Thursday, January 19, 2012

Snort is now available!

Snort includes the following updates and improvements:
* Added new alerts for HTTP (undefined methods & HTTP 0.9 simple requests).

* Updates to the Stream preprocessor in TCP session tracking to avoid re-queuing retransmitted data that was already flushed. Also various tweaks for PAF flushing.

* Updates to the reputation preprocessor to handle shared memory switching.

* Updates to the SCADA preprocessors in their handling of PAF flushing and Modbus request/response length checking. Also tweaks in alerts for reserved DNP3 functions.

* Updates to flowbit groups to always use the group when some rules refer to a flow group while others do not refer to a group for the same flowbit.

* Updates to GTP preprocessor to check invalid extension header length for GTPv1.

* Updates to sfrt library, used in reputation preprocessor and target based configuration, when calculating memory allocated and support for IPv6.

It is now available at in the Latest Release section.

No comments:

Post a Comment