[ipv6hackers] thc-ipv6 v3.0, IPv6 complexity and evasions

Andreas Herz andi at geekosphere.org
Fri Oct 16 09:58:33 CEST 2015

On 16/10/15 at 08:47, Marc Heuse wrote:
> There you also get a list of bypass attacks per IDS product.
> spoiler alert: surricata is pretty good (but still fails for a few
> cases), snort is not very good, and tippingpoint seems just to do the
> basics to get an "IPv6 ready" sticker.

Which rules did you use? Emerging Threats free/commercial? Shipped rules
(suricata has some)?

> btw - I did not report these to the respective IDS developers (basically
> too busy with customer projects and no contacts to the developers).
> If someone wants to point them to slides and tool, they might be happy.

I could take care of this, since i'm involved in suricata and also
playing around with ipv6 at my workplace. 
But if you have a little more details to your tests besides the slides
i would welcome it :)

Andreas Herz

More information about the Ipv6hackers mailing list