翻訳と辞書
Words near each other
・ NDOR1
・ Ndora
・ Ndoro language
・ Ndorobo language
・ Ndoto Za Elibidi
・ Ndoua Lydie Yamkou
・ Ndouci
・ Ndoucoumane
・ Ndougou Department
・ Ndoukoula
・ Ndoulo Arrondissement
・ Ndoye
・ NDP
・ NDP-glucose—starch glucosyltransferase
・ NDPCP
NDPMon
・ NDPR
・ NDProgress
・ NDPS
・ NDR
・ NDR Fernsehen
・ NDR kinase
・ NDR Kultur Sachbuchpreis
・ NDR Radiophilharmonie
・ NDR Symphony Orchestra
・ NDR-Klein-Computer
・ Ndra'ngith language
・ Ndrangith language
・ NDRC
・ Ndre Mjeda


Dictionary Lists
翻訳と辞書 辞書検索 [ 開発暫定版 ]
スポンサード リンク

NDPMon : ウィキペディア英語版
The Neighbor Discovery Protocol(RFC 4861 ), Neighbor Discovery for IP version 6 (IPv6), T. Narten et al. (September 2007) Monitor (NDPMon) is a diagnostic software application used by Internet Protocol version 6(RFC 2460 ) Internet Protocol, Version 6 (IPv6) Specification S. Deering, R. Hinden (December 1998) network administrators for monitoring ICMPv6 packets.(Monitoring the Neighbor Discovery Protocol ) F. Beck, T. Cholez, I. Chrisment and O. Festor - The Second International Workshop on IPv6 Today - Technology and Deployment - IPv6TD 2007 (2007) NDPMon observes the local network for anomalies in the function of nodes using Neighbor Discovery Protocol (NDP) messages, especially during the Stateless Address Autoconfiguration.(RFC 4862 ) IPv6 Stateless Address Autoconfiguration, S. Thomson, T. Narten, T. Jinmei (September 2007) When an NDP message is flagged, it notifies the administrator by writing to the syslog or by sending an email report. It may also execute a user-defined script. For IPv6, NDPMon is an equivalent of Arpwatch for IPv4, and has similar basic features with added attacks detection.(RFC 3756 ) IPv6 Neighbor Discovery (ND) Trust Models and Threats P. Nikander, Ed.,J. Kempf, E. Nordmark (May 2004)NDPMon runs on Linux distributions (available in Debian repositories(Debian packages ) and in Ubuntu 12.10(Ubuntu binary package )), Mac OS X, FreeBSD (available as port(FreeBSD port )), NetBSD and OpenBSD. It uses a configuration file containing the expected and valid behavior for nodes and routers on the link. This includes the routers' addresses (MAC and IP) and the prefixes, flags and parameters announced.NDPMon also maintains an up-to-date a list of neighbors on the link and watches all advertisements and changes. It permits tracking the usage of cryptographically generated interface identifiers or temporary global addresses when Privacy extensions are enabled (default behavior in Ubuntu and Windows for example).NDPMon is free software under the GNU LGPL 2.1.See COPYING in the tarball.==Alerts and reports==NDPMon generates various reports and alerts, including:*wrong couple MAC/IP: the MAC address is valid, so is the IP address, but not both of them together*wrong router MAC: invalid MAC address*wrong router IP address, invalid IP address*wrong prefix: invalid IPv6 prefix*wrong RA flags: invalid flags in the RA*wrong RA params: wrong parameter in the RA (lifetimes, timers...)*wrong router redirect: the router which emitted the redirect is not valid*router flag in Neighbor Advertisement: a node not declared as a router announced itself as one*Duplicate Address Detection DOS: duplicate address detection denial of service*changed ethernet address: a Global IPv6 address has a new MAC address*flip flop: a node uses two MAC addresses one after the other*reused old Ethernet address: reuse of an old MAC address*Unknown MAC Manufacturer: MAC vendor unknown, might be a forged one*new station: new node on the link*new IPv6 Global Address: new IPv6 Global address for a node*new IPv6 Link Local Address: new IPv6 Link Local address for a node*wrong couple MAC/LLA: wrong couple source Ethernet and source LLA addresses, i.e. Ethernet and Link Local Addresses are found but in different neighbors*Ethernet mismatch: link layer Ethernet address and address in ICMPv6 option do not match*IP Multicast*Ethernet Broadcast
The Neighbor Discovery Protocol〔(RFC 4861 ), Neighbor Discovery for IP version 6 (IPv6), T. Narten et al. (September 2007)〕 Monitor (NDPMon) is a diagnostic software application used by Internet Protocol version 6〔(RFC 2460 ) Internet Protocol, Version 6 (IPv6) Specification S. Deering, R. Hinden (December 1998)〕 network administrators for monitoring ICMPv6 packets.〔(Monitoring the Neighbor Discovery Protocol ) F. Beck, T. Cholez, I. Chrisment and O. Festor - The Second International Workshop on IPv6 Today - Technology and Deployment - IPv6TD 2007 (2007)〕 NDPMon observes the local network for anomalies in the function of nodes using Neighbor Discovery Protocol (NDP) messages, especially during the Stateless Address Autoconfiguration.〔(RFC 4862 ) IPv6 Stateless Address Autoconfiguration, S. Thomson, T. Narten, T. Jinmei (September 2007)〕 When an NDP message is flagged, it notifies the administrator by writing to the syslog or by sending an email report. It may also execute a user-defined script. For IPv6, NDPMon is an equivalent of Arpwatch for IPv4, and has similar basic features with added attacks detection.〔(RFC 3756 ) IPv6 Neighbor Discovery (ND) Trust Models and Threats P. Nikander, Ed.,J. Kempf, E. Nordmark (May 2004)〕
NDPMon runs on Linux distributions (available in Debian repositories〔(Debian packages )〕 and in Ubuntu 12.10〔(Ubuntu binary package )〕), Mac OS X, FreeBSD (available as port〔(FreeBSD port )〕), NetBSD and OpenBSD. It uses a configuration file containing the expected and valid behavior for nodes and routers on the link. This includes the routers' addresses (MAC and IP) and the prefixes, flags and parameters announced.
NDPMon also maintains an up-to-date a list of neighbors on the link and watches all advertisements and changes. It permits tracking the usage of cryptographically generated interface identifiers or temporary global addresses when Privacy extensions are enabled (default behavior in Ubuntu and Windows for example).
NDPMon is free software under the GNU LGPL 2.1.〔See COPYING in the tarball.〕
==Alerts and reports==
NDPMon generates various reports and alerts, including:
*wrong couple MAC/IP: the MAC address is valid, so is the IP address, but not both of them together
*wrong router MAC: invalid MAC address
*wrong router IP address, invalid IP address
*wrong prefix: invalid IPv6 prefix
*wrong RA flags: invalid flags in the RA
*wrong RA params: wrong parameter in the RA (lifetimes, timers...)
*wrong router redirect: the router which emitted the redirect is not valid
*router flag in Neighbor Advertisement: a node not declared as a router announced itself as one
*Duplicate Address Detection DOS: duplicate address detection denial of service
*changed ethernet address: a Global IPv6 address has a new MAC address
*flip flop: a node uses two MAC addresses one after the other
*reused old Ethernet address: reuse of an old MAC address
*Unknown MAC Manufacturer: MAC vendor unknown, might be a forged one
*new station: new node on the link
*new IPv6 Global Address: new IPv6 Global address for a node
*new IPv6 Link Local Address: new IPv6 Link Local address for a node
*wrong couple MAC/LLA: wrong couple source Ethernet and source LLA addresses, i.e. Ethernet and Link Local Addresses are found but in different neighbors
*Ethernet mismatch: link layer Ethernet address and address in ICMPv6 option do not match
*IP Multicast
*Ethernet Broadcast

抄文引用元・出典: フリー百科事典『 ウィキペディア(Wikipedia)
ウィキペディアで「The Neighbor Discovery Protocol(RFC 4861 ), Neighbor Discovery for IP version 6 (IPv6), T. Narten et al. (September 2007) Monitor (NDPMon) is a diagnostic software application used by Internet Protocol version 6(RFC 2460 ) Internet Protocol, Version 6 (IPv6) Specification S. Deering, R. Hinden (December 1998) network administrators for monitoring ICMPv6 packets.(Monitoring the Neighbor Discovery Protocol ) F. Beck, T. Cholez, I. Chrisment and O. Festor - The Second International Workshop on IPv6 Today - Technology and Deployment - IPv6TD 2007 (2007) NDPMon observes the local network for anomalies in the function of nodes using Neighbor Discovery Protocol (NDP) messages, especially during the Stateless Address Autoconfiguration.(RFC 4862 ) IPv6 Stateless Address Autoconfiguration, S. Thomson, T. Narten, T. Jinmei (September 2007) When an NDP message is flagged, it notifies the administrator by writing to the syslog or by sending an email report. It may also execute a user-defined script. For IPv6, NDPMon is an equivalent of Arpwatch for IPv4, and has similar basic features with added attacks detection.(RFC 3756 ) IPv6 Neighbor Discovery (ND) Trust Models and Threats P. Nikander, Ed.,J. Kempf, E. Nordmark (May 2004)NDPMon runs on Linux distributions (available in Debian repositories(Debian packages ) and in Ubuntu 12.10(Ubuntu binary package )), Mac OS X, FreeBSD (available as port(FreeBSD port )), NetBSD and OpenBSD. It uses a configuration file containing the expected and valid behavior for nodes and routers on the link. This includes the routers' addresses (MAC and IP) and the prefixes, flags and parameters announced.NDPMon also maintains an up-to-date a list of neighbors on the link and watches all advertisements and changes. It permits tracking the usage of cryptographically generated interface identifiers or temporary global addresses when Privacy extensions are enabled (default behavior in Ubuntu and Windows for example).NDPMon is free software under the GNU LGPL 2.1.See COPYING in the tarball.==Alerts and reports==NDPMon generates various reports and alerts, including:*wrong couple MAC/IP: the MAC address is valid, so is the IP address, but not both of them together*wrong router MAC: invalid MAC address*wrong router IP address, invalid IP address*wrong prefix: invalid IPv6 prefix*wrong RA flags: invalid flags in the RA*wrong RA params: wrong parameter in the RA (lifetimes, timers...)*wrong router redirect: the router which emitted the redirect is not valid*router flag in Neighbor Advertisement: a node not declared as a router announced itself as one*Duplicate Address Detection DOS: duplicate address detection denial of service*changed ethernet address: a Global IPv6 address has a new MAC address*flip flop: a node uses two MAC addresses one after the other*reused old Ethernet address: reuse of an old MAC address*Unknown MAC Manufacturer: MAC vendor unknown, might be a forged one*new station: new node on the link*new IPv6 Global Address: new IPv6 Global address for a node*new IPv6 Link Local Address: new IPv6 Link Local address for a node*wrong couple MAC/LLA: wrong couple source Ethernet and source LLA addresses, i.e. Ethernet and Link Local Addresses are found but in different neighbors*Ethernet mismatch: link layer Ethernet address and address in ICMPv6 option do not match*IP Multicast*Ethernet Broadcast」の詳細全文を読む



スポンサード リンク
翻訳と辞書 : 翻訳のためのインターネットリソース

Copyright(C) kotoba.ne.jp 1997-2016. All Rights Reserved.