Snort Blog: Snort 3 beta available now!

["Joel Esler \(jesler\) via Snort-sigs" <snort-sigs () lists snort org>]

> https://blog.snort.org/2018/08/snort-3-beta-available-now.html 
> <https://blog.snort.org/2018/08/snort-3-beta-available-now.html>
>
> Snort 3 beta available now!
>
> We know our customers and community members have been waiting a while for this — so we are thrilled to announce that 
> Snort 3 (build 247) is available in beta now. Snort 3 is a redesign of Snort 2 with a number of significant 
> improvements.
>
> Here are some highlights you should know about before downloading:
> Configuration — We use LuaJIT for configuration. The config syntax is simple, consistent, and executable. LuaJIT 
> plugins for rule options and loggers are supported, too.
> Detection — We have worked closely with Cisco Talos to update rules to meet their needs, including a feature they 
> call "sticky buffers." With the use of the Hyperscan search engine, regex fast patterns make rules faster and more 
> accurate.
> HTTP — We have a new and stateful HTTP inspector that currently handles 99 percent of the HTTP Evader cases, and will 
> soon cover all of them. There are many new features, as well, including new rule options. HTTP/2 support is under 
> development.
> Performance — We have substantially increased performance for deep packet inspection.  Snort 3 supports multiple 
> packet-processing threads, and scales linearly with a much smaller amount of memory required for shared configs, like 
> rule engines.
> JSON event logging — These can be used to integrate with tools such as the Elastic Stack.  See this blog post 
> <https://blog.snort.org/2017/11/snort-30-with-elasticsearch-logstash.html> for more details.
> Plugins — Snort 3 was designed to be extensible and there are over 225 of plugins of various types. It is easy to add 
> your own codec, inspector, rule action, rule option, or logger.  SO rules are plugins, too, and it is much easier to 
> add your own.
> You can get Snort 3 from snort.org <https://snort.org/downloads/#snort-3.0> or from GitHub 
> <https://github.com/snort3>.
>
> These packages / repositories are available:
> snort3 — The main engine source code and plugins
> snort3_extra — Other experimental and example plugins
> snort3_demo — A test suite with working examples
> We push updates to GitHub multiple times per week, and the master branch is always stable.
>
> In addition to the cool new features, Snort 3 also supports all the capabilities of Snort 2.9.11, but we aren't done. 
> Coming soon, we have:
> Next generation DAQ
> Connection events
> Search engine acceleration
> ... and much more.
> Please submit bugs, questions, and feedback to bugs () snort org <mailto:bugs () snort org> or the Snort-Users 
> mailing list <https://www.snort.org/community>.
>
> Happy Snorting!
> The Snort Release Team

Attachment: signature.asc
Description: Message signed with OpenPGP

_______________________________________________
Snort-sigs mailing list
Snort-sigs () lists snort org
https://lists.snort.org/mailman/listinfo/snort-sigs

Please visit http://blog.snort.org for the latest news about Snort!

Please follow these rules: https://snort.org/faq/what-is-the-mailing-list-etiquette

Visit the Snort.org to subscribe to the official Snort ruleset, make sure to stay up to date to catch the most <a 
href=" https://snort.org/downloads/#rule-downloads";>emerging threats</a>!