* Corrected check for TCP RST flags to prevent sending resets to reset packets with inline and active response.
* Update hashing for internal storage of rule options for 64bit platforms when checking uniqueness to remove duplicate copies in memory.
* Address some small memory leaks from parsing snort.conf.
|Platform : Windows and Unix/Linux|
Snort is an open source network intrusion prevention and detection system (IDS/IPS) developed by Sourcefire. Combining the benefits of signature, protocol, and anomaly-based inspection, Snort is the most widely deployed IDS/IPS technology worldwide.
Snort can perform protocol analysis and content searching/matching. It can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more. It uses a flexible rules language to describe traffic that it should collect or pass, as well as a detection engine that utilizes a modular plug-in architecture. Snort has a real-time alerting capability as well, incorporating alerting mechanisms for syslog, a user specified file, a UNIX socket, or WinPopup messages to Windows clients. Snort has three primary uses: a straight packet sniffer like tcpdump, a packet logger, or a full network intrusion prevention system.
- Protocol analysis and content searching/matching
- Uses a flexible rules language to describe traffic that it should collect or pass
- Detection engine that utilizes a modular plug-in architecture
- Real-time alerting capability
- Detects buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and more
Linux/unix : snort-184.108.40.206.tar.gz (5.3 MB)
Windows : Snort_2_9_3_1_Installer.exe (2.9 MB)
Find Other Version | Mirror: http://www.snort.org/snort-downloads/
Read more in here : http://www.snort.org/
Our Post Before :