|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
[Snort-users] Snort 2.0 rc1 available (fwd)
From: Dan Hanson (dhanson
securityfocus.com)
Date: Wed Mar 26 2003 - 17:35:13 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
This came across Snort-users, many of you probably saw it, but for anyone
who didn't and likes to play with the shiniest new software versions --
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Date: Wed, 26 Mar 2003 16:48:01 -0500
From: Martin Roesch <roeschsourcefire.com>
To: snort-userslists.sourceforge.net,
snort-devellists.sourceforge.net,
snort-announce-adminlists.sourceforge.net
Subject: [Snort-users] Snort 2.0 rc1 available
The Snort 2.0 release candidate 1 is available for your testing. We've
been working on and tweaking Snort 2.0 for quite a while now and it's
looking like it's ready to go. Please download it and check it out at
the earliest opportunity. If you find any bugs, please read the
doc/BUGS file before submitting a bug report, Snort works on too many
platforms for us to guess at your configuration!
This version features:
* Higher performance (due to a new pattern matcher and rebuilt
detection engine)
* Better decoders
* Enhanced stream reassembly and defragmentation
* Tons of bug fixes
* Updated rules
* Updated snort.conf
* New detection keywords (byte_test, byte_jump, distance, within) &
stateful pattern matching
* New HTTP flow analyzer
* Enhanced anomaly detection (HTTP, RPC, TCP, IP, etc)
* Better self preservation in stateful sunsystems
* Xrefs fixed
* Flexresp works faster and more effectively
* Better chroot()'ing
* Fixed 802.1q decoding
* Better async state handling
* New alerting option: -A cmg!!
The source tarball is available at
http://www.snort.org/dl/snort-2.0.0rc1.tar.gz. A win32 build will
follow shortly!
Brought to you by the character ':', the letters 'w' and 'q' and the
number 0x41414141. Enjoy!
-Marty
--
Martin Roesch - Founder/CTO, Sourcefire Inc. - (410)290-1616
Sourcefire: Snort-based Enterprise Intrusion Detection Infrastructure
roeschsourcefire.com - http://www.sourcefire.com
Snort: Open Source Network IDS - http://www.snort.org
-----------------------------------------------------------
ALERT: Exploiting Web Applications- A Step-by-Step Attack Analysis
Learn why 70% of today's successful hacks involve Web Application
attacks such as: SQL Injection, XSS, Cookie Manipulation and Parameter
Manipulation.
http://www.spidynamics.com/mktg/webappsecurity71
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]