Re: [security-onion] Neighbor Discovery Protocol Monitor (NDPMon) Good Additon to Security Onion?

26 views
Skip to first unread message

Doug Burks

unread,
May 17, 2013, 10:52:49 AM5/17/13
to securit...@googlegroups.com
Hi Greg,

Have you considered leveraging Bro for IPv6 monitoring? Bro 2.1
(already included in Security Onion 12.04) contains extensive support
for IPv6.

Thanks,
Doug

On Fri, May 17, 2013 at 10:30 AM, Greg Porter <gspo...@gmail.com> wrote:
> Has anyone tried adding NDPMon to SO? I have been asked to add some type of ipv6 monitoring to a network and this looks like a good candidate and has syslog support. Just want to know if anyone has been down this road.
>
> GP
>
> --
> You received this message because you are subscribed to the Google Groups "security-onion" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to security-onio...@googlegroups.com.
> To post to this group, send email to securit...@googlegroups.com.
> Visit this group at http://groups.google.com/group/security-onion?hl=en-US.
> For more options, visit https://groups.google.com/groups/opt_out.
>
>



--
Doug Burks
http://securityonion.blogspot.com

Seth Hall

unread,
May 19, 2013, 8:37:19 PM5/19/13
to securit...@googlegroups.com

On May 17, 2013, at 10:52 AM, Doug Burks <doug....@gmail.com> wrote:

> Have you considered leveraging Bro for IPv6 monitoring? Bro 2.1
> (already included in Security Onion 12.04) contains extensive support
> for IPv6.


And, if you let us (the Bro team) know what you'd like to see in logs it's possible that we might be able to write a script that creates the log you want. :)

.Seth

--
Seth Hall
International Computer Science Institute
(Bro) because everyone has a network
http://www.bro.org/

Reply all
Reply to author
Forward
0 new messages