[Snort-users] Spade version 030117.1 available

James Hoagland jim at ...47...
Tue Jan 21 08:07:08 EST 2003


[This didn't seem to have made it through the first or second time, 
so let me try this again.]

Greeting all,

Silicon Defense is pleased to announce the availability of version 
030117.1 of Spade, it's anomaly detection plugin for Snort.  These 
are the changes since the previous version:

+ fixed problem wherein sometimes Spade wouldn't accept a valid homenet
     [fix by Risto Vaarandi]
+ fixed a bug or two that could cause a seg fault in certain circumstances
+ distributed spade.conf now enables fewer detectors than previously; the
     ones left are the ones that most reliably report on interesting
     traffic.  spade.more.conf has more detectors enabled; use this to look
     for additional types of anomalous traffic.
+ you can now reverse the response waiting type for a Spade detector with
     the advanced option revwaitrpt
+ scalehalflife advanced option added to help set the half life of
     observations
+ reminder added to installation output about installing when you don't
     have automake installed
+ Spade internals now better documented
+ updated documentation

This update is recommended for all Spade users.  You can download the 
package and learn more here:

   http://www.silicondefense.com/software/spice/

Best regards,

   Jim

P.s. Spade seems to work fine without modification with Snort 2.0, 
though we haven't tested it thoroughly.  Please let us know if you 
have any problems with it in either 1.9 or 2.0.
-- 
|*     Jim Hoagland, Associate Researcher, Silicon Defense     *|
|*           --- Silicon Defense: IDS Solutions ---            *|
|*   jim at ...47..., http://www.silicondefense.com/    *|
|*  Voice: (530) 756-7317                 Fax: (530) 756-7297  *|




More information about the Snort-users mailing list