IPv6 Suricata IPS Rule

  • Hello guys, I'm student and I've been using Pfsense and Suricata as IDS/IPS for 3 months. I've been doing a research, penetration test and collection information. I'm using Dualstack network on my pfsense. In several of penetration test that I've been doing, it show that pfsense could block many penetration in IPv6 but not for Port Scanning. Attacker could show all opened ports when doing port scanning in IPv6.

    Can't suricata block port scanning in IPv6? Or Something's wrong with the rule? Btw I use emerging-scan.rules

Log in to reply