Sistem Monitoring Login Failure dengan Via Telegram dari Serangan Brutus pada Router Mikrotik

A monitoring system is needed to monitor a network topology from attacks that might occur at that time. A realtime monitoring system is needed to find out the attack. Therefore, in this study, an attack scenario on a proxy router was carried out using a brute force technique. The brute force technique is an efficient method that tries every possible login password character that the network administrator might use. This brute force technique already exists in the application used, namely Brutus. Brutus is executed by focusing the attack on port 23 telnet on the proxy router. The system log listed as a login failure caused by a brute attack on the proxy router will be forwarded by a script that is running to a notification with a network administrator telegram bot. From the results of research that has been carried out on the monitoring system on the proxy running in real time to notify the login failure message via telegram. The telegram notification will stop if the password has been found by Brutus or the Brutus dictionary does not find the password on the designed Mikrotik router network. Prevention is done by disabling open ports and activating the drop firewall menu if it finds a possible attacker's ip address on the mikrotik router to reduce attacks from the attacker.