View Article |
Integrated network monitoring using zabbix with push notification via Telegram
Mohd Faris Mohd Fuzi1, Nur Fatin Mohammad Ashraf2, Muhammad Nabil Fikri Jamaluddin3.
The world is becoming increasingly dependent on online services. To offer a service, a network must be in
good health and free of any attacks. An attack happens when the confidentiality, integrity, or availability
of a service is compromised. Network monitoring is a solution capable of maintaining these network devices
from their usage up to detecting attacks. A denial of service (DoS) attack on a network can affect the
network performance and can cause serious damage. Zabbix is an open-source network monitoring tool
that is versatile and can be used to monitor hosts on a network. The purpose of this project is to detect
possible ping and SYN flooding attempts on a server and send alerts to the administrator via Telegram.
This project uses Zabbix to monitor a server for potential ping and SYN flooding attacks. Tcpdump is used
to log the pings received by the server. When the server continuously receives 10 or more pings per second,
an alert will be automatically generated and sent to the administrator via Telegram. Similarly, a SYN flood
attack is detected by using netstat’s SYN_RECV flags. When the server continuously receives more than 10
SYN packets without an ACK packet, Zabbix will generate alerts that are sent via Telegram and update the
dashboard to show a problem. Zabbix was able to accurately detect all ping flooding attempts on the server.
However, SYN flooding attacks were not as accurately detected. The use of Zabbix can be implemented in
small businesses or networks for an automated monitoring system. Future work can include more DDoS
attacks and adding countermeasure actions when detecting attacks by blocking the IP or port associated
with the attack. SYN flooding detection needs to be improved because only two out of three attacks were
able to be caught.
Affiliation:
- Universiti Teknologi MARA, Perlis Branch, Arau Campus, 02600 Arau, Perlis, Malaysia, Malaysia
- Universiti Teknologi MARA, Perlis Branch, Arau Campus, 02600 Arau, Perlis, Malaysia, Malaysia
- Universiti Teknologi MARA, Perlis Branch, Arau Campus, 02600 Arau, Perlis, Malaysia, Malaysia
Download this article (This article has been downloaded 26 time(s))
|
|
Indexation |
Indexed by |
MyJurnal (2021) |
H-Index
|
0 |
Immediacy Index
|
0.000 |
Rank |
0 |
|
|
|