Friday, August 2, 2019

Snort has been released!

Snort Community!

We know it's a Friday, so we don't expect everyone to run right out and update, but in trying to get everything done before Black hat / Defcon, we wanted to make sure that was shipped before we all got on planes to head out to "Hacker Summer Camp".

We've just pushed live on the website (  Please head on over and check it out at your earliest convenience.

Release notes are essentially the same as, with one minor fix, so I'll repost those:

[*] New Additions

 * Added support for wild card port numbers in host cache and overwriting port service AppId.

 * Added support for new STLS client patterns to help better detect POP3S over SSL.

 * Added support for detecting Mac based SMTP Microsoft Outlook client application.

 * Added a new preprocessor alert 120:27 to alert if there is no proper end of header.

[*] Improvements / Fix

 * Improved appId detection for proxied traffic.

 * Fix for enabling flow profiling mode without restarting snort detection engine.

 * Fixed packet drop scenario.

Thanks so much for bearing with us while we figured out the little bug with packet acquisition.

As always, feedback can be directed to the Snort-users list.  Happy Snorting!