[Snort-users] Snort doubt
dirk at ...10648...
Tue Dec 13 11:12:01 EST 2005
> What the Snort's state of art about IPv6 support?
> Can Snort identify IPv6 attacks attempts in the network?
not yet... A long time ago Marty released a beta (or alpha)
version of snort supporting IPv6. But it was more a framework
than an usable system.
The actual version of snort is only IPv4 capable, IPv6 packets
are only counted.
> I searched in the Snort.org page and I discovered that IPv6 appears in Snort
> Static's. I find to, that exists at least 3 rules for IPv6 (ICMP IPV6
> I-Am-Here, ICMP IPV6 I-Am-Here undefined code, ICMP IPV6 Where-Are-You, ICMP
> IPV6 Where-Are-You undefined code) intrusion detection.
This are IPv4 ICMP messages regarding to an original IPv6 packet. So
this works for snort...
More information about the Snort-users