Snort mailing list archives
Spade version 021026.1 released!
From: James Hoagland <hoagland () SiliconDefense com>
Date: Sat, 26 Oct 2002 16:16:36 -0700
Greetings,Silicon Defense is please to announce the availability of Spade version 021026.1, the latest version of its statistical anomaly detector for Snort. This is what has changed:
+ ICMP traffic now analyzed for anomalies + dead-dest detector type now looks for ICMP traffic to unused IP addresses + new odd-typecode detector type looks for ICMP packets with rare type and code fields + new odd-port-dest detector type looks for sources connecting to an unusual destination for a destination port (among destination ports that are observed to have a predictable set of destinations) + you can now exclude certain reports on a Spade-wide basis in addition to on a detector-specific basis (add Xdips, Xdports, Xsips, and/or Xsports on the main Spade configuration line) + dead-dest will no longer report on broadcast IPs + sped Spade up a little through some optimizations + spade.conf updated for new detection capabilities + Spade log file configured in the distributed spade.conf is now called spade.log (instead of log.txt) for clarityAs you can see, there's a few new detection capabilities in this version. You can download it and learn more at:
http://www.silicondefense.com/software/spice/ Enjoy and happy Spading, Jim -- |* Jim Hoagland, Associate Researcher, Silicon Defense *| |* --- Silicon Defense: IDS Solutions --- *| |* hoagland () SiliconDefense com, http://www.silicondefense.com/ *| |* Voice: (530) 756-7317 Fax: (530) 756-7297 *| ------------------------------------------------------- This SF.net email is sponsored by: ApacheCon, November 18-21 in Las Vegas (supported by COMDEX), the only Apache event to be fully supported by the ASF. http://www.apachecon.com _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Spade version 021026.1 released! James Hoagland (Oct 26)
- Re: Spade version 021026.1 released! James Hoagland (Oct 26)