[Snort-users] Suricata 0.8.1 Released

Matt Jonkman jonkman at ...4024...
Fri Feb 19 13:33:53 EST 2010


We're proud to announce that a new version of the Suricata engine is
available for download! There are some major changes and significant
improvements, we ask that you give this a run and continue giving us
feedback and patches!

http://www.openinfosecfoundation.org/index.php/downloads


The 0.8.1 release brings the following new features:

- the engine will now detect the number of cpu's/core's and setup the
engine to use them fully
- libhtp is now included in the source
- experimental CUDA support for NVIDIA GPU accelerated pattern matching
- initial support for Win32 (using mingw) was added
- FreeBSD/Mac OS X IPFW inline support was added
- many options in the configuration file for performance tuning
- VLAN decoding support was added
- Prelude output support

Major issues fixed & improvements made:

- threading issues in the unified1 and unified2 logging modules
- major stream engine issues were solved
- uricontent, urilen inspection is now done against the libhtp parsed uri
- ip only signature detection fixes in inline mode
- add the /P (request body) option to the pcre keyword
- many SMB, SMB2 and DCERPC improvements
- logging is more configurable
- pcap and pfring modes support for bpf was added
- many bugs were fixed, cleanups were made

Known issues:

- Some signatures fail to load because of missing keywords or keyword
options
- We have identified some serious performance issues with certain
signatures and traffic combinations
- Although we improved big endian support, there are still some issues
- CUDA code is expected to work only on 32bit and probably doesn't speed
things up yet as we will need further redesign to fully benefit


----------------------------------------------------
Matthew Jonkman
Emerging Threats
Open Information Security Foundation (OISF)
Phone 765-429-0398
Fax 312-264-0205
http://www.emergingthreats.net
http://www.openinfosecfoundation.org
----------------------------------------------------

PGP: http://www.jonkmans.com/mattjonkman.asc




More information about the Snort-users mailing list