The Effectiveness of the Port Knocking Method in Computer Security

Computer network is a group of autonomous computers that are interconnected with each other using communication protocols through communication media so that they can share information, programs, share hardware devices such as printers, hard disks, and so on. One of the most important network components is network security, computer security involves various aspects, including protection against unauthorized access, data theft, system tampering, and operational disruptions. This research method uses descriptive method. At this stage specifications are determined regarding the system that will be designed to meet the objectives of this study, the Port Knocking method to secure the Router can be applied to Mikrotik routers by utilizing a firewall which functions to guard against illegal access and overcome problems caused by Attackers


LITERATURE REVIEW A Computer Network
Network is a telecommunications network that allows computers to communicate with each other by exchanging data. The purpose of a computer network is to be able to achieve its goals, every part of a computer network can request and provide services (service). The party requesting/receiving the service is called the client (client) and the party providing/sending the service is called the server (server). This design is called a client-server system, and is used in almost all computer network.

Computer security
Is the study of the methods, principles and practices used to protect computer systems from threats, attacks and abuse that might undermine the integrity, confidentiality and availability of computer data and resources. Here are some important computer security theories: 1. System Security: This theory deals with the protection of computer systems from threats and attacks. This includes the use of security policies, access management, data encryption, and the use of other technologies to protect systems from attacks of various types. 2. Cryptography: Cryptography is the science and art of hiding information by converting it into an unreadable (encrypted) form and then returning it to its original form (decryption) using a cryptographic key. Cryptographic theory discusses cryptographic algorithms, security protocols, and encryption strength. 3. Network Security: Network security theory focuses on protecting communications and network infrastructure from attacks and threats. This involves using firewalls, intrusion detection, network traffic encryption, and other security techniques to prevent unauthorized access and intrusions. 4. Application Security: Application security theory deals with the design, development, and testing of applications to ensure that they are resistant to attack and abuse. This involves implementing safe development practices, such as input validation, avoidance of common vulnerabilities, and protection against injection, cross-site scripting (XSS) attacks, and other attacks.. 5. Security Management: Security management theory addresses the strategies, policies, and processes used in managing the security of computer systems. This includes risk identification, risk assessment, security monitoring, regulatory compliance and response to security incidents. 6. Information Security: Information security theory includes the principles and practices used to protect critical information from threats and attacks. This involves data protection, information use policies, identity and access management, and secure deletion practices. 7. Physical Security: The theory of physical security deals with the protection of computer hardware and its physical infrastructure. This includes measures such as physical security of the server room, physical access controls, use of access keys and cards, and protection against theft or physical damage.
Port knocking is a computer network security method used to hide normally open ports in a firewall. This method requires special steps to open those ports and allow access to protected.
The port knocking process usually involves the following steps: a) Setting up the firewall: First, the firewall is configured to block all incoming connections to the ports you want to hide. Under normal conditions, these ports cannot be accessed directly from outside the network. b) Knocking pattern: A user wishing to access hidden ports must make a series of connections to certain ports on the protected system in a certain order. This pattern is often a predetermined sequence known to authorized users. c) Opening ports: After a series of connections are established according to the correct knocking pattern, the firewall will detect the sequence and open temporarily hidden ports. The knocking user can then connect to those ports for a set period of time. d) Access to the system: After the ports are open, users who have passed the knocking process can access the system through these ports. Connections to these ports are considered valid by the firewall because they have passed the proper knocking steps.
The advantage of the port knocking method is to protect normally open ports from port scanning attacks by attackers. This method hides those ports effectively and requires knowledge of the correct knocking pattern to gain access to protected systems.
However, it is important to remember that port knocking is not a perfect security solution. This method is still vulnerable to attacks such as replay attacks, where the attack logs and plays back a series of knocking connections previously made by an authorized user. Therefore, the use of port knocking must be done with caution and in combination with other safety measures to achieve a higher level of security combined with other security measures to achieve a higher level of security.

METHODOLOGY
This research method uses descriptive method. At this stage, specifications are determined regarding the system that will be designed to meet the objectives of this research. The stages of the research are shown by the flowchart in Figure 1.

A. Study of literature
Search for references supporting sources that can be used as a reference in making this research as well as other basic theories regarding the design and implementation of the port knocking method.

B. Port knocking
Port knocking is tapping on the communication port in the data communication system. The function and workings of this system are not much different from the literal meaning.
These communication ports are usually the ports in the TCP or UDP protocol which are members of the Transportation layer in the OSI standard .
Through this communication port, the outside world can reach your device. Vice versa, you can also reach those who open certain communication ports. Communication can run smoothly, information exchange becomes easy and your computer convenience increases with the opening of these communication ports. However, sometimes this convenience is often abused by some people. These communication ports are often used as loopholes to enter illegally. The open ports are used as a path to the internal network or to the servers in it, then disrupt it.

RESULTS
Designing a system capable of connecting through closed ports using the port knocking method. The port knocking method is a technique for opening certain ports on a firewall by sending connection packets to a certain number of ports sequentially. Once the correct sequence is received, the firewall rules will change dynamically to allow access to the host that sent the packets. This method is usually implemented by configuring a daemon that monitors firewall log files to look for connection attempts to certain points, and then modifying the firewall configuration accordingly. Port knocking can also be done at the kernel level by using a kernel-level packet filter such as iptables. Although port knocking can increase system security, it must be used with caution because this method can be intercepted by attackers and can lead to system compromises.
One way to mitigate this risk is to add additional security rules such as requesting the source of a packet from a known sender before opening a port. Port knocking can be used to secure SSH services on Linux by allowing access only to users who send certain packet sequences. Port knocking can also be used to hide services and ports from the system. Use case diagrams depict the processes that occur in the port knocking system.

CONCLUSION
Testing the network security system with the Port Knocking method to secure the Router can be applied to Mikrotik routers by utilizing a firewall that functions to guard against illegal access and overcome problems caused by Attackers.

No
Test Components