[ipv6hackers] ipv6 security events
Andre Cardoso
andrencardoso at gmail.com
Tue Oct 2 11:06:46 CEST 2012
the sensor is not the issue bro, suricata or snort can do it quite well.
my questinos was regarding the db were to put the events and after display
it ..from what i can see there isnt one schema that support ipv6.
Thanks
AC
On Oct 2, 2012 1:28 AM, "Seth Hall" <seth at icir.org> wrote:
>
> On Sep 28, 2012, at 11:31 AM, Andre Cardoso <andrencardoso at gmail.com>
> wrote:
>
> > anybody have experience in a SIEM with ipv6 capabilities?
>
>
> Bro can be used for detection and correlation in many of the ways the
> people use SIEM deployments and the 2.1 release natively supports IPv6
> quite well (although we've already discovered some small issues that we are
> working on correcting now).
>
> http://www.bro-ids.org/
>
> .Seth
>
> --
> Seth Hall
> International Computer Science Institute
> (Bro) because everyone has a network
> http://www.bro-ids.org/
>
> _______________________________________________
> Ipv6hackers mailing list
> Ipv6hackers at lists.si6networks.com
> http://lists.si6networks.com/listinfo/ipv6hackers
>
More information about the Ipv6hackers
mailing list