[Snort-users] snort-1.9.0 is released!

Kreimendahl, Chad J Chad.Kreimendahl at ...4716...
Fri Oct 4 10:52:03 EDT 2002

Having problems with logging to oracle, when spo_database attempts to
insert into OPT table, the following occurs:

database: oracle_error: ORA-06550: line 1, column 5:
PLS-00103: Encountered the symbol "end-of-file" when expecting one of
the following:

   begin case declare exit for goto if loop mod null pragma
   raise return select update while with <an identifier>
   <a double-quoted delimited-identifier> <a bind variable> <<
   close current delete fetch lock insert open rollback
   savepoint set sql execute commit forall merge
   <a single-quoted SQL string> pipe

-----Original Message-----
From: Chris Green [mailto:cmg at ...1935...] 
Sent: Thursday, October 03, 2002 9:41 PM
To: snort-devel at lists.sourceforge.net;
snort-announce at lists.sourceforge.net; snort-users at lists.sourceforge.net;
focus-ids at ...35...
Subject: [Snort-users] snort-1.9.0 is released!

The Snort team is proud to announce the availability of version 1.9.0
of Snort available for download at http://www.snort.org

http://www.snort.org/dl/snort-1.9.0.tar.gz.asc (gpg)

This release is the culmination of lots of bug fixing and
new features from many developers including

Roman Danyliw, Glenn Mansfield Keeni, Abe Katsuhisa, Marty Roesch,
Brian Caswell, Andrew Baker, Jed Haile, Jason Larsen, Dragos, Dan
Roelker, Marc Norton, Chris Reid, Jeff Nathan, Phil Wood, Dave
Goldsmith, Andreas Ostling (to whom I own : above the O), Andrew
Hintz, everyone who submits bug reports and tests and submits
signatures or signature descriptions.

A list of major changes include:

- reorganized code tree ( finally declared stable )
- portscan2 / conversation introduction
- picking up state on sessions is more forgiving of odder flag
  combinations throughout snort as a whole
- the flow keyword to indicate "from_server" or "to_server"
- snortdb schema 1.06
- perf stats
- flexresp fixes so that it's on the OTN instead of the RTN
- icmp formatting fixes
- telnet negotiation handles the telnet EAC character
- URI related bug fixed where a HTTP rule would alert on bogus traffic
  ( thanks to qru for test case )
- works with net-snmp
- Stream4 supports asynchronous_link's ( great if you have to do IDS
  without being able to combine both sides of an ethernet tap or split
  routing )
- the decoder creates alerts for packets it doesn't understand ( save
  this and submit them as BUGS or events )
   config disable_decode_alerts to disable this feature
- LOTS of new rules

  flags: A+ is not how we will ever mark a session as "established"
         ever again.
- dsize check gains min<>max range support
- checksum functions inlined and obscure endianess related bug

Release Notes:

- Only libnet 1.0 supported for flexresp
- HP-UX is not a supported platform. 

Thanks for your patience and support. The SNORT_1_9 branch of CVS is
now marked as the stable branch for bug fixing and minor features

The HEAD branch is where development will commence.  Please note this
as people who have deemed the beta';s of 1.9 good enough for
production use that the place you need to track has changed.

The command to grab a new copy via from is:

cvs -d:pserver:anonymous at cvs.snort.sourceforge.net:/cvsroot/snort \
   co -r SNORT_1_9 -d snort-1.9  snort

Chris Green <cmg at ...1935...>
Eschew obfuscation.

More information about the Snort-users mailing list