Re: snort-1.9.0 is released!

[twig les <twigles () yahoo com>]

I'm not ready to upgrade immediately (happily snorting
with 1.8.7 in a production environment).  How long
will the 1.8.x signatures be maintained?

--- Chris Green <cmg () sourcefire com> wrote:
> The Snort team is proud to announce the availability
> of version 1.9.0
> of Snort available for download at
> http://www.snort.org
>
> http://www.snort.org/dl/snort-1.9.0.tar.gz
> http://www.snort.org/dl/snort-1.9.0.tar.gz.asc (gpg)
>
> This release is the culmination of lots of bug
> fixing and
> new features from many developers including
>
> Roman Danyliw, Glenn Mansfield Keeni, Abe Katsuhisa,
> Marty Roesch,
> Brian Caswell, Andrew Baker, Jed Haile, Jason
> Larsen, Dragos, Dan
> Roelker, Marc Norton, Chris Reid, Jeff Nathan, Phil
> Wood, Dave
> Goldsmith, Andreas Ostling (to whom I own : above
> the O), Andrew
> Hintz, everyone who submits bug reports and tests
> and submits
> signatures or signature descriptions.
>
> A list of major changes include:
>
> - reorganized code tree ( finally declared stable )
> - portscan2 / conversation introduction
> - picking up state on sessions is more forgiving of
> odder flag
>   combinations throughout snort as a whole
> - the flow keyword to indicate "from_server" or
> "to_server"
> - snortdb schema 1.06
> - perf stats
> - flexresp fixes so that it's on the OTN instead of
> the RTN
> - icmp formatting fixes
> - telnet negotiation handles the telnet EAC
> character
> - URI related bug fixed where a HTTP rule would
> alert on bogus traffic
>   ( thanks to qru for test case )
> - works with net-snmp
> - Stream4 supports asynchronous_link's ( great if
> you have to do IDS
>   without being able to combine both sides of an
> ethernet tap or split
>   routing )
> - the decoder creates alerts for packets it doesn't
> understand ( save
>   this and submit them as BUGS or events )
>    config disable_decode_alerts to disable this
> feature
> - LOTS of new rules
>
>   flags: A+ is not how we will ever mark a session
> as "established"
>          ever again.
> - dsize check gains min<>max range support
> - checksum functions inlined and obscure endianess
> related bug
>
> Release Notes:
>
> - Only libnet 1.0 supported for flexresp
> - HP-UX is not a supported platform. 
>
> Thanks for your patience and support. The SNORT_1_9
> branch of CVS is
> now marked as the stable branch for bug fixing and
> minor features
> only.
>
> The HEAD branch is where development will commence. 
> Please note this
> as people who have deemed the beta';s of 1.9 good
> enough for
> production use that the place you need to track has
> changed.
>
> The command to grab a new copy via from is:
>
> cvs
-d:pserver:anonymous () cvs snort sourceforge net:/cvsroot/snort
> \
>    co -r SNORT_1_9 -d snort-1.9  snort
>
> -- 
> Chris Green <cmg () sourcefire com>
> Eschew obfuscation.

> ATTACHMENT part 2 application/pgp-signature 



=====
-----------------------------------------------------------
Heavy metal made me do it.                        
-----------------------------------------------------------

__________________________________________________
Do you Yahoo!?
New DSL Internet Access from SBC & Yahoo!
http://sbc.yahoo.com


-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users