[Snort-users] Re: [Snort-devel] Snort 2.0 Released!
Kevin J. Schmidt
kschmidt at ...468...
Mon Apr 14 13:14:06 EDT 2003
I noticed that SNMP (either MIBs or the usual spo_SnmpTrap.*) seem to be
in this distribution. I seem to recall that some things were going to be
left out of this distribution, but don't exactly recall what. Was SNNP
one of them?
On Mon, 2003-04-14 at 11:58, Martin Roesch wrote:
> Snort 2.0 has been released and is available at http://www.snort.org.
> Snort 2.0 is the result of many months of effort on the part of dozens
> of people and has a slew of new features:
> * Enhanced high-performance detection engine
> * Stateful Pattern Matching
> * New detection keywords: byte_test & byte_jump
> * The Snort code base has undergone an external third party
> professional security audit funded by Sourcefire
> * Many new and updated rules
> * snort.conf has been updated
> * Enhancements to self preservation mechanisms in stream4 and frag2
> * State tracking fixes in stream4
> * New HTTP flow analyzer
> * Enhanced protocol decoding (TCP options, 802.1q, etc)
> * Enhanced protocol anomaly detection (IP, TCP, UDP, ICMP, RPC, HTTP,
> * Enhanced flexresp mode for real-time TCP session sniping
> * Better chroot()'ing
> * Tagging system updated
> * Several million bugs addressed....
> * Updated FAQ (thanks to Erek Adams and Dragos Ruiu)
> Snort 2.0 can be downloaded at
> http://www.snort.org/dl/snort-2.0.0.tar.gz. Binary versions of the
> code base will be built over the next several days and made available
> at snort.org.
> Thanks to everyone who has contributed and helped out over the past
> several months!
Kevin J. Schmidt <kschmidt at ...468...>
More information about the Snort-users