Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Snort 2.9.6 Beta Now Available

From: Snort Releases <snortreleases () snort org>
Date: Mon, 18 Nov 2013 16:44:40 -0500
Snort 2.9.6 Beta is now available on snort.org, at
http://www.snort.org/snort-downloads/ in the Development section.

Snort 2.9.6 includes changes for the following:

[*] New additions
  * Add support to do file specific processing within DCERPC
    preprocessor for files being transferred over SMB.

  * File capture and storage -- saves files as they traverse the
    network via a new preprocessor that ties in support within
    HTTP, FTP, SMTP, POP, IMAP, and SMB.  See README.file and
    README.file_server (under tools/file_server) for details.

  * Add <= and >= operators to byte_test rule option.

  * Update SMTP to detect Cyrus SASL authentication attack.

  * Add capability to capture a single session from start to end.

  * EXPERIMENTAL: Add support to leverage file type identification in
    snort rules.  See README.file_ips for details.

[*] Improvements
  * Only inject active responses when a TCP session is established.

  * Update the POP and IMAP protocols to support simple PAF for improved
    identification and capture of files.

  * Update SMTP, POP, IMAP to improve inspection when mime boundaries are
    split across packets.

  * Address issue to address end of line incorrectly for Quoted Printable
    email attachments.

  * Handle out of order SSL handshake in SMTP when STARTTLS is used and
    fix checks for SSL type only within the SSL hand shake.

  * Update sensitive data preprocessor to handle a stateful search of
    patterns across multiple packets.

  * Address a few issues in the Snort manual and other READMEs for
    flowbits and tunneling.

  * Save off packet data for quicker debugging in case of a SIGABRT or
    SIGBUS.

See the Release Notes and ChangeLog for more details.

Please submit bugs, questions, and feedback to bugs () snort org.

Happy Snorting!
The Snort Release Team


------------------------------------------------------------------------------
Shape the Mobile Experience: Free Subscription
Software experts and developers: Be at the forefront of tech innovation.
Intel(R) Software Adrenaline delivers strategic insight and game-changing 
conversations that shape the rapidly evolving mobile landscape. Sign up now. 
http://pubads.g.doubleclick.net/gampad/clk?id=63431311&iu=/4140/ostg.clktrk
_______________________________________________
Snort-devel mailing list
Snort-devel () lists sourceforge net
https://lists.sourceforge.net/lists/listinfo/snort-devel
Archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-devel

Please visit http://blog.snort.org for the latest news about Snort!
Previous By Date Next
Previous By Thread Next

Current thread: