Projects / Snort / Releases / Minor

RSS All releases tagged Minor

  •  25 Jan 2014 23:32
Avatar

Release Notes: This release adds many new features and fixes, including file capture and storage, file type identification, and updates to SMTP, POP, and IMAP.

  •  17 Sep 2013 08:35
Avatar

Release Notes: This release fixed an issue with the SMTP preprocessor and the ignore_tls_data configuration correctly stopping inspection after an SMTP session is encrypted. All rule evaluation (as opposed to just rules with fast patterns) is now disabled for packets on a previously blocked session. The perfmon preprocessor now writes stats as soon as both the time and packet count criteria are met. The same restrictions are enforced on relative PCRE for HTTP buffers from shared library rules as already existed with text rules.

  •  03 Jul 2013 19:10
Avatar

Release Notes: This release adds many bugfixes, additions, and improvements.

  •  08 Dec 2012 00:19
Avatar

Release Notes: Consolidation of IPv6, file API and improvements to file processing, use of address space ID for tracking Frag & Stream connections, logging of packet data that triggers PPM for post-analysis, decoding of IPv6 with PPPoE, and more.

Release Notes: Updates to the flowbit rule option, dcerpc2, and reputation preprocessors. A new dynamic output plugin architecture API. Various updates and improvements to http_inspect, SMTP mempool allocations, and email attachment processing. pflog v4 support has been added to packet decoders. Logging of multiple unified2 alerts with reassembled packets has been fixed. Compiler warning cleanup across multiple platforms. All database output support has been removed.

  •  17 May 2012 12:20
Avatar

Release Notes: The GTP preprocessor was updated to better handle GTPv1 data. The DNP3 preprocessor now has stricter packet checking. Checking in the reassembly buffer was improved. PCRE rule option processing was fixed to prevent issues seen with libpcre 8.30 and certain rules. dcerpc2 no longer aborts reassembly if the target-based protocol is undefined.

  •  28 Mar 2012 21:40
Avatar

Release Notes: Updates to HTTP Inspect, stream handling for TCP session cleanup with RSTs and other TCP state tracking, active responses to fragmented IPv6 traffic and to the react page configuration, and SIP preprocessor and state tracking improvements to SMB processing in the dcerpc2 preprocessor when missing packets on a session.

  •  17 Dec 2011 07:25
Avatar

Release Notes: This release added SCADA (DNP3 and Modbus) preprocessors, and GTP decoding and preprocessor. The HTTP preprocessor now normalizes HTTP responses that include JavaScript-escaped data in the HTTP response body. A number of fixes and improvements have been added as well.

  •  11 Feb 2011 09:37
Avatar

Release Notes: The Razorback "Snort as a Collector" (SaaC) dynamic preprocessor was added. This is for experimental use only. False positives in HTTP traffic were fixed, which were caused by large HTTP chunks split across two packets. Several updates were made to the Snort manual and READMEs. A false positive on Stream5 rule 129:15, caused by a RST following a FIN, was fixed.

  •  22 Jul 2010 23:03
Avatar

Release Notes: This release fixes installer packages to include the correct version of the sensitive data preprocessor for Linux and Windows. It eliminates false positives when using fast_pattern:only and having only one HTTP content in the pattern matcher. It addresses false positives in the FTP preprocessor with string format verification. It also addresses issue with handling of response codes to data transfer commands where the response code didn't contain a message.

Screenshot

Project Spotlight

cwwav

A program to generate Morse code sound files from text.

Screenshot

Project Spotlight

Aspose.Email for .NET

A suite of .NET components for email programming.