ANNOUNCEMENT: Snort-IDMEF-Plugin 1.2.4alpha for snort 2.1.1 released

[Sandro Poppi <spoppi () gmx net>]

Hi Snorters,

I'm happy to announce a new release of the GPL'ed Snort IDMEF plugin
1.2.4alpha for Snort 2.1.1.

IDMEF is the Intrusion Detection Exchange Message Format which is XML
based and developed by the IETF working group IDWG. It's current status
is "Draft".

Snort IDMEF enables Snort to generate IDMEF based messages and store
them either in a flat file or distribute them via TCP sockets.

The changes in this version are:

   - configure.in:
   -- added support for new header structure in libidmef 0.7.3 alpha
   -- added --enable-char_ref (default=disabled; see below)
   - spo_idmef.c:
   -- added support for new header structure in libidmef 0.7.3 alpha
   -- added ability for homenet not requiring to be a single
address/network,
      now lists are also supported, e.g.
[192.168.1.0/24,192.168.2.0/24,192.168.3.0/24]
   -- incorporated ascii output patch for conforming to IDMEF draft by
adding option char_ref
      due to the fact that XML 1.0 is not supporting all chars below
0x20 it has been
      worked around which breaks the IDMEF draft until XML 1.1 is
available in libxml2
      (use base64 instead if you need all info in the payload according
to the draft)
      (thanks to David C. Hoos for providing it)
   - packaged for snort 2.1.1


Requirements:
      - Snort 2.1.1 source http://www.snort.org
      - libidmef http://sourceforge.net/projects/libidmef
      - libxml2 http://xmlsoft.org/
      - snort-idmef-plugin ;) http://sourceforge.net/projects/snort-idmef

On the project's homepage you'll find some mailinglists for issues
related to the snort-idmef-plugin.

Feedback is always welcomed!

Happy snort'ing,
Sandro

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature