[ipv6hackers] thc-ipv6 v3.0, IPv6 complexity and evasions
andi at geekosphere.org
Fri Oct 16 09:58:33 CEST 2015
On 16/10/15 at 08:47, Marc Heuse wrote:
> There you also get a list of bypass attacks per IDS product.
> spoiler alert: surricata is pretty good (but still fails for a few
> cases), snort is not very good, and tippingpoint seems just to do the
> basics to get an "IPv6 ready" sticker.
Which rules did you use? Emerging Threats free/commercial? Shipped rules
(suricata has some)?
> btw - I did not report these to the respective IDS developers (basically
> too busy with customer projects and no contacts to the developers).
> If someone wants to point them to slides and tool, they might be happy.
I could take care of this, since i'm involved in suricata and also
playing around with ipv6 at my workplace.
But if you have a little more details to your tests besides the slides
i would welcome it :)
More information about the Ipv6hackers