<![CDATA[Brute force attacks are a common method used by attackers to breach authentication systems, both on Secure Shell (SSH) services and website login pages such as WordPress. In educational institutions, particularly at the Nurul Fikri Integrated Technology College, authentication system security is crucial for maintaining data confidentiality and integrity. Prior to this research, the system in use was not equipped with an automated defense mechanism capable of responding to brute force attacks quickly and effectively. This research aims to implement Fail2Ban, an open-source application designed to automatically block IP addresses that make failed login attempts exceeding a certain threshold. The research method involved testing two scenarios: an attack on the SSH service using Nmap, and an attack on the WordPress login page using a Python script. The Fail2Ban configuration set the maxretry parameters to five failed attempts, a findtime of 10 minutes, and a bantime of 3 minutes. The test results showed that Fail2Ban successfully blocked the attacker's IP address according to the specified parameters, thus preventing further login attempts. To enhance monitoring capabilities, Fail2Ban is integrated with Prometheus and Grafana using a combination of the Fail2Ban Exporter, Python scripts, and Push Gateway. This integration produces an interactive dashboard that displays metrics such as the number of blocked IP addresses, total failed login attempts, and the status of active blocks. This data visualization allows system administrators to monitor attack activity in real-time and take additional precautions if necessary. Thus, Fail2Ban implementation is not only effective in preventing brute-force attacks but also improves situational awareness and rapid response to security incidents in educational institutions.]]>
Copyrights © 2025
