Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Snort 2.9.7.0 Alpha is now available

From: Snort Releases <snortreleases () snort org>
Date: Tue, 25 Feb 2014 10:05:14 -0500
Snort 2.9.7 Alpha is now available on snort.org, at
http://www.snort.org/snort-downloads/  in the Development section.

Snort 2.9.7 includes a major new feature for to Application Identification,
our openappid capability.

[*] New additions
   * Application Identification Preprocessor, when used in conjunction with
     open app ID detector content, that will identify application protocol,
     client, server, and web applications and include the info in Snort 
alert
     data.  In addition, a new rule option keyword 'appid' that can be 
used to
     constrain Snort rules based on one or more applications that are 
identified
     for the connection.  See README.appid for details.  Please report 
issues or
     ask questions specific to open app ID via a new mailing 
list:snort-openappid () sourceforge net.

   * A new protected_content rule option that is used to match against a 
content
     that is hashed.  It can be used to obscure the full context of the 
rule from
     the administrator.

   * Protocol Aware Flushing (PAF) improvements for SMTP, POP, and IMAP to
     more accurately process different portions of email messages and file
     attachments.

[*] Improvements
   * Update active response to allow for responses of 1500+ bytes that span
     multiple TCP packets.

   * Check limits of multiple configurations to not exceed a maximum ID 
of 4095.

   * Updated the error ouptput of byte_test, byte_jump, byte_extract to
     including details on offending options for a given rule.

   * Update build and install scripts to install preprocessor and engine 
libraries
     into user specified libdir.


See the Release Notes and ChangeLog for more details.

Please submit other bugs, questions, and feedback tobugs () snort org.

Happy Snorting!
The Snort Release Team


------------------------------------------------------------------------------
Flow-based real-time traffic analytics software. Cisco certified tool.
Monitor traffic, SLAs, QoS, Medianet, WAAS etc. with NetFlow Analyzer
Customize your own dashboards, set traffic alerts and generate reports.
Network behavioral analysis & security monitoring. All-in-one tool.
http://pubads.g.doubleclick.net/gampad/clk?id=126839071&iu=/4140/ostg.clktrk
_______________________________________________
Snort-devel mailing list
Snort-devel () lists sourceforge net
https://lists.sourceforge.net/lists/listinfo/snort-devel
Archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-devel

Please visit http://blog.snort.org for the latest news about Snort!
Previous By Date Next
Previous By Thread Next

Current thread: