{"id":50047015,"url":"https://github.com/yeszi/ubuntu-lynis-fail2ban","last_synced_at":"2026-05-21T06:18:48.061Z","repository":{"id":326083720,"uuid":"1103791160","full_name":"yeszi/ubuntu-lynis-fail2ban","owner":"yeszi","description":"hardening keamanan ubuntu, lynis sebagai sistem audit dan fail2ban untuk pencegahan intrusi.","archived":false,"fork":false,"pushed_at":"2025-12-19T16:04:05.000Z","size":2273,"stargazers_count":1,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"portofolio-grayesi-backend","last_synced_at":"2025-12-21T19:14:43.508Z","etag":null,"topics":["baseline","fail2ban","lynis-setup","ubuntu"],"latest_commit_sha":null,"homepage":"","language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/yeszi.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2025-11-25T10:43:51.000Z","updated_at":"2025-12-19T16:04:09.000Z","dependencies_parsed_at":"2026-01-05T06:08:39.988Z","dependency_job_id":null,"html_url":"https://github.com/yeszi/ubuntu-lynis-fail2ban","commit_stats":null,"previous_names":["yeszi/ubuntu-lynis-fail2ban"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/yeszi/ubuntu-lynis-fail2ban","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/yeszi%2Fubuntu-lynis-fail2ban","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/yeszi%2Fubuntu-lynis-fail2ban/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/yeszi%2Fubuntu-lynis-fail2ban/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/yeszi%2Fubuntu-lynis-fail2ban/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/yeszi","download_url":"https://codeload.github.com/yeszi/ubuntu-lynis-fail2ban/tar.gz/refs/heads/portofolio-grayesi-backend","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/yeszi%2Fubuntu-lynis-fail2ban/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":33290932,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-21T02:57:32.698Z","status":"ssl_error","status_checked_at":"2026-05-21T02:57:31.990Z","response_time":62,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["baseline","fail2ban","lynis-setup","ubuntu"],"created_at":"2026-05-21T06:18:47.258Z","updated_at":"2026-05-21T06:18:48.051Z","avatar_url":"https://github.com/yeszi.png","language":null,"funding_links":[],"categories":[],"sub_categories":[],"readme":"# 🛡️ Studi kasus Proyek 3 : Hardening Sistem Linux dan Audit Keamanan\n\n![Ubuntu](https://img.shields.io/badge/OS-Ubuntu_Server-orange)\n![Lynis](https://img.shields.io/badge/Security-Lynis_Audit-blue)\n![Fail2Ban](https://img.shields.io/badge/Protection-Fail2Ban-red)\n\n## 🛡️ Anggota Tim Kelompok 3\n* **2201020130**  Grayesi Silitonga\n* **2201020091**  Yohani Natalia Simanullang\n* **2201020083**  Winda Aulia Ariyani\n* **2201020035**  Enjelita Br Ginting\n\n## 📋 Dokumentasi Setiap Minggu \n-  [Link Laporan ](#Link_Laporan)  **(https://drive.google.com/file/d/1i7Qx2GgxNrYhgzOOa6tjpmkz_9ovfHyx/view?usp=sharing)**\n-  [Link Poster ](#Link_Poster) **(https://drive.google.com/file/d/18xrMtQ_c0s5rxEtihnwWg6esosYuMEON/view?usp=sharing)**\n-  [Link Tabel Hasil Pengujian](#Link_Tabel) **(https://drive.google.com/file/d/1hxw6CZ5gvmACXBnsr2RfLUVjcNC-S3Ew/view?usp=sharing)**\n-  [Minggu 1](#Minggu_1)  **Instalasi Linux (VM) Baseline Audit**\n\n```javascript\n# Clone repository Lynis\ngit clone https://github.com/CISOfy/lynis\n\n# Masuk ke direktori\ncd lynis \u0026\u0026 chmod +x lynis\n\n# Jalankan audit sistem\nsudo ./lynis audit system\n```\n-  Perintah untuk menginstal dan menjalankan audit sistem\n![Minggu 1](./Minggu%201/lynis_baseline.png)\n\n- [Minggu 2](#Minggu_2) **Konfigurasi User \u0026amp; Permission Management**\n- Cek Konfigurasi\n  \n```javascript\n# Instal UFW (jika belum ada)\nsudo apt install ufw\n\n# Atur kebijakan default (Tolak masuk, Izinkan keluar)\nsudo ufw default deny incoming\nsudo ufw default allow outgoing\n\n# Izinkan akses SSH pada Port Custom (2222)\n# Catatan: Sesuaikan dengan port SSH yang akan digunakan\nsudo ufw allow 2222/tcp\n\n# Aktifkan Firewall\nsudo ufw enable\n\n# Cek status aturan\nsudo ufw status verbose\n```\n![Minggu 2](./Minggu%202/atur_konfigurasi.jpg)\n\n- [Minggu 3](#Minggu_3) **Konfigurasi Firewall (UFW / iptables)**\n- Cek SSH\n\n```javascript\nsudo nano /etc/ssh/sshd_config\n\n//cuplikan code\nPort 2222                 # Ubah port default (22) ke 2222 (Security by Obscurity)\nPermitRootLogin no        # Matikan login root\nPubkeyAuthentication yes  # Wajibkan penggunaan SSH Key\nPasswordAuthentication no # (Opsional) Matikan login password jika SSH Key sudah aktif\n\nsudo systemctl restart ssh\n\n```\n\n![Minggu 3](./Minggu%203/mengaktifkan_ufw_dan_mengecek_status_rule.png)\n![Minggu 3](./Minggu%203/atur_policy_default_dan_membuka_port_2222_untuk_ssh.png)\n\n- [Minggu 4](#Minggu_4) **Hardening SSH + fail2ban**\n  \n```javascript\n# Instal Fail2Ban\nsudo apt update \u0026\u0026 sudo apt install fail2ban -y\n\n# Salin konfigurasi default agar aman saat update\nsudo cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local\n\n# Edit konfigurasi jail.local\nsudo nano /etc/fail2ban/jail.local\n\n//TOML\n[sshd]\nenabled = true\nport    = 2222            # Wajib sesuaikan dengan port SSH yang baru\nlogpath = %(sshd_log)s\nbackend = %(sshd_backend)s\nmaxretry = 3              # Blokir setelah 3x gagal login\nbantime = 3600            # Blokir selama 1 jam\n\nsudo systemctl enable fail2ban\nsudo systemctl start fail2ban\n\n```\n\n![Minggu 4](./Minggu%204/konfigurasi_ssh_dan_statusnya.png)\n![Minggu 4](./Minggu%204/instal_faillban.png)\n\n- [Minggu 5](#Minggu_5) **Audit ulang \u0026amp; scoring keamanan (Lynis)**\n\n```javascript\n# Cek status Fail2Ban (pastikan Jail SSH aktif)\nsudo fail2ban-client status sshd\n\n# Jalankan audit ulang dengan Lynis\ncd lynis\nsudo ./lynis audit system\n\n```\n![Minggu 5](./Minggu%205/audit_lynis.png)\n![Minggu 5](./Minggu%205/setelah_hardening.jpg)\n\n---\n\n## 🧐 Tujuan Proyek\n1. Meningkatkan keamanan OS dan mengaudit kerentanan konfigurasi.\n\n## 💻 Lingkungan Sistem\n* **OS:** Ubuntu Server 20.04 LTS (Running on VirtualBox)\n* **RAM:** 8GB\n* **Tools:**  Lynis v3.0.9, Fail2Ban v0.11\n\n---\n\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fyeszi%2Fubuntu-lynis-fail2ban","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fyeszi%2Fubuntu-lynis-fail2ban","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fyeszi%2Fubuntu-lynis-fail2ban/lists"}