NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Snort IDS> 2004-01

[Snort-users] ANNOUNCEMENT: Snort-IDMEF-Plugin 1.2.3alpha for snort 2.1.0 released

From: Sandro Poppi (spoppigmx.net)
Date: Sun Jan 11 2004 - 06:44:44 CST

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi Snorters,

I'm happy to announce a new release of the GPL'ed Snort IDMEF plugin
1.2.3alpha for Snort 2.1.0.

IDMEF is the Intrusion Detection Exchange Message Format which is XML
based and developed by the IETF working group IDWG. It's current status
is "Draft".

Snort IDMEF enables Snort to generate IDMEF based messages and store
them either in a flat file or distribute them via TCP sockets.

The changes in this version are:

    - configure.in
    -- added option --enable-old which enables compatibility mode for
      snort 2.0.x
      This is highly DISCOURAGED! It enables portscan/http_decode
      preprocessor alerts.
    -- added check for sys/utsname.h
    - added support for flow-portscan preprocessor
    - added support for http-inspect preprocessor
    - BuildSource/BuildTarget: added check for NULL packet
    - added creation of IDMEF Impact Class for rules; see README.impact
      for details
    - added README.impact

Requirements:
     - Snort 2.1.0 source http://www.snort.org
     - libidmef http://sourceforge.net/projects/libidmef
     - libxml2 http://xmlsoft.org/
     - snort-idmef-plugin ;) http://sourceforge.net/projects/snort-idmef

On the project's homepage you'll find some mailinglists for issues
related to the snort-idmef-plugin.

Feedback is always welcomed!

Happy snort'ing,
Sandro

-------------------------------------------------------
This SF.net email is sponsored by: Perforce Software.
Perforce is the Fast Software Configuration Management System offering
advanced branching capabilities and atomic changes on 50+ platforms.
Free Eval! http://www.perforce.com/perforce/loadprog.html
_______________________________________________
Snort-users mailing list
Snort-userslists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

application/x-pkcs7-signature attachment: S/MIME Cryptographic Signature

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]