Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Already on GitHub? Sign in to your account

Snort not logging IPv6 attacker source and destination, checksum etc #66

Closed
sumitkamboj opened this Issue Feb 1, 2013 · 2 comments

Comments

Projects
None yet
3 participants

Hello
I have setup snort 2.9.4 with barnyard2-1.11 and aanval(for frontend) everything working fine in case of IPv4. but when i try snort on IPv6 it logs the alert but does not include source, destination, Hdr Len, TTL, Checksum detail on aanval fronend(infact aanval detect only that version is IPv6). It also does not shows the type of attack whether it is TCP/UDP/ICMP.

Please help

Collaborator

binf commented Feb 1, 2013

The db schema currently in uses does not support IPV6.

So i am not sure what is your need.

Also i would like to invite you to use barnyard2 users google groups
(search for barnyard2-users) to ask questions its easier to keep track of
questions and you have a wider audiance.

-elz

Thanks for reply.
So there is any other alternative to read the snort log file. So that i can understand the IPv6 logs.

@firnsy firnsy closed this Apr 8, 2013

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment