Snort mailing list archives
Snort++ build 206 is now available on snort.org!
From: Snort Releases <snortreleases () snort org>
Date: Thu, 11 Aug 2016 16:59:03 -0400
Snort++ <https://snort.org/snort3> build 206 is now available on snort.org. This is the latest monthly update available for download. You can also get the latest updates from github (snortadmin/snort3 <https://github.com/snortadmin/snort3>) which is updated weekly.
Enhancements: * converted sd_pattern to use hyperscan * ported smb reassembly and raw commands processing, segmentation support* ported smb write and close command, deprecated dialect check, smb fingerprint
* ported appid rule option as "appids" * ported appid detectors: kereberos, bittorrent, imap, pop* added appid counts for mdns, timbuktu, battlefield, bgp, and netbios services
* added smtp.max_auth_command_line_len * added new_http_inspect unbounded POST alert * added oversize directory alert to new_http_inspect * snort2lua updates for new_http_inspect Bug Fixes: * fixed asn1:print help * fixed event queue buffer log size* fixed make distcheck; thanks to jack jackson <jsakcon () gmail com> for reporting the issue
* fixed help text for rule options ack, fragoffset, seq, tos, ttl, and win * fixed endianness issues with rule options seq and win * fixed rule option session binary vs all * fixed issue with icmp_seq and icmp_id field matching * fixed off-by-1 line number in rule parsing errors * fixed cmake make check issue with new_http_inspect * fixed new_http_inspect handling of 100 response * fixed dynamic build of new_http_inspect * fixed outstanding strndup calls * fixed static analysis issues Other Changes: * moved http_inspect (old) to http_server (in extras) * moved new_http_inspect to http_inspect * code refactoring and cleanupPlease submit bugs, questions, and feedback to bugs () snort org or the Snort-Users mailing list.
Happy Snorting! The Snort Release Team
------------------------------------------------------------------------------ What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic patterns at an interface-level. Reveals which users, apps, and protocols are consuming the most bandwidth. Provides multi-vendor support for NetFlow, J-Flow, sFlow and other flows. Make informed decisions using capacity planning reports. http://sdm.link/zohodev2dev
_______________________________________________ Snort-devel mailing list Snort-devel () lists sourceforge net https://lists.sourceforge.net/lists/listinfo/snort-devel Archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-devel Please visit http://blog.snort.org for the latest news about Snort!
Current thread:
- Snort++ build 206 is now available on snort.org! Snort Releases (Aug 11)