Snort 2.4.4 and Snort 2.6 Beta Available

[Jennifer Steffens <jennifer.steffens () sourcefire com>]

The Snort Team is pleased to announce the availability of Snort v2.4.4 
and Snort v2.6 Beta (no you didn't blink and miss 2.5, it was an 
internal release only).

**Snort 2.4.4**
The Snort 2.4.4 release fixes an issue where under certain conditions 
the frag3 preprocessor will not properly refragment stream data. 
Improvements have also been made to stream4 and a fix for Snort in 
inline mode was added. Numerous other improvements are detailed in the 
changlog for this release.

Note: This release is currently only available as a source tarball or 
from cvs. Sourcefire's build and QA systems are currently dedicated to 
the upcoming release of the Sourcefire 3D System v4.5. Moving forward we 
will be providing binaries for linux, win32 and OSX. In the meantime, if 
anyone in the community has the resources necessary to provide these 
sooner please let me know.

Release notes and the source tarball are available at 
http://www.snort.org/dl/.

**Snort 2.6 Beta**
Snort 2.6 Beta is available for testing. Feedback concerning issues with 
Snort 2.6 Beta should be directed to snort-beta () sourcefire com. We do 
not recommend deploying this beta in a production environment.

Feature highlights:

 * Added Performance Profiling Measurements for rules & preprocessors.
   Enabled via --enable-perfprofiling at configuration time.

 * Added support for dynamically loadable preprocessors, detection
   engine and rules. Enabled via --enable-dynamicplugin at
   configuration time.

 * Addition of dynamically loadable SMTP preprocessor.
   Deprecates xlink2state minipreprocessor.

 * Addition of dynamically loadable FTP/Telnet preprocessor.
   Deprecates telnet_decode preprocessor.

 * Preprocessor configuration validation. Verifies a preprocessor
   configuration, when one preprocessor depends on another preprocessor
   being enabled (HttpInspect depends on Stream for example). Also
   handles 2 part configurations (Frag3 requires at least one
   policy/engine configuration).

 * Longname option support.

 * Stream API to simplify transition to next generation Stream module.
   Flowbits now stored as part of stream, updates to output plugins for
   logging of reassembled packets.  Updates to other preprocessors to
   provide per stream state data.

 * Logging of Generator ID to MySQL database.  Updated database
   schema to add this field. Requires update to BASE.

To get a copy of the Snort 2.6 Beta testing, follow these instructions:

 # cvs -d:pserver:anonymous () cvs snort org:/cvsroot login
 # cvs -d:pserver:anonymous () cvs snort org:/cvsroot
   co SNORT_2_6 snort_2_6
 # cd snort_2_6
 # sh autojunk.sh
 # ./configure <options here, use -h to see all available options>
 # make
 # make install

You should now have Snort 2.6 Beta installed and ready for use.

Happy Snorting!

Cheers,
Jennifer


--
Jennifer Steffens
Director, Product Management - Snort
Sourcefire, Inc


-------------------------------------------------------
This SF.Net email is sponsored by xPML, a groundbreaking scripting language
that extends applications into web and mobile media. Attend the live webcast
and join the prime developer group breaking into this new coding territory!
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=110944&bid=241720&dat=121642
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users