Re: preprocessor normalize_tcp: ips ecn stream dropping SYN retransmission

[Amm Snort <ammdispose-snort () yahoo com>]

Thanks for quick response.

I do not see 2.9.4 on snort.org. So I assume its not yet released.


Where do I see development version OR atleast its SVN changelog

To know what new features/fixes can i expect and more to know existing bugs fixed in 2.9.4

Amm.




> ________________________________
> From: Russ Combs <rcombs () sourcefire com>
> To: Amm Snort <ammdispose-snort () yahoo com> 
> Cc: "snort-devel () lists sourceforge net" <snort-devel () lists sourceforge net> 
> Sent: Wednesday, 8 August 2012 8:19 PM
> Subject: Re: [Snort-devel] preprocessor normalize_tcp: ips ecn stream dropping SYN retransmission
>
>
> On Wed, Aug 8, 2012 at 8:18 AM, Amm Snort <ammdispose-snort () yahoo com> wrote:
>
> I believe "normalize_tcp" drops retry-SYNs because they do not match first SYN packet.
> > So is there any work around for this? Or am I missing any configuration directive?
> We have already fixed this for the 2.9.4 release.  The workaround for now is to disable normalize_tcp. 
------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and 
threat landscape has changed and how IT managers can respond. Discussions 
will include endpoint security, mobile security and the latest in malware 
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/

_______________________________________________
Snort-devel mailing list
Snort-devel () lists sourceforge net
https://lists.sourceforge.net/lists/listinfo/snort-devel

Please visit http://blog.snort.org for the latest news about Snort!