Please join us as we welcome SNORTⓇ 2.9.12.0 to the family!
Some release notes on this latest version:
We'd like to thank the following members of the Snort community for reporting issues and submitting code to the project:
As always, we welcome feedback and community participation in Snort on the snort-users mailing list.
Some release notes on this latest version:
New Additions
- Parsing HTTP CONNECT to extract the tunnel IP and port information.
- Alerting and dechunking for chunked encoding in HTTP1.0 request and response.
Improvements
- Fixed an issue where, if we have a junk line before HTTP response header, the header was wrongly parsed.
- Fixed GZIP evasions where an HTTP response with content-encoding:gzip contains a body that has a GZIP-related anomaly.
- Fixed an issue in certain scenarios where a BitTorrent pattern is seen only on the third packet of the session, causing us to miss our client detection.
- SMB improvements for file detection and processing.
We'd like to thank the following members of the Snort community for reporting issues and submitting code to the project:
- Elof
- Anuj Patel
- Markus
- David Binderman
- Stephan Zeisbarg
As always, we welcome feedback and community participation in Snort on the snort-users mailing list.