[Snort-users] Snort-1.6.3 released

Martin Roesch roesch at ...1...
Sat Jul 22 03:09:58 EDT 2000

Hash: SHA1

Ok, it's ready!  Go get it at http://www.snort.org.  There have been several
aks and fixes to this version, thanks to everyone here for being supportive
patient while I've worked out the bugs in the post-1.6 releases.

Short of any major bugs, this will be the last release for a while as I'm
to be increasingly busy with the Hiverworld IDS for the next few months, not
mention a couple of conferences and several other things that are going on.  

I'm going to hold off announcing this on the announce list and on public web
es (Technotronic/PacketStorm/Freshmeat/SecurityFocus) until Monday so that a
ger audience will see the announcements. (am I in marketing yet?) :)

Here's the complete list of fixes and changes for version 1.6.3:

* Fixed compilation problems on all non-BSD operating systems
* Added better configuration support for locating libpcap
* Fixed ICMP ping packet id/sequence printouts
* Made allowances for 64-bit machines in the decoders
* Updated the portscan detector to the latest version
* Disabled the defragmenter by default (in the rules file)
* Added a patch from Dave Dittrich to make daemon mode alerts 
  filenames conform to the data in the documentation
* Revamped the ICMP data structures to mimic those found in *BSD
  and provide for higher fidelity decoding/printout in the future
* Repaired the output plugins so that they operate properly now
* For the record, the payload dump conforms to the length of the 
  IP datagram now and does not show pad bytes added by the minimum
  Ethernet frame size
* Applied Chris Cramer's byte ordering patch to the flexresp code


- -- 
Martin Roesch                      <roesch at ...2...>
Core R&D                         http://www.hiverworld.com
Hiverworld, Inc.       Continuous Adaptive Risk Management

Version: PGPfreeware 5.0i for non-commercial use
Charset: noconv


More information about the Snort-users mailing list