Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Snort 2.9.8 RC Now Available

From: Snort Releases <snortreleases () snort org>
Date: Thu, 8 Oct 2015 13:22:36 -0400
Snort 2.9.7.6 is now available on snort.org at
http://www.snort.org/downloads in the Snort Stable Release section.

2015-08-28 - Snort 2.9.8_rc

[*] New additions
  *  SMBv2/SMBv3 support for file inspection.

  *  Port override for metadata service in IPS rules.

  *  AppID Lua detector performance profiling.

  *  Perfmon dumps stats at fixed intervals from absolute time.

  *  New preprocessor alert (18:120) to detect SSH tunneling over HTTP

  *  New config option |disable_replace| to disable replace rule option.

  *  New Stream configuration |log_asymmetric_traffic| to control 
logging to syslog.

  *  New shell script in tools to create simple Lua detectors for AppID.

[*] Improvements
  *  sfip_t refactored to use struct in6_addr for all ip addresses.

  *  Post-detection callback for preprocessors.

  *  AppID support for multiple server/client detectors evaluating on 
same flow.

  *  AppID API for DNS packets.

  *  Memory optimizations throughout.

  *  Support sending UDP active responses.

  *  Fix perfmon tracking of pruned packets.

  *  Stability improvements for AppID.

  *  Stability improvements for Stream6 preprocessor.

  *  Added improved support to block malware in FTP preprocessor.

  *  Added support to differentiate between active and passive FTP 
connections.

  *  Improvements done in Stream6 preprocessor to avoid having duplicate 
packets in the DAQ retry queue.

  *  Resolved an issue where reputation config incorrectly displayed 
'blacklist' in priority field even though 'whitelist' option was configured.

See the Release Notes and ChangeLog for more details.

Please submit bugs, questions, and feedback to bugs () snort org.

Happy Snorting!
The Snort Release Team


------------------------------------------------------------------------------
_______________________________________________
Snort-devel mailing list
Snort-devel () lists sourceforge net
https://lists.sourceforge.net/lists/listinfo/snort-devel
Archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-devel

Please visit http://blog.snort.org for the latest news about Snort!
Previous By Date Next
Previous By Thread Next

Current thread: