[Snort-users] Announcement: Snort - Next Generation

Christopher Kruegel chris at ...7037...
Tue Oct 1 06:23:25 EDT 2002

Snort - Next Generation is a patch that replaces and improves the detection 
engine of Snort (http://www.snort.org). Patches for Snort 1.8.6 and Snort 
1.8.7 as well as additional information is available for download under


We noticed that the performance of Snort decreases considerably as the number 
of signatures increases. Therefore, we replaced its two-dimensional list 
structure by a decision tree that allows us to reduce the number of redundant 
checks for each incoming packet. This resulted in a significant speed up 
compared to the original Snort, especially for large rule sets. In addition, 
current Snort configuration and rule files can be used without modification.

Please send any comments or bug reports to

snort-ng at ...7037...

