Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Questions on Snort++

From: Russ <rucombs () cisco com>
Date: Fri, 21 Oct 2016 07:02:21 -0400


On 10/19/16 12:04 PM, James Lay wrote:

Hey all,

Some questions in regards to Snort++:

1.  As encryption is just about everywhere now, how will Snort++ deal
with encryption?

Snort++ won't fundamentally change this problem.  It is still essential 
that decryption is done before Snort sees the traffic you want to 
inspect.  We are working on enhancements to detect malicious encrypted 
traffic but otherwise it should be whitelisted by the SSL inspector.

2.  Any timeframe on when Snort++ will be out of Alpha stage?

Alpha 4 will be out before end of year.  I don't want to jinx it by 
being more specific.  :)  It will be a much improved superset of 2.9.8.3 
functionality, but a few things like JavaScript normalization likely 
won't make the cut.  The Beta release follows.


Thank you,

James

------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!



------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most 
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!
Previous By Date Next
Previous By Thread Next

Current thread: