The security and management of network has become a major issue in the arena of Internet. The attacker can access different types of data i.e. personal data, bank account data, and unauthorized use of system resources in campus network. Various policies and procedures have been developed to secure the network communication over the internet by employing firewalls, encryption, and virtual private networks. On the bases of security requirements, the firewall rules are created to monitor the incoming traffic. Packet filtering technique has become a regular and inexpensive approach to secure the transfer of data over the internet and is used as a first line of defense against attacks. IPTABLES is used to create, maintain and monitor packet filter rules in the Linux operating system. Strong filtering techniques in IPTABLES can be used to make a network robust in nature for securing data transfer or prevent it from attacks. In this paper, study is done, not only to safe guard the network Distributed Denial of Service (DDOS) attacks but also management the network bandwidth. The proposed policy script based on the size and count of packet, blocks the attacker for a period of time. With the use of this policy, it observed that 33.8% bandwidth is always available to genuine users of the IT services.

Network Security, Packets, IPTABLES, Policy Script, Packet Count

[1] S. Taluja, P. K. Verma, R. L. Dua, “Network Security Using IP Firewalls”, International Journal of Advanced Research in Computer Science and Software Engineering, Vol. 2, No. 8, pp. 348-354, 2012.
[2] K. Joshi, T. Kashiparekh, “Implementing Firewall using IP Tables in Linux”, International Journal of Emerging Trends in Science and Technology, Vol. 3, No. 3, pp. 3634-3637, 2016.
[3] S. Kadam, P. S. Tambabde, A. J. Jayant, “Adaptive Packet Filtering Techniques for Linux Firewall”, International Journal of Advance Research, Ideas and Innovations in Technology, Vol. 3, No. 1, pp. 171-174, 2017.
[4] B. Q. M. AL Musawi, “Mitigating DoS/DDoS Attacks using IP Tables”, International Journal of Engineering and Technology, Vol. 12, No. 3, pp. 101-111, 2012.
[5] B. Sharma, K. Bajaj, “Packet filtering using IP Tables in Linux”. International Journal of Computer Science Issues, Vol. 8, No. 4, pp. 320-325, 2011.
[6] N. D. Lal, B. Ghorbani, S. Vaghri, “A Survey on the use of GNS3 for Virtualizing Computer Networks”, International Journal of Computer Science and Engineering, Vol. 5, No. 1, pp. 49-58, 2016.
[7] W. Makasiranondh, S. P. Maj, D. Veal, “Pedagogical evaluation of simulation tools usage in Network Technology Education”, World Transactions on Engineering and Technology Education, Vol. 8, No. 3, pp. 321-324, 2010.
[8] A. M, M. Montero, D. R, Manzano, “Design and Development of Hands-on Network Lab Experiments for Computer Science Engineers”, International Journal of Engineering Education, Vol. 33, No. 2, pp. 855-864, 2017.
[9] A. Jalaparthi, A.S. Kumar, “Monitoring and Analysis of Real time detection of traffic from twitter stream analysis”, International Journal of Scientific Research in Computer Science and Engineering, Vol. 4, No. 3, pp. 34-37, 2016.
[10] P. M, A. S. Thanamani, “Real-time Packet Performances under Socket Application”, International Journal of Scientific Research in Network Security and Communication, Vol. 5, No. 3, pp. 84-89, 2017.