[Snort-devel] Snort 2.9.8 Beta Available Now

Snort Releases snortreleases at ...835...
Mon Aug 17 12:04:54 EDT 2015


Snort 2.9.8 Beta is now available on snort.org at 
http://www.snort.org/downloads in the Snort Development Release section.

2015-08-05 - Snort 2.9.8 Beta
[*] New additions
*  AppID is no longer experimental.

*  SMBv2/SMBv3 support for file inspection.

*  Port override for metadata service in IPS rules.

*  AppID Lua detector performance profiling.

*  Perfmon dumps stats at fixed intervals from absolute time.

*  New preprocessor alert (18:120) to detect SSH tunneling over HTTP

*  New config option |disable_replace| to disable replace rule option.

*  New Stream configraution |log_asymmetric_traffic| to control logging 
to syslog.

*  New shell script in tools to create simple Lua detetors for AppID.


[*] Improvements
*  sfip_t refactored to use struct in6_addr for all ip addresses.

*  Post-detection callback for preprocessors.

*  AppID support for multiple server/client detectors evaluting on same 
flow.

*  AppID API for DNS packets.

*  Memory optimizations throughout.

*  Support sending UDP active responses.

*  Fix permon tracking of pruned packets.

*  Improved support for expected sessions.
See the Release Notes and ChangeLog for more details.

Please submit bugs, questions, and feedbacktobugs at ...2256...

Happy Snorting!
The Snort Release Team
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-devel/attachments/20150817/c2042260/attachment.html>


More information about the Snort-devel mailing list