Jurnal Jaringan Komputer dan Keamanan

Design of Data Security for Remote Access Using IPsec- and SSL-Based VPN

Ahmad Fikri — Sun, 23 Nov 2025 14:52:52 +0000

The rapid advancement of digital communication technologies has increased the need for secure remote access within corporate environments. This study develops and implements a secure network architecture for PT Tanjungenim Lestari Pulp & Paper using Virtual Private Network (VPN) mechanisms based on Internet Protocol Security (IPsec) and Secure Socket Layer (SSL). The existing network, which utilizes a star topology and file-sharing mechanisms, was found to lack sufficient security, particularly in protecting data transmission to external partner companies. The proposed system integrates IPsec-based VPN tunneling to ensure encrypted communication channels and SSL certificates to safeguard FTP authentication processes. Data were collected through action research and document studies, followed by network design, IP addressing, router configuration, VPN deployment, FTP server installation (VSFTPD), and file transfer testing. The results demonstrate successful establishment of secure tunnels, encrypted data exchange, and protection against credential interception during authentication. This study concludes that implementing IPsec VPN and SSL-secured FTP significantly enhances remote access security, maintains data confidentiality, and strengthens the overall network infrastructure of PT Tanjungenim Lestari Pulp & Paper.

Network Security Implementation Against Sniffing Attacks in the IT Services Department of PT Pupuk Sriwidjaja (PUSRI) Palembang

Ardiansyah — Sun, 23 Nov 2025 14:56:06 +0000

Network security is a crucial aspect of maintaining data integrity, confidentiality, and availability within organizations. Sniffing attacks, in which an attacker intercepts and monitors data transmitted over a network, pose a significant threat to data protection. This study aims to analyze the performance of the network security system of the IT Services Department at PT Pupuk Sriwidjaja (PUSRI) Palembang against sniffing threats. The research includes evaluating existing security systems, testing potential sniffing attacks, and implementing and analyzing the effectiveness of various security mechanisms such as encryption, network segmentation, and intrusion detection. The results indicate that appropriate security mechanisms substantially reduce the risk of sniffing attacks. This study also provides recommendations for further improvements, including staff training on cybersecurity best practices and strengthening real-time network monitoring.

Implementation of Radius Server–Based User Management on the WLAN Network of Dinas PUBMTR South Sumatra Province Using RADIUSdesk

Rizky Widiansyah — Sun, 23 Nov 2025 14:59:54 +0000

Wireless Local Area Network (WLAN) technology is widely utilized across government offices, private companies, schools, and healthcare institutions. The Dinas Pekerjaan Umum, Bina Marga, dan Tata Ruang (PUBMTR; Office of Public Works, Highways, and Spatial Planning) of South Sumatra Province is one of the government institutions relying on WLAN technology to support operational activities and internet-based services. However, the agency frequently encounters challenges in managing and authenticating WLAN users, resulting in the absence of differentiation between employee and non-employee access. This condition causes network instability, bandwidth degradation, and operational disruptions during peak usage. This study proposes the implementation of a Radius Server–based user-management system to provide differentiated authentication for employees and ensure more secure, stable WLAN operations. The research methodology includes problem analysis, system design, Radius Server implementation using RADIUSdesk, and WLAN testing. The results indicate that the deployment of Radius Server–based user management using RADIUSdesk successfully improves WLAN management efficiency, simplifies user administration, and enhances network security.

IoT-Based Server Room Temperature and Humidity Monitoring

Asti Triwulanda — Sun, 23 Nov 2025 15:05:31 +0000

Monitoring the environmental conditions of server rooms is essential to ensuring optimal hardware performance, maintaining system reliability, and preventing device failure. This study proposes an Internet of Things (IoT)-based monitoring system for temperature and humidity control using a NodeMCU ESP8266 microcontroller combined with a DHT22 sensor. The system measures environmental conditions in real time and transmits the collected data over a Wi-Fi network to the Blynk platform for visualization and remote monitoring. Alerts are generated when temperature or humidity exceeds predefined thresholds, enabling preventive action to avoid equipment damage. The implementation demonstrated that the system effectively monitors server-room environmental parameters, provides accurate and real-time data visualization, and enhances the overall management of server-room conditions.

Application of Hardening for WLAN Security Optimization in the IT Services Division at PT PUSRI

Muhammad Reihan Pratama — Sun, 23 Nov 2025 15:07:57 +0000

Computer networks typically use two primary transmission methods: wired and wireless networks, commonly referred to as Wireless Local Area Networks (WLANs). In WLAN implementations, the standard security mechanism frequently adopted is Wi-Fi Protected Access 2 Pre-Shared Key (WPA2-PSK), which relies on an SSID and password. Despite this security mechanism, criminal activities such as unauthorized access and network intrusions continue to occur. Therefore, it is essential to enhance network security to ensure that WLAN environments remain secure and capable of minimizing potential risks to users. This study aims to improve and optimize WLAN network security by conducting vulnerability scanning using Nessus to assess existing security conditions, followed by the implementation of hardening techniques to strengthen and obscure vulnerabilities. Hardening includes several approaches such as applying raw firewalls and firewall filters, restricting ports and services, disabling unnecessary services, disabling the MikroTik Neighbor Discovery Protocol (MNDP), and implementing port knocking as an additional layer of protection. The findings indicate that applying vulnerability scanning alongside a structured hardening strategy significantly minimizes identified risks and enhances the overall resilience of the WLAN network against intrusions and security threats.