![snort logo](/images/snort-logo.png)
Snort mailing list archives
Snort Blog: Snort 2.9.11.1 has been released!
From: "Joel Esler \(jesler\) via Snort-sigs" <snort-sigs () lists snort org>
Date: Thu, 4 Jan 2018 16:25:22 +0000
http://blog.snort.org/2018/01/snort-29111-has-been-released.html Snort 2.9.11.1 has been released! Snort 2.9.11.1 has been released! Release Notes: 2017-12-06 - Snort 2.9.11.1 New Additions * Added support to block portscan. In addition to tracking the scanning packets, action(drop/sdrop/reject) will be taken for all the packets, which means Snort will block the packet and generate logs. * Added support to re-evaluate reputation after reputation update for all flows except those that have already been blacklisted. Improvements * Fixed issue to detect RTP up to two SSRC switches in each traffic direction. * Fixed issues related to HTTP POST header flushing, calling file processing directly if it is not a multipart header and changes to avoid expensive copy of segment data by not splitting them when flushing headers. * Fixed issue of triggering protocol sweep alert when there are multiple destinations from single source ip protocol scan. * Added changes to fix IP portscan for protocol other than ICMP and fixed issue of bad fragment size event not being generated for oversized packets. * Added changes to use raw data in case of PDF and SWF files during file processing for SHA calculation and Malware Cloud Lookup. * Fixed issue of correct session matching for TCP SYN packets without window scale option so that FTP data channels match the same rule as FTP control channels. * Fixed issue of applying new configuration in file inspection after Snort reload. We'd like to thank the following Snort Community members for working us to fix issues released in 2.9.11.1: Markus Lude BlueSky David Binderman You can download Snort version 2.9.11.1 from it's usual location on Snort.org<https://snort.org/downloads>. Talos<https://www.talosintelligence.com/> will be releasing the ruleset for 2.9.11.1 later today (January 4th, 2018). As always, you can report issues with Snort via our Snort-devel mailing list<https://snort.org/community#mailing_lists>, and continue discussion for users on our Snort-users mailing list<https://snort.org/community#mailing_lists>. Thanks for your support of Snort and Happy New Year! -- Joel Esler | Talos: Manager | jesler () cisco com<mailto:jesler () cisco com>
_______________________________________________ Snort-sigs mailing list Snort-sigs () lists snort org https://lists.snort.org/mailman/listinfo/snort-sigs Please visit http://blog.snort.org for the latest news about Snort! Please follow these rules: https://snort.org/faq/what-is-the-mailing-list-etiquette Visit the Snort.org to subscribe to the official Snort ruleset, make sure to stay up to date to catch the most <a href=" https://snort.org/downloads/#rule-downloads">emerging threats</a>!
Current thread:
- Snort Blog: Snort 2.9.11.1 has been released! Joel Esler (jesler) via Snort-sigs (Jan 04)