Update Snort v-

Release Notes v- This release updates file processing for partial HTTP content and MIME attachments, adds the new configuration option max_attribute_services_per_host and improves memory usage within attribute tables, handles excessive overlaps in frag3, adds Stream API updates to return a session key for a session, reduces false positives for TCP window slam events, updates to provide better encoding for TCP packets generated for “respond and react”, and disables non-ethernet decoders by default (for performance reasons)


Snort is a network intrusion detection and prevention system. It is the most widely deployed technology of its kind in the world. It performs detection using a variety of methods including rules-based detection, anomaly detection, and heuristic analysis of network traffic. Its rules language is open source and available to the public as well.

  • Protocol analysis and content searching/matching
  • Uses a flexible rules language to describe traffic that it should collect or pass
  • Detection engine that utilizes a modular plug-in architecture
  • Real-time alerting capability
  • Detects buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and more

Download version :
windows : Snort_2_9_4_1_Installer.exe (2.7 MB)
Unix/Linux : snort- (5.3 MB)
Find Other version |
Sources : http://www.snort.org/
Our post before : http://seclist.us/update-snort-v-2-9-4.html