Thursday, June 11, 2015

Snort++ Update

Just pushed build 157 to github (snortadmin/snort3):
  • port ssl from snort
  • fix stream_tcp to call splitter finish only if scan was called
  • changed drop rules drop current packet only
  • unchanged - block rules block all packets on flow
  • added reset rules to function as reject
  • deleted sdrop and sblock rules; use suppressions instead
  • refactored active module
  • updated snort2lua