My server is generating this psad error. I am not sure what it means? I think it is saying an IPv6 ping request was blocked but am not sure.
And if it is a ping request, is it from the server to another device? I don't recall anything on my network being IPv6 enabled so I'm confused what it could/would be.
=-=-=-=-=-=-=-=-=-=-=-= Sat Mar 9 22:50:28 2019 =-=-=-=-=-=-=-=-=-=-=-=
Danger level: [2] (out of 5)
Source: 0000:0000:0000:0000:0000:0000:0000:0000
DNS: [No reverse dns info available]
Destination: ff02:0000:0000:0000:0000:0000:0000:0016
DNS: [No reverse dns info available]
Overall scan start: Sat Mar 9 22:50:28 2019
Total email alerts: 1
Syslog hostname: vm
Global stats:
chain: interface: protocol: packets:
OUTPUT enp0s3 icmp6 1
[+] ICMP6 scan signatures:
Invalid ICMP type "143" chain=OUTPUT packets=1
[+] Whois Information (source IP):
No whois server is known for this kind of object.
=-=-=-=-=-=-=-=-=-=-=-= Sat Mar 9 22:50:28 2019 =-=-=-=-=-=-=-=-=-=-=-=
ICMPv6 type 143 is Version 2 Multicast Listener Report as defined in RFC 3810. It is sent from your node to the local router(s) to advertise its ability (or inability) to receive multicast traffic.
It's a bit bizarre that PSAD would call this traffic "Invalid" as MLDv2 has only been around for 15 years.
PSAD appears to be an active project; you should report this problem to its developers via whatever bug tracking system they use.