[Snort-users] SnortSnarf v020316.1 released

James Hoagland hoagland at ...47...
Sat Mar 16 17:16:07 EST 2002

Hello all,

Silicon Defense is pleased to announce the release of version
020316.1 of SnortSnarf.  We have some good new stuff in the version.
Here is the changes since the previous version:

+ sid now parsed from alerts and used to produce a link to the
snort.org signature database; this link is often the most featured
one [contrib by Owen Crow; thanks to Brian Caswell for organizing the
signature database effort and allowing SnortSnarf to link to it]
+ -dns now takes an argument, an network address within IP addresses
will be resolved (you might set this to your local network to have
these addresses lookup up quickly) [contrib by Russell Fulton]
+ better warnings when an input file does not exist, is length 0, or
could not be opened
+ earliest/latest times (printed on the top of pages) can now be
shown in year/month/date order (-ymd option) [based on contrib by
Russell Fulton]
+ updated SnortFileInput to parse IPV6-* protocol type
+ updated SnortFileInput to not include interface name as part of the
signature when using -I with full or fast alert formats [contrib by
Andreas Östling]
+ new warning when you are using the default input file
+ snort -g users: you can now have the earliest/latest times listed
in your local time (-gmt option) [contrib by Russell Fulton]
+ updated the documentation

That's right, SnortSnarf now links to www.snort.org/snort-db.  And I
can finally recommend using -dns thanks to a good idea and
contribution by Russell Fulton; you can now run it for your local
network address only.  Thank you to everybody for their contributions.

A note on the warnings when using the default input file.  I hope
people don't mind this much.  This warning message tells people how
to explicitly specify input files.  In conjunction with the warning
about an input file not existing, I hope this avoids non-uncommon
newbie confusion when they don't specify their input files.

As always, you can download SnortSnarf and read more at:


Happy SnortSnarfing,


P.s. Happy St. Patrick's day (perhaps a day early) to you all.  I
hope you don't drink too much green beer as a result of reading this

|*      Jim Hoagland, Associate Researcher, Silicon Defense      *|
|*            --- Silicon Defense: IDS Solutions ---             *|
|*  hoagland at ...47..., http://www.silicondefense.com/  *|
|*   Voice: (530) 756-7317                 Fax: (530) 756-7297   *|

More information about the Snort-users mailing list