[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[stalk:00589] [FYI] Snort1.8 is available

To: SecurityTalk <security-talk@xxxxxxxxxxxxxxxxxxxx>
Subject: [stalk:00589] [FYI] Snort1.8 is available
From: MICKY <micky@xxxxxxxxx>
Date: Tue, 10 Jul 2001 13:24:46 +0900

(B
(B
$B8$$N$_$C$-!<$G$9!#(B
(B
$B$*$^$A$+$M$N(BSnort1.8$B$,$G$^$7$?!#$&$l$7$$$o$s!#(B
(B
(Bhttp://www.snort.org/snortnews/news.asp
(B
(B# $B$"$!!"%5%$%H99?7$7$J$/$C$A$c!#(B
(B
(Bhttp://www.snort.org/files/snort-1.8-RELEASE.tar.gz
(B
(B  Version 1.8 incorporates a number of changes and new features, including
(B  some of the following:
(B
(B  New things:
(B  * Stateful inspection and TCP stream reassembly module
(B  * High performance IP defragmenter module
(B  * High performance unified binary output module
(B  * Tagging allows hosts that trip events to be tracked/logged
(B  * Unique Rule IDs for every Snort rule and new printout code make
(B  machine processing of Snort output much easier
(B  * Enhanced cross-reference data with alerts
(B  * Classifications and Priorities added to rules language
(B  * ARP spoofing detection
(B  * "IP" is now a supported protocol type in the Snort rules language
(B  * Back Orifice detection plugin
(B  * Telnet normalization plugin defeats telnet and ftp evasion techniques
(B  * RPC normalization plugin defeats RPC fragmentation evasion techniques
(B  * CSV format output plugin
(B  * "uricontent" keyword allows HTTP traffic to be searched for data in
(B  the URI field only
(B  * 802.1Q decoder support
(B  * linux_sll decoder support
(B  * tcp window detection plugin
(B  * same IP detection plugin
(B  * -T switch to test Snort config before running
(B  * -y switch to add year to timestamps
(B  * -I switch to print interface name in Snort alerts
(B  * -G switch for backawards compatability with old cross-reference lookup
(B  progs
(B  * -L switch for naming the -b binary output file
(B  * -k switch to tune checksum verification routines
(B  * -z switch to run the rules engine in stateful mode (with stream4)
(B
(B
(B
(B>----- $B$_$C$-!<$N%M%C%H%o!<%/8&5f=j(B -----<
(B>  http://www.hawkeye.ac/micky           <
(B>  $B=jD9!'8$$N$_$C$-!<(B <micky@xxxxxxxxx>  <
(B>----------------------------------------<
(B
(B--
(B- $B$3$N%a%$%j%s%0%j%9%H$K4X$9$khttp://present.infoseek.co.jp/news/?348960&svx=971122

Follow-Ups:
- [stalk:00590] Re: [FYI] Snort1.8 is available
  - From: Shikap

Prev by Date: [stalk:00588] IPA/ISEC: $B>pJs%;%-%e%j%F%#4XO"$ND4::(B$B!&3+H/$K4X$9$k8xJg(B
Next by Date: [stalk:00590] Re: [FYI] Snort1.8 is available
Previous by thread: [stalk:00588] IPA/ISEC: $B>pJs%;%-%e%j%F%#4XO"$ND4::(B$B!&3+H/$K4X$9$k8xJg(B
Next by thread: [stalk:00590] Re: [FYI] Snort1.8 is available
Index(es):
- Date
- Thread