The Implementation of Wireshark and IPtables Firewall Collaboration to Improve Traffic Security on Network Systems

Abstract

Along with the development of the internet era which is very fast today, the network security system becomes a very urgent matter and needs attention. The number of criminal activities and cyber attacks that attack servers through the network makes a server administrator need to make extra efforts in maintaining and monitoring data traffic that enters or leaves the server system. One of the efforts often made by server admins is to monitor server activity and then immediately secure the server from attacks that they identify from the monitoring results. data packets. Here an algorithm is built where the output of the Wireshark application is an analysis result that will distinguish the presence of a malicious accessing IP and then notify the server admin to set the firewall and block the IP that is considered dangerous, or analyze the port that is temporarily under attack and then notify the admin to close the port. . From the results of this algorithm research by simulating attacks using Synflood Attack on the server, it can be seen that the level of effectiveness of the algorithm in dealing with attacks can make RAM and CPU lighter so that it does not burden the hardware when compared to without using the algorithm and also makes system network traffic more efficient.