[Snort-devel] Snort 1.8.1 released!

Martin Roesch roesch at ...402...
Wed Aug 15 03:08:14 EDT 2001


Hi everyone,
     Snort 1.8.1 is available on our brand new web site!  Please head on
over to http://www.snort.org and have a look at the new site and check
out the new release.  For the impatient, you can get the latest tarball
straight from http://www.snort.org/releases/snort-1.8.1-RELEASE.tar.gz.  

What's new and different about this release, you ask?  Here's the scoop:

* SNMP alerting support added by Glenn Mansfield Keeni & K. Jayanthi
* IDMEF output support compiled in by default now
* regex keyword code repaired, limited regex/wildcards now available in
the rules language
* new packet counters added to Snort stats output for frags and streams
* http_decode preprocessor modified to normalize %u encoding
* new detection modes in frag2, Snort picks up fragmentation 
  attacks (teardrop, etc) much better now
* repaired frag2 IP defragmenter, now highly stable and functional
* tweaks made to stream4 TCP stream reassembler, now highly stable
* Win32 code integrated with main Snort source now
* fix for -r mode crash when no other command line options specified
* fix for logfile names using ":" under win32
* tag code repaired, tags now work as expected (perhaps better even!)
* spp_arpspoof repaired
* stream4 alerts are now off by default
* syslog alerts now support standard GEN:SID:REV data

As always, the cast of characters that made this all possible is a
lengthy list of great people, and I'd like to mention just a few who
were especially helpful and supportive as we got things going for this
release:  Phil Wood, Fyodor Yarochkin, Brian Caswell, Bill Gercken,
Roman Danyliw, Jed Pickel, and Joe McAlerney.  

Enjoy!

     -Marty

--
Martin Roesch
roesch at ...402...
http://www.sourcefire.com - http://www.snort.org




More information about the Snort-devel mailing list