LOG ANALYSIS IN THE USER ACCESS ON THE WEB SERVICES SERVER FOR SECURITY SISTEM EVALUATION

Abstract

Internet servers provide a variety of services including a  web server, mail server, SSH, POP3, IMAP, and many others. It is quite important in a server to keep the server continues to run as normal and safe from tampering. In this case the need to look at the security aspects of the system. This study aims to evaluate webserver, from the log stored on the server. Log in evaluation in the form of access to the SSH access log and access to email from auth.log in linux server. Data retrieved from the server logs of webservers that use virtualmin as the control panel. From the results of the study showed that the issue of security against attacks to SSH servers are more common in the public than to attack email. SSH attacks to occur on average in five times in every minute. IP address of the attacker from statistical data is mostly from China. Although this data is only the IP data origin only, this does not directly reflect the actual origin of the perpetrator.

 

 

Keywords: log server, virtualmin, linux, sshserver, email server.