[Snort-users] Re: [Snort-devel] Snort 2.0 Released!

Kevin J. Schmidt kschmidt at ...468...
Mon Apr 14 13:14:06 EDT 2003


I noticed that SNMP (either MIBs or the usual spo_SnmpTrap.*) seem to be
in this distribution. I seem to recall that some things were going to be
left out of this distribution, but don't exactly recall what. Was SNNP
one of them? 

Thanks,

On Mon, 2003-04-14 at 11:58, Martin Roesch wrote:
> Snort 2.0 has been released and is available at http://www.snort.org.  
> Snort 2.0 is the result of many months of effort on the part of dozens 
> of people and has a slew of new features:
> 
> * Enhanced high-performance detection engine
> * Stateful Pattern Matching
> * New detection keywords: byte_test & byte_jump
> * The Snort code base has undergone an external third party  
> professional security audit funded by Sourcefire
>    (http://www.sourcefire.com)
> * Many new and updated rules
> * snort.conf has been updated
> * Enhancements to self preservation mechanisms in stream4 and frag2
> * State tracking fixes in stream4
> * New HTTP flow analyzer
> * Enhanced protocol decoding (TCP options, 802.1q, etc)
> * Enhanced protocol anomaly detection (IP, TCP, UDP, ICMP, RPC, HTTP, 
> etc)
> * Enhanced flexresp mode for real-time TCP session sniping
> * Better chroot()'ing
> * Tagging system updated
> * Several million bugs addressed....
> * Updated FAQ (thanks to Erek Adams and Dragos Ruiu)
> 
> Snort 2.0 can be downloaded at 
> http://www.snort.org/dl/snort-2.0.0.tar.gz.  Binary versions of the 
> code base will be built over the next several days and made available 
> at snort.org.
> 
> Thanks to everyone who has contributed and helped out over the past 
> several months!
> 
>       -Marty
-- 
Kevin J. Schmidt <kschmidt at ...468...>





More information about the Snort-users mailing list