Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Snort++ build 206 is now available on snort.org!

From: Snort Releases <snortreleases () snort org>
Date: Thu, 11 Aug 2016 16:59:03 -0400
Snort++ <https://snort.org/snort3> build 206 is now available on snort.org. This is the latest monthly update available for download. You can also get the latest updates from github (snortadmin/snort3 <https://github.com/snortadmin/snort3>) which is updated weekly. 

Enhancements:

* converted sd_pattern to use hyperscan
* ported smb reassembly and raw commands processing, segmentation support
* ported smb write and close command, deprecated dialect check, smb fingerprint 
* ported appid rule option as "appids"
* ported appid detectors: kereberos, bittorrent, imap, pop
* added appid counts for mdns, timbuktu, battlefield, bgp, and netbios services 
* added smtp.max_auth_command_line_len
* added new_http_inspect unbounded POST alert
* added oversize directory alert to new_http_inspect
* snort2lua updates for new_http_inspect

Bug Fixes:

* fixed asn1:print help
* fixed event queue buffer log size
* fixed make distcheck; thanks to jack jackson <jsakcon () gmail com> for reporting the issue 
* fixed help text for rule options ack, fragoffset, seq, tos, ttl, and win
* fixed endianness issues with rule options seq and win
* fixed rule option session binary vs all
* fixed issue with icmp_seq and icmp_id field matching
* fixed off-by-1 line number in rule parsing errors
* fixed cmake make check issue with new_http_inspect
* fixed new_http_inspect handling of 100 response
* fixed dynamic build of new_http_inspect
* fixed outstanding strndup calls
* fixed static analysis issues

Other Changes:

* moved http_inspect (old) to http_server (in extras)
* moved new_http_inspect to http_inspect
* code refactoring and cleanup
Please submit bugs, questions, and feedback to bugs () snort org or the Snort-Users mailing list. 

Happy Snorting!
The Snort Release Team


------------------------------------------------------------------------------
What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic
patterns at an interface-level. Reveals which users, apps, and protocols are 
consuming the most bandwidth. Provides multi-vendor support for NetFlow, 
J-Flow, sFlow and other flows. Make informed decisions using capacity 
planning reports. http://sdm.link/zohodev2dev
_______________________________________________
Snort-devel mailing list
Snort-devel () lists sourceforge net
https://lists.sourceforge.net/lists/listinfo/snort-devel
Archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-devel

Please visit http://blog.snort.org for the latest news about Snort!
Previous By Date Next
Previous By Thread Next

Current thread: