, 2023.
[17] L. Wu, A. Jaiprakash, A. K. Pandey, D. Fontanarosa, Y. Jonmohamadi, M. Antico, M. Strydom, A. Razjigaev, F. Sasazawa, and
J. Roberts, “Robotic and image-guided knee arthroscopy,” in Handbook of robotic and image-guided surgery. Elsevier, 2020,
pp. 493–514.
[18] A. Shekargoftar, H. Taghaddos, A. Azodi, A. Nekouvaght Tak, and K. Ghorab, “An integrated framework for operation and
maintenance of gas utility pipeline using BIM, GIS, and AR,” Journal of Performance of Constructed Facilities, vol. 36, no. 3,
p. 4022023, 2022.
[19] A. Blaise, M. Bouet, V. Conan, and S. Secci, “Detection of zero-day attacks: An unsupervised port-based approach,” Computer
Networks, vol. 180, p. 107391, 2020.
[20] R. Muwardi, H. Gao, H. U. Ghifarsyam, M. Yunita, A. Arrizki, and J. Andika, “Network security monitoring system via
notification alert,” Journal of Integrated and Advanced Engineering (JIAE), vol. 1, no. 2, pp. 113–122, 2021.
[21] A. Lamssaggad, N. Benamar, A. S. Hafid, and M. Msahli, “A survey on the current security landscape of intelligent transportation
systems,” IEEE Access, vol. 9, pp. 9180–9208, 2021.
[22] N. S. Chahal, P. Bali, and P. K. Khosla, “A Proactive Approach to assess web application security through the integration of
security tools in a Security Orchestration Platform,” Computers & Security, vol. 122, p. 102886, 2022.
[23] W. Major, W. J. Buchanan, and J. Ahmad, “An authentication protocol based on chaos and zero knowledge proof,” Nonlinear
Dynamics, vol. 99, pp. 3065–3087, 2020.
[24] Y. Huang, F. Zhu, L. Liu, W. Meng, S. Hu, R. Ye, and T. Lv, “WNV-Detector: automated and scalable detection of wireless
network vulnerabilities,” EURASIP Journal on Wireless Communications and Networking, vol. 2021, pp. 1–21, 2021.
[25] G. Chalhoub and A. Martin, “But is it exploitable? Exploring how router vendors manage and patch security vulnerabilities in
consumer-grade routers,” 2023.
[26] A. AlSabeh, J. Khoury, E. Kfoury, J. Crichigno, and E. Bou-Harb, “A survey on security applications of P4 programmable
switches and a STRIDE-based vulnerability assessment,” Computer Networks, vol. 207, p. 108800, 2022.
Matrik: Jurnal
Published
2023-11-30
How to Cite
Husain, H., Hariyadi, I. P., Latif, K., & Aditya, G. (2023). Implementation of Port Knocking with Telegram Notifications to Protect Against Scanner Vulnerabilities. MATRIK : Jurnal Manajemen, Teknik Informatika Dan Rekayasa Komputer, 23(1), 215-228. https://doi.org/https://doi.org/10.30812/matrik.v23i1.3459
Issue
Vol 23 No 1 (2023)
Section
Articles
Creative Commons License

This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.

Most read articles by the same author(s)