Suricata is an Intrusion Detection and Prevention (IDS/IPS) engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support, file extraction capabilities, and many more features. It's capable of loading existing Snort rules and signatures, and supports many frontends through Barnyard2.
|Tags||IDS IPS Network Analysis Security snort IPv4 IPv6|
|Operating Systems||Linux FreeBSD Mac OS X Windows|
Release Notes: This release adds TLS Heartbleed detection. It fixes the Unix socket runmode, fixes AF_PACKET IPS mode, and fixes various DNS handling issues. Many other issues were fixed.
Release Notes: This release adds TLS Heartbleed detection and fixes the Unix socket runmode, AF_PACKET IPS mode, and various DNS handling issues. Many other issues were fixed.
Release Notes: HTTP support was much improved. CUDA support was updated. A DNS parser and logger were added. Lua support was improved. The stream engine was made more robust. IPS mode was improved. VLAN support was improved. Options were added for enabling and disabling protocol parsers. Protocol detection was improved. IPv6 improvements were made. Profiling options were expanded. Unified JSON output was added. VLAN handling was improved. QinQ support was added. A command line option for overriding configuration settings was added. An optimized NSM runmode was added. An SSH logger was added.
Release Notes: Packet capture issues at startup were fixed. Various JSON output issues were fixed. A crash case at rule reload was fixed. Default optimization level was restored. Fast-log output drop information was restored.
Release Notes: JSON logging was improved. VLAN handling was improved. An SSH parser and logger was added. Many other issues were addressed.