[Snort-users] Snort++ Alpha 3 Available Now!

Snort Releases snortreleases at ...950...
Fri Dec 11 09:28:36 EST 2015


The third alpha release of Snort++ is now available on snort.org, and it 
includes a lot of new features and functionality:

Snort features:

* sync with Snort 297-262
* ported reputation inspector
* ported dnp3 and modbus inspectors
* ported gtp inspector

New features:

* pigliet plugin test harness
* file policy support
* added regex rule option based on hyperscan
* added fast pattern matching based on hyperscan
* new time and space profiling

Work in progress:

* the all new HTTP inspector
* a rewrite of TCP packet and session handling

The priority for the fourth and final alpha release is parity with Snort 
2.X (i.e. a superset of 2.X functionality).  Here are some things to 
look for in the final alpha release:

* port open appID
* port dcerpc2 inspector
* port sensitive data inspector
* finish rewrite of stream_tcp for greater functionality and performance
* finish rewrite of side channel and HA functionality
* finish rewrite of perf stats
* finish next generation DAQ

There are several new features in the works that will be delayed by the 
effort to overtake Snort 2.X but this strategy will ultimately allow us 
to move even quicker.

Windows support is also affected but not forgotten.  We will eventually 
provide a full featured Snort++ for Windows.

New downloads are posted to snort.org monthly.  You can also get the 
latest updates from github (snortadmin/snort3) which is updated weekly.

Please submit bugs, questions, and feedback to bugs at ...950... or the 
Snort-Users mailing list.

Happy Snorting!
The Snort Release Team





More information about the Snort-users mailing list