Snort mailing list archives
Re: IPV6 settings for snort
From: "Joel Esler \(jesler\) via Snort-users" <snort-users () lists snort org>
Date: Mon, 20 Nov 2017 13:54:20 +0000
Please keep list traffic on the list. These look like bro keyword options, not Snort. I can only assume you got these rules from: https://github.com/mschuett/spp_ipv6_test/blob/master/ipv6.rules or similar? -- Joel Esler | Talos: Manager | jesler () cisco com<mailto:jesler () cisco com> On Nov 19, 2017, at 8:26 AM, ayman shabour <shabour313 () hotmail com<mailto:shabour313 () hotmail com>> wrote: alert icmp any any -> any any ( ipv: 6; icmp6_nd; \ icmp6_nd_option: >10; icmp6_nd_option: <15; \ msg:"ICMPv6/NDP with SEND option"; sid:124806; rev:1;) _____________________________________________________ alert icmp any any -> any any (ipv: 6; itype: 136; \ detection_filter: track by_dst, count 20, seconds 1; \ msg:"ICMPv6/NA flooding"; sid:124852; rev:1;) _________________________________________________________ alert ip icmp any -> any any \ (msg:"IPV6 ICMP Echo-Request ?"; itype : 128; \ classtype : icmp -event ; sid : 2000001; rev:1;) _________________________________________ erros come up when snort -i -1 -c c:\snort\etc\snort.conf -A console errors in ipv also in ip ________________________________________ من: Joel Esler (jesler) [jesler () cisco com<mailto:jesler () cisco com>] تم الإرسال: 19 نوفمبر, 2017 5:41 ص إلى: ayman shabour نسخة: snort-users () lists snort org<mailto:snort-users () lists snort org> الموضوع: Re: [Snort-users] IPV6 settings for snort Can you provide an example of what you are trying to do? -- Joel Esler | Talos: Manager | jesler () cisco com<mailto:jesler () cisco com><mailto:jesler () cisco com> On Nov 18, 2017, at 2:26 PM, ayman shabour via Snort-users <snort-users () lists snort org<mailto:snort-users () lists snort org><mailto:snort-users () lists snort org>> wrote: The snort installed and tested in windows7 Snort ver 2.9.11 Begin forwarded message: From: ayman shabour via Snort-users <snort-users () lists snort org<mailto:snort-users () lists snort org><mailto:snort-users () lists snort org>> Date: November 18, 2017 at 11:17:00 AM GMT+3 To: "snort-users () lists snort org<mailto:snort-users () lists snort org><mailto:snort-users () lists snort org>" <snort-users () lists snort org<mailto:snort-users () lists snort org><mailto:snort-users () lists snort org>> Subject: [Snort-users] IPV6 settings for snort Reply-To: ayman shabour <shabour313 () hotmail com<mailto:shabour313 () hotmail com><mailto:shabour313 () hotmail com>> dear Snort users hi every one Im new at snort app, i did configuration and testing its work fine when i try to test rules for IPV6 its stopped with error in word (ipv) or (ip) so any change need in settings to work with IPV6 ?? please advise _______________________________________________ Snort-users mailing list Snort-users () lists snort org<mailto:Snort-users () lists snort org><mailto:Snort-users () lists snort org> Go to this URL to change user options or unsubscribe: https://lists.snort.org/mailman/listinfo/snort-users Please visit http://blog.snort.org<http://blog.snort.org/> to stay current on all the latest Snort news! Please follow these rules: https://snort.org/faq/what-is-the-mailing-list-etiquette _______________________________________________ Snort-users mailing list Snort-users () lists snort org<mailto:Snort-users () lists snort org> Go to this URL to change user options or unsubscribe: https://lists.snort.org/mailman/listinfo/snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news! Please follow these rules: https://snort.org/faq/what-is-the-mailing-list-etiquette
_______________________________________________ Snort-users mailing list Snort-users () lists snort org Go to this URL to change user options or unsubscribe: https://lists.snort.org/mailman/listinfo/snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news! Please follow these rules: https://snort.org/faq/what-is-the-mailing-list-etiquette
Current thread:
- IPV6 settings for snort ayman shabour via Snort-users (Nov 18)
- Fwd: IPV6 settings for snort ayman shabour via Snort-users (Nov 18)
- Re: IPV6 settings for snort Joel Esler (jesler) via Snort-users (Nov 18)
- Message not available
- Re: IPV6 settings for snort Joel Esler (jesler) via Snort-users (Nov 20)
- Re: IPV6 settings for snort Joel Esler (jesler) via Snort-users (Nov 18)
- Fwd: IPV6 settings for snort ayman shabour via Snort-users (Nov 18)