[ipv6-wg] Follow-Up on Niall's talk: Ramond (RA Monitoring Daemon)
- Previous message (by thread): [ipv6-wg] Follow-Up on Niall's talk: Ramond (RA Monitoring Daemon)
- Next message (by thread): [ipv6-wg] Follow-Up on Niall's talk: Ramond (RA Monitoring Daemon)
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Fernando Gont
fgont at si6networks.com
Fri May 16 02:09:34 CEST 2014
On 05/15/2014 01:45 PM, Tim Chown wrote: >> >> In general, the "detection/reaction type of tools" (as opposed to a >> "prevention-oriented" security approach) haven't proven their >> usefullness too much in the past. > > The reason we knocked up RAmond was to handle accidental rogue RAs, > usually caused by Windows ICS at the time. I think we saw that over > the course of a year there was a rogue RA somewhere on our WLAN > around 50% of the time. So I would say it was very useful, for that > type of incident. Agreed. It's certainly useful for the non-attack case. -- Fernando Gont SI6 Networks e-mail: fgont at si6networks.com PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492
- Previous message (by thread): [ipv6-wg] Follow-Up on Niall's talk: Ramond (RA Monitoring Daemon)
- Next message (by thread): [ipv6-wg] Follow-Up on Niall's talk: Ramond (RA Monitoring Daemon)
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
[ ipv6-wg Archives ]