'[Snort-users] Snort++ build 206 is now available on snort.org!'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       snort-users
Subject:    [Snort-users] Snort++ build 206 is now available on snort.org!
From:       Snort Releases <snortreleases () snort ! org>
Date:       2016-08-11 20:59:03
Message-ID: 4abb909e-c147-ef95-2c29-a71664446f1a () snort ! org
[Download RAW message or body]

[Attachment #2 (multipart/alternative)]


Snort++ <https://snort.org/snort3> build 206 is now available on 
snort.org.  This is the latest monthly update available for download.  
You can also get the latest updates from github (snortadmin/snort3 
<https://github.com/snortadmin/snort3>) which is updated weekly.

Enhancements:

* converted sd_pattern to use hyperscan
* ported smb reassembly and raw commands processing, segmentation support
* ported smb write and close command, deprecated dialect check, smb 
fingerprint
* ported appid rule option as "appids"
* ported appid detectors: kereberos, bittorrent, imap, pop
* added appid counts for mdns, timbuktu, battlefield, bgp, and netbios 
services
* added smtp.max_auth_command_line_len
* added new_http_inspect unbounded POST alert
* added oversize directory alert to new_http_inspect
* snort2lua updates for new_http_inspect

Bug Fixes:

* fixed asn1:print help
* fixed event queue buffer log size
* fixed make distcheck; thanks to jack jackson <jsakcon@gmail.com> for 
reporting the issue
* fixed help text for rule options ack, fragoffset, seq, tos, ttl, and win
* fixed endianness issues with rule options seq and win
* fixed rule option session binary vs all
* fixed issue with icmp_seq and icmp_id field matching
* fixed off-by-1 line number in rule parsing errors
* fixed cmake make check issue with new_http_inspect
* fixed new_http_inspect handling of 100 response
* fixed dynamic build of new_http_inspect
* fixed outstanding strndup calls
* fixed static analysis issues

Other Changes:

* moved http_inspect (old) to http_server (in extras)
* moved new_http_inspect to http_inspect
* code refactoring and cleanup

Please submit bugs, questions, and feedback to bugs@snort.org or the 
Snort-Users mailing list.

Happy Snorting!
The Snort Release Team


[Attachment #5 (text/html)]

<html>
  <head>

    <meta http-equiv="content-type" content="text/html; charset=utf-8">
  </head>
  <body bgcolor="#FFFFFF" text="#000000">
    <p><a href="https://snort.org/snort3">Snort++</a> build 206 is now
      available on snort.org.  This is the latest monthly update
      available for download.  You can also get the latest updates from
      github (<a href="https://github.com/snortadmin/snort3">snortadmin/snort3</a>)
      which is updated weekly.<br>
      <br>
      Enhancements:<br>
      <br>
      * converted sd_pattern to use hyperscan<br>
      * ported smb reassembly and raw commands processing, segmentation
      support<br>
      * ported smb write and close command, deprecated dialect check,
      smb fingerprint<br>
      * ported appid rule option as "appids"<br>
      * ported appid detectors: kereberos, bittorrent, imap, pop<br>
      * added appid counts for mdns, timbuktu, battlefield, bgp, and
      netbios services<br>
      * added smtp.max_auth_command_line_len<br>
      * added new_http_inspect unbounded POST alert<br>
      * added oversize directory alert to new_http_inspect<br>
      * snort2lua updates for new_http_inspect<br>
      <br>
      Bug Fixes:<br>
      <br>
      * fixed asn1:print help<br>
      * fixed event queue buffer log size<br>
      * fixed make distcheck; thanks to jack jackson
      <a class="moz-txt-link-rfc2396E" \
href="mailto:jsakcon@gmail.com">&lt;jsakcon@gmail.com&gt;</a> for reporting the \
                issue<br>
      * fixed help text for rule options ack, fragoffset, seq, tos, ttl,
      and win<br>
      * fixed endianness issues with rule options seq and win<br>
      * fixed rule option session binary vs all<br>
      * fixed issue with icmp_seq and icmp_id field matching<br>
      * fixed off-by-1 line number in rule parsing errors<br>
      * fixed cmake make check issue with new_http_inspect<br>
      * fixed new_http_inspect handling of 100 response<br>
      * fixed dynamic build of new_http_inspect<br>
      * fixed outstanding strndup calls<br>
      * fixed static analysis issues<br>
      <br>
      Other Changes:<br>
      <br>
      * moved http_inspect (old) to http_server (in extras)<br>
      * moved new_http_inspect to http_inspect<br>
      * code refactoring and cleanup<br>
      <br>
      Please submit bugs, questions, and feedback to <a
        href="bugs@snort.org">bugs@snort.org</a> or the Snort-Users
      mailing list.<br>
      <br>
      Happy Snorting!<br>
      The Snort Release Team<br>
    </p>
  </body>
</html>



------------------------------------------------------------------------------
What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic
patterns at an interface-level. Reveals which users, apps, and protocols are 
consuming the most bandwidth. Provides multi-vendor support for NetFlow, 
J-Flow, sFlow and other flows. Make informed decisions using capacity 
planning reports. http://sdm.link/zohodev2dev

_______________________________________________
Snort-users mailing list
Snort-users@lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!

[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic