Re: Snort 2.9.4 Now Available

["Weir, Jason" <jason.weir () nhrs org>]

Thanks Joel - maybe part of the pre-release procedures then  ;)

-J

> -----Original Message-----
> From: Joel Esler [mailto:jesler () sourcefire com]
> Sent: Tuesday, December 04, 2012 12:29 PM
> To: Weir, Jason
> Cc: snort-team () sourcefire com; snort-users () lists sourceforge net
> Subject: Re: [Snort-users] Snort 2.9.4 Now Available
>
> It is.  It's just number 12 or so on my list
>
>
> On Dec 4, 2012, at 12:20 PM, "Weir, Jason" <jason.weir () nhrs org>
wrote:
> > Joel,
> >
> > Any idea when http://labs.snort.org/snort/2940/ will exist and be
> > populated?
> >
> > Might want to make this part of your build or release procedures as
this
> > always seems to be an afterthought..
> >
> > Thanks,
> > Jason
> >
> > > -----Original Message-----
> > > From: Snort Releases [mailto:snortreleases () snort org]
> > > Sent: Monday, December 03, 2012 3:11 PM
> > > To: snort-users () lists sourceforge net
> > > Subject: [Snort-users] Snort 2.9.4 Now Available
> > >
> > > Snort 2.9.4 is now available on snort.org, at
> > > http://www.snort.org/snort-downloads/ in the Latest Release
section.
> > > ************
> > > Please note:
> > > 2.9.3.1 & later packages are signed with a new PGP key
> > > (that key is signed with the previous key).
> > > ************
> > >
> > > Snort 2.9.4 includes changes for the following:
> > >
> > > [*] New additions
> > >
> > >  * Consolidation of IPv6 -- now only a single build supports both
> > >    IPv4 & IPv6, and removal of the IPv4 "only" code paths.
> > >
> > >  * File API and improvements to file processing for HTTP downloads
> > >    and email attachments via SMTP, POP, and IMAP to facilitate
> > >    broader file support
> > >
> > >  * Use of address space ID for tracking Frag & Stream connections
> > >    when it is available with the DAQ
> > >
> > >  * Logging of packet data that triggers PPM for post-analysis via
> > >    Snort event
> > >
> > >  * Decoding of IPv6 with PPPoE
> > >
> > >  * Added an API call to add a service to a host in the attribute
> > table.
> > >    Remove the unused live attribute update code.
> > >
> > > [*] Improvements
> > >
> > >  * Update to Stream5 PAF for handling gaps in the sequence numbers
of
> > >    packets being reassembled.
> > >
> > >  * Selection of the Stream TCP policy based on the server rather
than
> > >    the destination of first packet seen by Snort
> > >
> > >  * Allow disabling of global thresholds via a count of -1
> > >
> > >  * Prevent blocking duplicate SYNs when using inline normalization
> > >
> > >  * Add SSLv3 backwards compatibility support for SSLv2 ClientHello
> > >    messages
> > >
> > >  * Allow active responses to packets without data (eg, a TCP SYN)
> > >
> > >  * Changed logic of option evaluations for shared library rules
that
> > >    use a custom evaluation function to match that of the builtin
> > logic
> > >    when the NOT_FLAG is used.  The 'NOT' matching now happens
within
> > >    each of the individual rule option evaluation functions.
> > >
> > >  * Updated SMTP preprocessor to better handle commands that have
> > >    corresponding data on a subsequent line to reduce false
positives.
> > >    3 commands fall into this category - X-EXPS, XEXCH50, and BDAT.
> > >
> > >  * Improve support for encapsulated & tunneling protocols to block
or
> > >    fastpath a connection within the tunnel rather applying that to
> > >    the whole tunnel.
> > >
> > > Please see the Release Notes and ChangeLog for more details.
> > >
> > > Please submit bugs, questions, and feedback to bugs () snort org.
> > >
> > > Happy Snorting!
> > > The Snort Release Team

------------------------------------------------------------------------------
LogMeIn Rescue: Anywhere, Anytime Remote support for IT. Free Trial
Remotely access PCs and mobile devices and provide instant support
Improve your efficiency, and focus on delivering more value-add services
Discover what IT Professionals Know. Rescue delivers
http://p.sf.net/sfu/logmein_12329d2d
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!