Wednesday, September 3, 2014

OpenAppID Detector Package update for 09/03/2014

Just Released:
OpenAppID Detector Package update for 09/03/2014

We welcome the introduction of the newest OpenAppID release from the Detection Team. In this release:

* Increased the coverage of our application detectors to an additional 243 detectors which brings our total coverage to 2,450 detectors. 

For more information about the list of detectors they can be viewed in the appMapping.data file.
You can download Snort 2.9.7.0 beta and the OpenAppId content at https://www.snort.org/downloads in the Development section.

2 comments:

  1. Hello Costa, I hope you could help me on this. I have activated snort and applied all snort ruleset, ET Open Rules, Snort Text Rules and Snort SO Rules. But after this when i open Microsoft outlook and do a send / receive, i get an error message saying POP3 error cannot connect to mail server 0x80042108. Can you please help.

    ReplyDelete
  2. If you don't have OpenAppID enabled, does it still block Microsoft Outlook?
    Would it be possible to send us your current configuration, along with the conn-unified log files of that traffic at our OpenAppID distribution list at: snort-openappid@lists.sourceforge.net

    ReplyDelete