IPv6 (and IPv4) attack log tools (abusable use reporting and solving)

0 Likes

IPv6 (and IPv4) attack log tools (abusable use reporting and solving)

Hi,

I use the PC Protection version (F-Secure's ISP product sold direct to ISP's customers by them).

 

There is that log viewer where is firewall alerts log and you can watch more information like resolve dns address of the attackers. Not very usable one while can't even copy&paste IP.

 

One thing I figured out is that 6to4 IPv4 aren't known by product. It just say it can't resolve dns while there is for example 2002:e62:c700::e62::c700 which is IPv4 endpoint 14.98.199.0 which do have PTR record. OK the resolver fails, it's in Windows and also in Linux (like tool host or nslookup do fail). Why would not F-secure just do the trick to known ones, like while every one know 2002: is IP6to4 and has the IPv4 inside of it - hex 0e62c700 is same as 14.98.199.0 in decimal.

 

The another question is why the tools doesn't have option to get easy knowledge of whois information and so, so while there's some big problems from some ISP you could get abuse address and other things out from software. And why isn't allowed to copy&paste anything from these menus? Why there is no any export method to data collected by F-secure's software?

 

Hope it's better in new versions and the official F-secure family, and hope these tools will be better (so you actually can use them while looking inside logs)  in ISP PC-secure version too.

These days it's most important not to collect data but use it right way. F-secure tools should give users some headlines and tools to use them. Like reporting abusable use right to right places fast.

2 Comments
Former F-Secure Employee

Thank you for your idea input Terae!

 

We will check over it with our Product Manager.

 

Cheers!
ElseH
F-Secure Community Manager

Former F-Secure Employee
Status changed to: Future Consideration
Hi Terae, We have redesigned the firewall as part of the latest release. Our operators are rolling out the new version to their customer. The exact availability for the new version varies from operator to operation. The main design principle was to simplify the user experience and to make it easy for the normal user to use. In the later versions we might add more detailed tools and information for advanced users. Including the suggestions you listed there. Regards, Sami