On Wednesday 23 December 2009 05:27:09 Michael Rash wrote:
> On Dec 15, 2009, D T wrote:
> 
> > Greetings,
> 
> Hello,
> 
> > As a current user of psad, I would like to say thanks as it has proven to be
> > quite useful!  Are there any plans on adding support for IPv6?  I believe
> > iptables can support IPv6, but it has to be configured to do so.
> 
> After taking a look at psad in the context of IPv6, this is definitely
> something I will add.  There is a significant amount of work to do in
> order to make this work effectively since the ip6tables logging format
> differs, and this has implications for several parts of the psad code.
> But, I will work on this for the next release since it definitely is
> an important feature.
> 
> Thanks,
> 
> --Mike

Thanks for this Mike. May I add that this is the next closest thing to critical 
there could be. This weekend, I experienced a DOS attack against my DNS 
servers. Fortuneately my DNS server only serve my internal network so I was 
able to create an ACL and only allow recursive lookups for my internal network 
and since we still aren't using ipv6, Disabling ipv6 support on that server did 
not pose a problem, but the noise generated against ipv6 was tremendous.

Thanks again and thanks for such a simple and effective solution.

Eli

-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.


------------------------------------------------------------------------------
This SF.Net email is sponsored by the Verizon Developer Community
Take advantage of Verizon's best-in-class app development support
A streamlined, 14 day to market process makes app distribution fast and easy
Join now and get one step closer to millions of Verizon customers
http://p.sf.net/sfu/verizon-dev2dev 
_______________________________________________
psad-discuss mailing list
psad-discuss@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/psad-discuss

Reply via email to