[Snort-users] Snort v2.4.5 and v2.6.0 Final Available

Jennifer Steffens jennifer.steffens at ...1935...
Mon Jun 5 18:16:02 EDT 2006

The Snort Team is pleased to announce the release of Snort 2.4.5 and
Snort 2.6.0 Final.

The Snort Team would like to thank all those who tested the Snort
2.6 release candidates and provided valuable feedback and bug reports.
Snort 2.6 is the way of the future for Snort development and its
release signifies the end of life for development on the Snort 2.4 branch.

These releases have better performance, numerous new features and
incorporate many bug fixes. Notable bug fixes and improvements include:

 * Tcp stream properly reassembled after failed sequence check,
   which may lead to possible detection evasion.
 * Added configurable stream flushpoints.
 * Improved rpc processing.
 * Improved portscan detection.
 * Improved http request processing and handling of possible
   evasion cases.
 * Improved performance monitoring.

The Snort 2.6 release also introduces the ability to use dynamic rules
and dynamic preprocessors and contains further improvements to the Snort
detection engine.

Sourcefire would like to thank Erik Kamerling of the SANS Attack
Attribution Research Group, Sid Faber from CERT and Chris Ries from
VigilantMinds for reporting the issue with stream reassembly and the
possible evasion cases.

The Snort Team is continuing its work on investigating the issues with
the http_inspect evasion and will release further updates to the
detection preprocessor as they become available.

Both releases are available at http://www.snort.org/dl/.


With the release of Snort v2.6.0, we are moving to a new versioning
system for all future releases. This new system is designed to enable
more frequent bug and feature releases, while still meeting the needs of
Snort enterprise users. The following is a description:

 * X.      -  Major Snort product change
 * X.X     -  Major new feature set
 * X.X.X   -  Minor feature enhancements and bug fixes
 * X.X.X.X -  Bug fixes only

For example. a bug fix to Snort 2.6.0 would increment the version to be
Snort while a minor feature enhancement would increment the
version to be 2.6.1.

Keep on Snorting!


Jennifer S. Steffens
Director, Product Management - Snort
Sourcefire - Security for the Real World
www.sourcefire.com | www.snort.org

More information about the Snort-users mailing list