Tuesday, September 27, 2016

Snort Subscriber Rule Set Update for 09/27/2016

Just released:
Snort Subscriber Rule Set Update for 09/27/2016


We welcome the introduction of the newest rule release from Talos. In this release we introduced 11 new rules and made modifications to 20 additional rules.

There were no changes made to the snort.conf in this release.



Talos's rule release:
Talos has added and modified multiple rules in the blacklist, browser-firefox, browser-ie, exploit-kit, file-image, file-office, indicator-shellcode, os-windows, protocol-dns and server-webapp rule sets to provide coverage for emerging threats from these technologies.


In order to subscribe now to Talos's newest rule detection functionality, you can subscribe for as low as $29 US dollars a year for personal users, be sure and see our business pricing as well at https://www.snort.org/products. Make sure and stay up to date to catch the most emerging threats!

Friday, September 23, 2016

Snort++ Update

Pushed build 211 to github (snortadmin/snort3):
  • fix hyperscan detection with nocase
  • fix shutdown sequence
  • fix --dirty-pig
  • fix FreeBSD build re appid / service_rpc

Thursday, September 22, 2016

Snort 2.9.8.2 is End of Life!

Just a notification to remind everyone that Snort 2.9.8.2 is now End of Life (EOL).  In accordance with our EOL policy, 2.9.8.2 met its EOL date today.

Now it is time to upgrade your engines, Snort 2.9.8.3 is the current version of Snort, and users should upgrade immediately.

Thanks for all of your support!

Snort Subscriber Rule Set Update for 09/22/2016

Just released:
Snort Subscriber Rule Set Update for 09/22/2016


We welcome the introduction of the newest rule release from Talos. In this release we introduced 23 new rules and made modifications to 73 additional rules.



Talos's rule release:
Talos has added and modified multiple rules in the browser-ie, browser-plugins, file-flash, file-office, indicator-compromise, indicator-obfuscation, malware-cnc, server-mysql and server-webapp rule sets to provide coverage for emerging threats from these technologies.


In order to subscribe now to Talos's newest rule detection functionality, you can subscribe for as low as $29 US dollars a year for personal users, be sure and see our business pricing as well at https://www.snort.org/products. Make sure and stay up to date to catch the most emerging threats!

Wednesday, September 21, 2016

Snort++ Update

Pushed build 210 to github (snortadmin/snort3):
  • started dce_udp porting
  • added HA details to stream/* dev_notes
  • added stream.ip_frag_only to avoid tracking unwanted flows
  • updated default stream cache sizes to match 2.X
  • fixed tcp_connector_test for OSX build
  • fixed binder make files to include binder.h
  • fixed double counting of ip and udp timeouts and prunes
  • fixed clearing of SYN - RST flows
Pushed build 209 to github last week:
  • add dce iface fast pattern for tcp
  • add --enable-tsc-clock to build/use TSC register (on x86)
  • update latency to use ticks during runtime
  • tcp stream reassembly tweaks
  • fix inverted detection_filter logic
  • fix stream profile stats parents
  • fix most bogus gap counts
  • unit test fixes for high availability, hyperscan, and regex

Tuesday, September 20, 2016

Snort Subscriber Rule Set Update for 09/20/2016

Just released:
Snort Subscriber Rule Set Update for 09/20/2016


We welcome the introduction of the newest rule release from Talos. In this release we introduced 12 new rules and made modifications to 2 additional rules.

There were no changes made to the snort.conf in this release.


Talos's rule release:
Talos has added and modified multiple rules in the blacklist, file-image, indicator-obfuscation, malware-cnc and server-other rule sets to provide coverage for emerging threats from these technologies.


In order to subscribe now to Talos's newest rule detection functionality, you can subscribe for as low as $29 US dollars a year for personal users, be sure and see our business pricing as well at https://www.snort.org/products. Make sure and stay up to date to catch the most emerging threats!

Monday, September 19, 2016

Snort 2.9.8.2 is rapidly approaching!

As you can see from our EOL page:

https://www.snort.org/eol

The EOL for Snort 2.9.8.2 is approaching in a couple days.   From our download statistics, the percentage of people is pretty small.

Please try and update your engines this week to 2.9.8.3, the current version. We also look forward to the release of 2.9.9.0 in the coming weeks, so for those of you still on 2.9.7.6, the EOL for 2.9.7.6 will be the release of 2.9.9.0 + 90 days (as a reminder).

So, 2.9.7.6 users, your EOL is coming too, and there are tens of thousands of you on that version.  It's upgrade time!