Tuesday, March 31, 2015

Snort++ Build 144 Available Now

Snort++ build 144 is now available on snort.org.  We have a number of updates this time for you!

New features:

  • ported dns inspector
  • ported ssh inspector
  • added doc/usage.txt

Bug fixes and enhancements:
  • reworked autotools generation of api_options.h
  • updated default manuals
  • apply service from hosts when inspector already bound to flow
  • ensure direction and service are applied to packet regardless of flow state
  • enable active for react / reject only if used in configuration
  • eliminate dedicated nhttp chunk buffer
  • minor nhttp cleanup in StreamSplitter
  • fixed host lookup issue
  • folded classification.lua and reference.lua into snort_defaults.lua
  • apply defaults from parameter tables instead of relying on ctors etc.
  • fix static analysis issues reported by xcode
  • change policy names with a-b form to a_b for consistency
  • make all warnings optional
  • fix ip and tcp policy defines
  • fix ip and icmp flow client/server ip init
  • added build foo for lzma; refactored configure.ac
  • enhancements for checking compatibility of external plugins

You can also get the latest updates from github (snortadmin/snort3) which is updated weekly.

Please submit bugs, questions, and feedback to bugs@snort.org or the Snort-Users mailing list.

Happy Snorting!
The Snort Release Team