Home page logo
/

snort logo Snort mailing list archives

Re: Snort 2.9.0.3 Now Available
From: vincent () cojot name
Date: Tue, 28 Dec 2010 17:18:32 +0100 (CET)


Hi Joel,

I don't want to discuss the merits of enabling ipv6 vs. not enabling it 
here but since you're jumping on this thread, Joel, could you please help 
me with the following issue:
- If I compile snort with --enable-ipv6, will it break everyone's config 
files? ('var' nets need to be replaced by 'ipvar' nets unless there's a 
backward compatibility feature I don't know of).
- Are there any issues I should be aware of?

I don't mind building my el5 rpms with --enable-ipv6 but if I let them 
out in the wild, I would like to avoid making people mad at me for 
breaking their configs.. :) Esp. since sourcefire's default spec file did 
not enable ipv6 by default...

Thanks for the help,

Regards,

Vincent

On Tue, 28 Dec 2010, Joel Esler wrote:

On Dec 27, 2010, at 8:42 PM, waldo kitty wrote:

There is a load of v6 traffic in most v4-only networks I work on, it's
just common for it to be dismissed by network people as "background
noise".

this is likely due to those networks having clients in one of two configurations...

1. default OS settings which have IPv6 turned on even when it is not necessary
(windows is bad for this and known to have this setting one by default)

"Not necessary" is the wrong thing here.  IPv6 is going to be necessary, and if you listen to the "omg the world is 
coming to an end we are running out of IPv4 addresses OMG !!!!eleven!1" people, we're going to need them soon.

Many OSes come with IPv6 on by default.  I know Fedora, Windows, and OSX do.  It's probably time we stop shutting it 
down, and figure out how to secure it instead of trying to prevent change.

J

------------------------------------------------------------------------------
Learn how Oracle Real Application Clusters (RAC) One Node allows customers
to consolidate database storage, standardize their database environment, and, 
should the need arise, upgrade to a full multi-node Oracle RAC database 
without downtime or disruption
http://p.sf.net/sfu/oracle-sfdevnl
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]