merike at doubleshotsecurity.com
Thu Jan 19 08:19:02 CET 2006
I was wondering what folks were doing to detect anomolies or potential
attacks over v6. I log access-list exceptions and see that there's a
few hundred hits on the v6 filters but of course thousands on the v4
side. When scrolling through the log I don't see any of the v6
entries.....either because they are buried or because they had already
been over-written (I am looking at the router's locally buffered log).
Soon will look at deploying netflow but was wondering what folks here
were doing or known issues that they may want to share. Thanks!
More information about the ipv6-ops