Message

Teredo server has successfully started.

Message

Teredo server has failed to start with the following error: %1.
Teredo Reason Code: %2.

Fields

Message

Teredo server primary or secondary IPv4 address is invalid. Primary IPv4 address: %1. Error Code: %2.

Fields

Message

Configured Teredo server name %1 is invalid. Error Code: %2.

Fields

Message

Teredo server initialization has failed with the following error code %1.

Fields

Message

Teredo server has stopped.

Message

ISATAP router address %1 was set with status %2.

Fields

Sigma Rules

• ISATAP Router Address Was Set
  Detects the configuration of a new ISATAP router on a Windows host. While ISATAP is a legitimate Microsoft technology for IPv6 transition, unexpected or unauthorized ISATAP router configurations could indicate a potential IPv6 DNS Takeover attack using tools like mitm6. In such attacks, adversaries advertise themselves as DHCPv6 servers and set malicious ISATAP routers to intercept traffic. This detection should be correlated with network baselines and known legitimate ISATAP deployments in your environment.

Message

%1 interface %2 with address %3 has been brought up.

Fields

Message

%1 interface %2 is no longer active.

Fields

Message

Unable to update the IP address on %1 interface %2. Update Type: %3. Error Code: %4.

Fields

Message

IP-HTTPS server has successfully started using the server URL %1.

Fields

Message

IP-HTTPS server has stopped.

Message

IP-HTTPS server has failed to start with the following error: %1. 
 IP HTTPS reason code %2.

Fields

Message

IP-HTTPS client %1 (%2) is associated with IP address %3.

Fields

Message

IP-HTTPS client %1 (%2) is disassociated from IP address %3.

Fields

Message

DNS64: No matching IPv6 prefix found for IPv4 address %4, received for name %3 queried by client %2.

Fields

Message

DA MULTISITE: Configured DA site %1.

Fields

Message

DA MULTISITE: Unconfigured DA site %1.

Fields