[Snort-users] Snort 2.9.8 Now Available

Rafael Leiva-Ochoa spawn at ...17369...
Tue Dec 1 16:17:53 EST 2015


Works fine for me too when upgrading from 2.9.7.x

On Tuesday, December 1, 2015, Rafael Paris <raparis at ...11827...> wrote:

> Good afternoon everyone.
>
> I have upgraded to snort 2.9.8.0 on 2 sensors with 2.9.7.6 signatures with
> no problems. They usually works fine.
>
> Cheers,
>
> Rafael Paris
>
> 2015-11-30 21:06 GMT-04:30 Dr. Stephen Gantz <
> stephen.gantz at ...16854...
> <javascript:_e(%7B%7D,'cvml','stephen.gantz at ...16854...');>>:
>
>> Any issue with running 2.9.7.6 rules with this release pending a 2.9.8
>> ruleset?
>>
>>
>>
>> Dr. Stephen D. Gantz
>> CISSP-ISSAP, CEH, CGEIT, CRISC, CIPP/G, C|CISO
>> Professor of Information Assurance
>> The Graduate School
>> University of Maryland University College
>> stephen.gantz at ...16854...
>> <javascript:_e(%7B%7D,'cvml','stephen.gantz at ...16854...');>
>> -------- Original message --------
>> From: Snort Releases <snortreleases at ...950...
>> <javascript:_e(%7B%7D,'cvml','snortreleases at ...950...');>>
>> Date: 11/30/2015 2:30 PM (GMT-05:00)
>> To: snort-devel at lists.sourceforge.net
>> <javascript:_e(%7B%7D,'cvml','snort-devel at lists.sourceforge.net');>,
>> snort-users at lists.sourceforge.net
>> <javascript:_e(%7B%7D,'cvml','snort-users at lists.sourceforge.net');>
>> Subject: [Snort-users] Snort 2.9.8 Now Available
>>
>> Snort 2.9.8 is now available on snort.org at
>> http://www.snort.org/downloads in the Snort Stable Release section.
>>
>> 2015-11-17 - Snort 2.9.8.0
>> [*] New additions
>>  *  SMBv2/SMBv3 support for file inspection.
>>
>>  *  Port override for metadata service in IPS rules.
>>
>>  *  AppID Lua detector performance profiling.
>>
>>  *  Perfmon dumps stats at fixed intervals from absolute time.
>>
>>  *  New preprocessor alert (120:18) to detect SSH tunneling over HTTP
>>
>>  *  New config option |disable_replace| to disable replace rule option.
>>
>>  *  New Stream configuration |log_asymmetric_traffic| to control logging to syslog.
>>
>>  *  New shell script in tools to create simple Lua detectors for AppID.
>>
>> [*] Improvements
>>  *  sfip_t refactored to use struct in6_addr for all ip addresses.
>>
>>  *  Post-detection callback for preprocessors.
>>
>>  *  AppID support for multiple server/client detectors evaluating on same flow.
>>
>>  *  AppID API for DNS packets.
>>
>>  *  Memory optimizations throughout.
>>
>>  *  Support sending UDP active responses.
>>
>>  *  Fix perfmon tracking of pruned packets.
>>
>>  *  Stability improvements for AppID.
>>
>>  *  Stability improvements for Stream6 preprocessor.
>>
>>  *  Added improved support to block malware in FTP preprocessor.
>>
>>  *  Added support to differentiate between active and passive FTP connections.
>>
>>  *  Improvements done in Stream6 preprocessor to avoid having duplicate packets
>>     in the DAQ retry queue.
>>
>>  *  Resolved an issue where reputation config incorrectly displayed 'blacklist' in
>>     priority field even though 'whitelist' option was configured.
>>
>>  *  Added support for multiple expected sessions created per packet
>>
>>  *  Active response now supports MPLS
>>
>>
>>
>> Please submit bugs, questions, and feedback to  bugs at ...950... <javascript:_e(%7B%7D,'cvml','tobugs at ...950...');>  or the
>>
>> Snort-Users mailing list.
>>
>>
>>
>> Happy Snorting!
>>
>> The Snort Release Team
>>
>>
>>
>>
>> ------------------------------------------------------------------------------
>> Go from Idea to Many App Stores Faster with Intel(R) XDK
>> Give your users amazing mobile app experiences with Intel(R) XDK.
>> Use one codebase in this all-in-one HTML5 development environment.
>> Design, debug & build mobile apps & 2D/3D high-impact games for multiple
>> OSs.
>> http://pubads.g.doubleclick.net/gampad/clk?id=254741911&iu=/4140
>> _______________________________________________
>> Snort-users mailing list
>> Snort-users at lists.sourceforge.net
>> <javascript:_e(%7B%7D,'cvml','Snort-users at lists.sourceforge.net');>
>> Go to this URL to change user options or unsubscribe:
>> https://lists.sourceforge.net/lists/listinfo/snort-users
>> Snort-users list archive:
>> http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users
>>
>> Please visit http://blog.snort.org to stay current on all the latest
>> Snort news!
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20151201/b8f710df/attachment.html>


More information about the Snort-users mailing list