ANNOUNCEMENT: Snort-IDMEF-Plugin 1.2.3alpha for snort 2.1.0 released

[Sandro Poppi <spoppi () gmx net>]

Hi Snorters,

I'm happy to announce a new release of the GPL'ed Snort IDMEF plugin
1.2.3alpha for Snort 2.1.0.

IDMEF is the Intrusion Detection Exchange Message Format which is XML
based and developed by the IETF working group IDWG. It's current status
is "Draft".

Snort IDMEF enables Snort to generate IDMEF based messages and store
them either in a flat file or distribute them via TCP sockets.

The changes in this version are:

   - configure.in
   -- added option --enable-old which enables compatibility mode for
     snort 2.0.x
     This is highly DISCOURAGED! It enables portscan/http_decode
     preprocessor alerts.
   -- added check for sys/utsname.h
   - added support for flow-portscan preprocessor
   - added support for http-inspect preprocessor
   - BuildSource/BuildTarget: added check for NULL packet
   - added creation of IDMEF Impact Class for rules; see README.impact
     for details
   - added README.impact

Requirements:
    - Snort 2.1.0 source http://www.snort.org
    - libidmef http://sourceforge.net/projects/libidmef
    - libxml2 http://xmlsoft.org/
    - snort-idmef-plugin ;) http://sourceforge.net/projects/snort-idmef

On the project's homepage you'll find some mailinglists for issues
related to the snort-idmef-plugin.

Feedback is always welcomed!

Happy snort'ing,
Sandro

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature