[Snort-users] Snort 2.1.3 RC1 available

Jeremy Hewlett jh at ...1935...
Wed Apr 21 15:13:00 EDT 2004


Hello all,

We're proud to release Snort 2.1.3 Release Candidate 1. We're
releasing this as a Release Candidate so the community can give us
feedback on what they like or dislike about the new method of logging
events. We'd also like to get any suggestions on other event ordering
algorithms that users would like to order events with. We currently
support ordering events based on Event Priority and Rule Content
Length.

The following is a list of the major changes in Snort 2.1.3 RC1:

* Added multi-event queueing in Snort.  Snort now supports logging
  multiple events per packet, and prioritizing those events using
  different methods.  Thanks to H.D. Moore for illustrating event
  obfuscations when snort only logged one event per packet.

  Please see ./doc/README.event_queue for details

* Fixed timezone problems with database output plugins. Thanks Marcus
  Janoski and Chris Reid.

* Revert to old tag functionality.  Will add proposed tagging
  configurations in a future release.

Thanks to everyone for supporting Snort development and giving us
your feedback!


As a side note, Sourceforge (?) is very slow at the moment, so CVS
STABLE tag hasn't yet been synced up with the 2.1.3-RC1 tag.


Cheers,
The Snort Team





More information about the Snort-users mailing list