Kembali ke Library
Khay
Baca Bahasa Indonesia

Manual Terminal & Security Protocols: Khayrun's Logic Boundary

#Security#Manual#Terminal#System

Welcome to KS-OS v2.3 Terminal

If you are reading this, chances are you just opened the Terminal tab on this portfolio and were greeted by a blinking command line.

This isn't just CSS decoration. This is the Khayrun System Terminal (KS-OS), a functional interface bridging backend server logic with frontend aesthetics.

But remember: Every system has boundaries.

This article is the official documentation on what you can do, and more importantly, what will happen if you try to cross the line.

1. Guest Mode (Guest Access)

By default, you log in as guest@rafi. This is the safe zone. You are free to explore without risking setting off security alarms.

Basic Commands:

  • help: Displays a list of all available commands.
  • whoami: Displays a short narrative about who I am (Rafi Khairan).
  • projects: Access code and research project archives.
  • books: View my fiction writing catalog.
  • contact: Display contact info (GitHub, LinkedIn, Email).
  • clear: Clears the screen.

Use this mode to get to know me better through pure text, without visual distractions.

2. Network Utilities

This terminal comes equipped with real network diagnostic tools running on the server. Not mere JavaScript simulations.

  • ping [host]: Sends ICMP packets to target.
  • scan [host]: Performs a simple TCP Port Scan.
  • dns [domain]: Performs DNS Lookup (A Records).
  • whois [domain]: Checks domain registration info via RDAP.

Warning: Use of these tools is monitored. Do not use for illegal purposes.

3. "Paranoid" Security Protocols (The Boundary)

Here is where it gets serious. I apply a strict Defense in Depth philosophy to protect this infrastructure.

A. Root Access (Geo-Fenced & Restricted)

The su (Switch User) command is used to enter Root mode.

  • Indonesia Only: Root login access and execution of sensitive network tools are restricted to IPs originating from Indonesia (Geo-Fencing). If you access from abroad (or via foreign VPN), the system will silently reject you (Silent Reject).
  • Short Session: If login is successful, the root session is valid for only 2 minutes. After that, the token burns out and you revert to Guest.

B. The Three-Strike Rule (Permanent Ban)

This system does not tolerate Brute Force.

  • If you enter the wrong root password 3 times, the system will deem you a threat.
  • Consequence: Your device will get a special "mark" in local storage.
  • Result: Access to the Terminal will be permanently locked. You will only see a red screen reading "SYSTEM LOCKED".

C. Anti-Incognito & Anonymity

The system has heuristics to detect private modes (Incognito/Private Window).

  • We monitor browser storage quotas. If an anomaly characterizing private mode is detected, terminal access will be denied.
  • Transparency is key. Do not hide.

D. Anti-SSRF & DNS Rebinding

For the technically inclined who might think of using scan or ping to map the internal server network (SSRF).

  • Don't waste your time.
  • The system uses a Resolve-First method: The domain you enter is converted to an IP first.
  • This IP is matched against a blocklist (Private IP ranges like 127.0.0.1, 192.168.x.x, 10.x.x.x).
  • Connections are only made to IPs verified as safe.

The Philosophy Behind The Strictness

It might seem excessive for a web portfolio. But for me, this is a manifestation of my novel character, Khayrun.

Khayrun lives by the logic that uncontrolled variables are the source of Chaos. This system security is my way of maintaining "constants" amidst the random variables of the internet.

So, please explore. Use wisely. But do not try to break the walls I have built.

Enjoy the logic.

- Rafi Khairan (Root)