IMPLEMENTASI HARDENING SERVER LINUX UNTUK MENGURANGI RISIKO SERANGAN SIBER

Authors

  • Rakhmadi Rahman Institut Teknologi Bacharuddin Jusuf Habibie Author
  • Moh. Farel Institut Teknologi Bacharuddin Jusuf Habibie Author
  • Muhammad Dirga Sopan Institut Teknologi Bacharuddin Jusuf Habibie Author

DOI:

https://doi.org/10.69714/c4atnn70

Keywords:

Linux hardening, Ubuntu 22.04 LTS, CIS Benchmark, Fail2Ban, Lynis, defense-in-depth

Abstract

Ubuntu 22.04 LTS Linux servers running default configurations are highly vulnerable to cyber threats including ransomware, cryptojacking, and SSH brute force attacks due to 22+ unnecessary open ports, active root login, and weak password authentication on standard port 22. This research implements systematic hardening through Agile Development methodology comprising 4 iterative phases (assessment, implementation, testing, audit) following CIS Ubuntu Linux Benchmark v2.0.0 guidelines. Results demonstrate Lynis security score improvement from 40/100 (medium risk) to 85/100 (good) representing +112.5% enhancement, 86.4% attack surface reduction (22→3 essential ports: SSH 2222, HTTP 80, HTTPS 443), and complete elimination of critical vulnerabilities. Brute force testing using Hydra (1000 attempts) achieved 95% mitigation within <30 seconds through Fail2Ban automated IP blocking via iptables rules. Defense-in-depth architecture comprises UFW default-deny firewall policy, SSH RSA 4096-bit key authentication, AIDE file integrity monitoring, and automated Lynis auditing via cron jobs. The implementation produces production-ready hardened servers with high availability, replicable Standard Operating Procedures (SOP), and addresses Indonesian cybersecurity research literature gaps.

References

Center for Internet Security (CIS). (2024). *CIS Ubuntu Linux 22.04 LTS Benchmark version 2.0.0.* https://www.cisecurity.org/benchmark/ubuntu_linux

Chapple, S. C., Stewart, J. M., & Gibson, D. (2021). *CISSP Certified Information Systems Security Professional official study guide* (9th ed.). Sybex.

Cisofy. (2025). *Lynis enterprise security auditing and hardening guide for Linux.* Cisofy B.V.

Huda, M. N., & Syani, M. (2022). Analisis keamanan server menggunakan metode hardening dan penetrasi terintegrasi. *Jurnal Teknik Informatika dan Sistem Informasi*, 9(1), 112–125.

Lim, J., & Kim, S. (2023). A comprehensive study on Linux kernel hardening techniques against modern exploits. *International Journal of Network Security & Its Applications*, 15(3), 45–60.

Nurhadi, A., & Saputra, R. (2021). Implementasi firewall dan Fail2ban sebagai sistem pertahanan terhadap serangan brute force pada server Linux. *Jurnal Teknologi Informasi dan Komunikasi*, 12(2), 201–215.

Pratama, I. P. A. E. (2020). *Handbook jaringan komputer dan keamanan siber: Teori dan praktik.* Informatika.

Sitorus, M. (2021). Pengaruh financial technology dalam meningkatkan keamanan data digital di era industri 4.0. *Jurnal Ekonomi dan Statistik Indonesia*, 12, 88–102.

Zenarmor. (2025). *Linux server hardening steps and best practices.*

https://www.zenarmor.com/docs/linux-tutorials/linux-server-hardening-steps-and-best-practices

Downloads

Published

2026-01-13

Issue

Vol. 3 No. 2 (2026): April : Jurnal Riset Sistem Informasi

Section

Articles

License

Copyright (c) 2026 Jurnal Riset Sistem Informasi

Creative Commons License

This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.

How to Cite

IMPLEMENTASI HARDENING SERVER LINUX UNTUK MENGURANGI RISIKO SERANGAN SIBER (Rakhmadi Rahman, Moh. Farel, & Muhammad Dirga Sopan, Trans.). (2026). Jurnal Riset Sistem Informasi, 3(2), 39-44. https://doi.org/10.69714/c4atnn70