OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: Martin Roesch (roeschsourcefire.com)
Date: Sun Nov 04 2001 - 00:29:23 CST

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    Archive: http://msgs.securepoint.com/ids
    FAQ IDS: http://www.sans.org/newlook/resources/IDFAQ/ID_FAQ.htm
    FAQ NIDS: http://www.ticm.com/kb/faq/idsfaq.html
    IDS: http://www-rnks.informatik.tu-cottbus.de/~sobirey/ids.html
    HELP: Having problems... email questions to ids-owneruow.edu.au
    NOTE: Remove this section from reply msgs otherwise the msg will bounce.
    SPAM: DO NOT send unsolicted mail to this list.
    UNSUBSCRIBE: email "unsubscribe ids" to majordomouow.edu.au
    -----------------------------------------------------------------------------
    Snort 1.8.2 is available for download at http://www.snort.org!

    This is mostly a bugfix release, Snort is now more stable and more
    usable than it's been in quite a while, and should do a good job of
    tiding people over while we transition to 2.0 and the codebase gets a
    little more "fluid".

    Here's the list of fixes:

        * fixed UTC timestamps
        * fixed SIGUSR1 handling, should reset properly now after getting
          a signal on all platforms
        * fixed PID path generation code, PID files go in the right place
    now
        * fixed stability problems in stream4
        * fixed stability problems in frag2
        * tweaks to spo_unified for better integration with barnyard
        * added -f switch to turn off fflush() calls in binary logging mode
        * added new config keyword to stream4, "log_flushed_streams", which
          causes all buffered packets in the stream reassembler for that
          session to be logged in the event of an event on that stream (must
          be used in conjunction with spo_log_tcpdump)
        * added packet precacheing for flexresp TCP packets, responses
          should be generated more quickly
        * fixed rules parser code for various failure modes
        * several new rules files and a new classification system
        * 60+ new rules since the last release added

    After this release we're going to reorganize the whole source tree and
    do a quick 1.9 version with the new code layout. Once that's done,
    we're going to begin coding 2.0 in earnest in December, hopefully doing
    our initial release sometime in the February time frame.

    Snort 1.8.2 is available in the following package types at
    http://www.snort.org on the Downloads page:
    * source tarball
    * RPM (10 flavors)
    * Solaris Package
    * OpenBSD Package
    * FreeBSD Package
    * win32 executable installer

    Enjoy!

         -Marty 

    --
Martin Roesch - President, Sourcefire Inc. - (410)552-6999
roeschsourcefire.com - http://www.sourcefire.com  
Snort: Open Source Network IDS - http://www.snort.org