Secure random port list generator pada mekanisme autentikasi dengan menggunakan port knocking dan secure socket layer

Abstract

Port Knocking is an authentication process done by tapping a particular port to open and close the connection to a service. In general, the knocking port has a fixed procedure to assign ports list. This is what prompted the emergence of research related to the implementation of Secure Random Port List Generator (SRPLG), through the design of a system capable of scrambling the list of ports used for knocking. In addition, the system is also designed to be able to transmit random ports list information to clients via a secure path. This SRPLG server will be integrated into the Port Knocking authentication mechanism. Implementation of this method aims to create a dynamic authentication procedure, secure and efficient in securing the SSH server. The test results show that the secure random port list generator server in scrambling the list of knocking ports is able to generate an ever-changing port list every time a client requests. Then from the sniffing done to the data transmitted by the SRPLG server and the client indicates that all captured information has been encrypted by secure socket layer or SSL. Performance test marks SRPLG server to the number of clients who make requests, average takes between 0.01 seconds to 0.06 seconds in every variation of performance testing. In the last test shows SSH server has been successfully secured with Port Knocking configuration from attack port scanning attack, where all port information is displayed, not found any fault that can exploit.