SEC504: Hacker Tools, Techniques, and Incident Handling

Experience SANS training through course previews.
Learn MoreLet us help.
Contact usBecome a member for instant access to our free resources.
Sign UpWe're here to help.
Contact UsThis paper will examine the current support of IPv6 amongst three of the most popular open source intrusion detection systems: Snort, Suricata, and Bro. It will also examine support of the IPv6 protocol within the publicly available signatures and rules for each system, where applicable. All three IDS products will be presented with the same network captures of a web application vulnerability scan - one over IPv4, and one over IPv6 - running on the same operating system installation and hardware. The performance of each system will be measured and compared first against itself and then the other two IDS products.