Wednesday, September 30, 2015

Snort 2.9.7.6 has been released!

Please join us in welcoming the newest release of Snort, Version 2.9.7.6!

Below are the release notes for this version:


2015-08-17 Snort 2.9.7.6
[*] New additions
  * Added support for detecting 'SSH tunneling over HTTP'.

[*] Improvements
  * Behavioral change in file processing to block malware files in inline-test mode also.

  * Improvements to XFF handling in case of pipelined HTTP requests. 

  * Stability improvements for Stream6 preprocessor.

  * Resolved an issue where min_ttl decoder was dropping packets in alert mode also.

  * Added improved support to inspect unlimited packets in HTTP.

  * Resolved an issue where reputation config incorrectly displayed 'blacklist' in
    priority field even though 'whitelist' option was configured.


The Snort Team would like to thank the following community members for their contributions to Snort 2.9.7.6:

Mike Cox
Gabriel Corre
Bill Parker
Avery Rozar

If you'd like to be a contributor to Snort, large or small, code changes or manual corrections, we'd love to have you.   Please join our Snort-devel mailing list and submit your ideas/changes/corrections there.