changelog Snort v-220.127.116.11:
* Address issue with SMTP preprocessor and the ignore_tls_data configuration
to correctly stop inspection after an SMTP session is encrypted.
* Disable all rule evaluation (as opposed to just rules with fast patterns)
for packets on a previously blocked session.
* Corrected when perfmon preprocessor writes stats to occur as soon as
both the time and packet count criteria are met.
* Enforce same restrictions on relative PCRE for HTTP buffers from
shared library rules as already existed with text rules.
Snort is an open source network intrusion prevention and detection system (IDS/IPS) developed by Sourcefire. Combining the benefits of signature, protocol, and anomaly-based inspection, Snort is the most widely deployed IDS/IPS technology worldwide.
Snort can perform protocol analysis and content searching/matching. It can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more. It uses a flexible rules language to describe traffic that it should collect or pass, as well as a detection engine that utilizes a modular plug-in architecture. Snort has a real-time alerting capability as well, incorporating alerting mechanisms for syslog, a user specified file, a UNIX socket, or WinPopup messages to Windows clients. Snort has three primary uses: a straight packet sniffer like tcpdump, a packet logger, or a full network intrusion prevention system.
- Protocol analysis and content searching/matching
- Uses a flexible rules language to describe traffic that it should collect or pass
- Detection engine that utilizes a modular plug-in architecture
- Real-time alerting capability
- Detects buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and more
Windows: Snort_2_9_5_5_Installer.exe (2.5 MB)
Linux : snort-18.104.22.168.tar.gz (5.0 MB)
centos : snort-22.214.171.124-1.centos6.i386.rpm (6.3 MB)
Redhat : snort-126.96.36.199-1.src.rpm (5.0 MB)
Find other version |
source : http://www.snort.org/
Our Pst before : http://seclist.us/update-snort-v-2-9-4-1.html