[Snort-users] snort-1.9.0 is released!
cmg at ...1935...
Thu Oct 3 19:44:05 EDT 2002
The Snort team is proud to announce the availability of version 1.9.0
of Snort available for download at http://www.snort.org
This release is the culmination of lots of bug fixing and
new features from many developers including
Roman Danyliw, Glenn Mansfield Keeni, Abe Katsuhisa, Marty Roesch,
Brian Caswell, Andrew Baker, Jed Haile, Jason Larsen, Dragos, Dan
Roelker, Marc Norton, Chris Reid, Jeff Nathan, Phil Wood, Dave
Goldsmith, Andreas Ostling (to whom I own : above the O), Andrew
Hintz, everyone who submits bug reports and tests and submits
signatures or signature descriptions.
A list of major changes include:
- reorganized code tree ( finally declared stable )
- portscan2 / conversation introduction
- picking up state on sessions is more forgiving of odder flag
combinations throughout snort as a whole
- the flow keyword to indicate "from_server" or "to_server"
- snortdb schema 1.06
- perf stats
- flexresp fixes so that it's on the OTN instead of the RTN
- icmp formatting fixes
- telnet negotiation handles the telnet EAC character
- URI related bug fixed where a HTTP rule would alert on bogus traffic
( thanks to qru for test case )
- works with net-snmp
- Stream4 supports asynchronous_link's ( great if you have to do IDS
without being able to combine both sides of an ethernet tap or split
- the decoder creates alerts for packets it doesn't understand ( save
this and submit them as BUGS or events )
config disable_decode_alerts to disable this feature
- LOTS of new rules
flags: A+ is not how we will ever mark a session as "established"
- dsize check gains min<>max range support
- checksum functions inlined and obscure endianess related bug
- Only libnet 1.0 supported for flexresp
- HP-UX is not a supported platform.
Thanks for your patience and support. The SNORT_1_9 branch of CVS is
now marked as the stable branch for bug fixing and minor features
The HEAD branch is where development will commence. Please note this
as people who have deemed the beta';s of 1.9 good enough for
production use that the place you need to track has changed.
The command to grab a new copy via from is:
cvs -d:pserver:anonymous at cvs.snort.sourceforge.net:/cvsroot/snort \
co -r SNORT_1_9 -d snort-1.9 snort
Chris Green <cmg at ...1935...>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 239 bytes
Desc: not available
More information about the Snort-users