[Bro-Dev] [JIRA] (BIT-1571) Connection summaries w/ IPv6 have poor readabiity

2016-04-28 Thread Daniel Thayer (JIRA)
[ https://bro-tracker.atlassian.net/browse/BIT-1571?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Daniel Thayer updated BIT-1571: --- Status: Merge Request (was: Open) Assignee: (was: Daniel Thayer) > Connection summaries

[Bro-Dev] [JIRA] (BIT-1571) Connection summaries w/ IPv6 have poor readabiity

2016-04-28 Thread Daniel Thayer (JIRA)
[ https://bro-tracker.atlassian.net/browse/BIT-1571?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=26005#comment-26005 ] Daniel Thayer commented on BIT-1571: Branch "topic/dnthayer/ticket1571" in the trace-summary git repo

[Bro-Dev] [JIRA] (BIT-1571) Connection summaries w/ IPv6 have poor readabiity

2016-04-28 Thread Jeannette Dopheide (JIRA)
[ https://bro-tracker.atlassian.net/browse/BIT-1571?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Jeannette Dopheide updated BIT-1571: Fix Version/s: (was: 2,5) 2.5 > Connection summaries w/ IPv6 have

[Bro-Dev] [JIRA] (BIT-1571) Connection summaries w/ IPv6 have poor readabiity

2016-04-26 Thread Adam Slagell (JIRA)
[ https://bro-tracker.atlassian.net/browse/BIT-1571?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Adam Slagell updated BIT-1571: -- Attachment: text.html Or don’t count it in the port statistics, but still count it in the protocol

Re: [Bro-Dev] [JIRA] (BIT-1571) Connection summaries w/ IPv6 have poor readabiity

2016-04-26 Thread Slagell, Adam J
Or don’t count it in the port statistics, but still count it in the protocol stats. So you would see a ton of protocol #1 But I think I like your suggestion better because it separates things like 53/tcp and 53/udp. On Apr 26, 2016, at 9:04 AM, Vlad Grigorescu

Re: [Bro-Dev] [JIRA] (BIT-1571) Connection summaries w/ IPv6 have poor readabiity

2016-04-26 Thread Vlad Grigorescu
I'm not sure I agree without additional context. ICMP exfil is a known technique. Wouldn't you want to know if all of a sudden, you started seeing gigs of ICMP? Or is there some other limitation that would make detecting this problematic? What I would recommend instead is simply adding the

[Bro-Dev] [JIRA] (BIT-1571) Connection summaries w/ IPv6 have poor readabiity

2016-04-26 Thread Adam Slagell (JIRA)
[ https://bro-tracker.atlassian.net/browse/BIT-1571?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=25900#comment-25900 ] Adam Slagell commented on BIT-1571: --- Talking with Seth, he agrees that it probably just makes more sense to

[Bro-Dev] [JIRA] (BIT-1571) Connection summaries w/ IPv6 have poor readabiity

2016-04-25 Thread Adam Slagell (JIRA)
[ https://bro-tracker.atlassian.net/browse/BIT-1571?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=25806#comment-25806 ] Adam Slagell edited comment on BIT-1571 at 4/25/16 4:58 PM: I also noticed an

[Bro-Dev] [JIRA] (BIT-1571) Connection summaries w/ IPv6 have poor readabiity

2016-04-25 Thread Adam Slagell (JIRA)
[ https://bro-tracker.atlassian.net/browse/BIT-1571?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=25806#comment-25806 ] Adam Slagell edited comment on BIT-1571 at 4/25/16 4:57 PM: I also noticed an

[Bro-Dev] [JIRA] (BIT-1571) Connection summaries w/ IPv6 have poor readabiity

2016-04-25 Thread Adam Slagell (JIRA)
[ https://bro-tracker.atlassian.net/browse/BIT-1571?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=25806#comment-25806 ] Adam Slagell commented on BIT-1571: --- I also noticed an error. The port column is really a port or ICMP code.

[Bro-Dev] [JIRA] (BIT-1571) Connection summaries w/ IPv6 have poor readabiity

2016-04-20 Thread Adam Slagell (JIRA)
Adam Slagell created BIT-1571: - Summary: Connection summaries w/ IPv6 have poor readabiity Key: BIT-1571 URL: https://bro-tracker.atlassian.net/browse/BIT-1571 Project: Bro Issue Tracker Issue