[ipv6hackers] IDS/IPS state of the art

Joe Klein jsklein at gmail.com
Thu Jul 18 17:41:52 CEST 2013


Yes, I was the SME four years ago for a product called Assure6. Here is a
link. http://www.salientfed.com/assure6/

Tell them I sent you.

I am also attempting to get funding for the next generation, but is seems I
am tool early in the product phase. So I have been working on it during my
time.  If you are interested, contact me.


Joe Klein


On Thu, Jul 18, 2013 at 11:31 AM, Marksteiner, Stefan <
stefan.marksteiner at joanneum.at> wrote:

> Hi Omar,
>
> as Antonios said, the analysis of IPv6 is not yet effective. Additionally
> the market is also not yet big and therefore not so attractive. This leads
> not only to technical issues which can be used to circumvent IDS devices
> (as stated in Antonios' presentations) but also to a lack of signatures and
> other measures to detect IPv6 attacks even without evasive methods. Many
> vendors are plainly still not able to detect basic and well-known IPv6
> attack patterns.
>
> Cheers,
>
> Stefan
>
> > -----Urspr√ľngliche Nachricht-----
> > Von: ipv6hackers-bounces at lists.si6networks.com [mailto:ipv6hackers-
> > bounces at lists.si6networks.com] Im Auftrag von Antonios Atlasis
> > Gesendet: Mittwoch, 17. Juli 2013 18:35
> > An: IPv6 Hackers Mailing List
> > Betreff: Re: [ipv6hackers] IDS/IPS state of the art
> >
> > Hi Omar,
> >
> > you can find some comments as well as comparative results in the
> following
> > two prestos:
> > https://www.troopers.de/wp-content/uploads/2013/01/TROOPERS13-
> > IPv6_Extension_Headers_New_Features_and_New_Attack_Vectors-
> > Antonios_Atlasis.pdf
> >
> > https://www.troopers.de/wp-content/uploads/2013/01/TROOPERS13-
> > Fragmentation_Overlapping_Attacks_Against_IPv6_One_Year_Later-
> > Antonios_Atlasis.pdf
> >
> > IMHO the main issue is the examinations/analysis of the new IPv6
> features,
> > which seems not to be that effective yet.
> >
> > Antonios
> >
> >
> > 2013/7/16 ZAMANI Omar <Omar.ZAMANI at solucom.fr>
> >
> > > Good morning/evening everyone !
> > >
> > >
> > >
> > > I'm curious about the maturity level of network prevention and
> > > detection systems as regards IPv6.
> > >
> > >
> > >
> > > *         Do they provide the same level of functionality and tuning as
> > > they do in IPv4 ?
> > >
> > >
> > >
> > > *         Are they able to analyze IPv6 traffic effectively regardless
> > > of its profile (tunneled, fragmented, w/o extensions headers etc.)
> > >
> > >
> > >
> > > Thank you for your replies !
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > > Omar ZAMANI
> > >
> > >
> > >
> > >
> > >
> > > _______________________________________________
> > > Ipv6hackers mailing list
> > > Ipv6hackers at lists.si6networks.com
> > > http://lists.si6networks.com/listinfo/ipv6hackers
> > >
> >
> >
> >
> > --
> > =====================
> > Antonios Atlasis, PhD, MPhil
> > GXPN, GREM, GPEN, GWAPT, CCIH, GCIA
> > _______________________________________________
> > Ipv6hackers mailing list
> > Ipv6hackers at lists.si6networks.com
> > http://lists.si6networks.com/listinfo/ipv6hackers
> _______________________________________________
> Ipv6hackers mailing list
> Ipv6hackers at lists.si6networks.com
> http://lists.si6networks.com/listinfo/ipv6hackers
>



More information about the Ipv6hackers mailing list