Update Suricata v1.4 rc1.

Release Notes v1.4 rc1: Interactive Unix Socket mode was added. IP Reputation support was added. Command line options were improved. The rule analyzer was improved. File log output was improved. Endace DAG card live stats support was added. A new HTTP event was added. Many issues were fixed

Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It’s capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.Major new features:
TLS/SSL handshake parser and rule keywords for detecting anomolies in TLS/SSL traffic
HTTP user agent keyword for matching directly on User-Agent header On the fly MD5 calculation and matching for files in HTTP streams

New features :
– TLS/SSL handshake parser, tls.subjectdn and tls.issuerdn keywords (#296, contributed by Pierre Chifflier)
– http_user_agent keyword for matching on the HTTP User-Agent header
– experimental live rule reload by sending a USR2 signal (#279)
– AF_PACKET BPF support (#449)
– AF_PACKET live packet loss counters (#441)
– Ringbuffer and zero copy support for AF_PACKET
– add pcap workers runmode for use with libpcap wrappers that support load balancing, such as Napatech’s or Myricom’s
– Napatech capture card support (contributed by Randy Caldejon — nPulse)
– Test mode: -T option to test the config (#271)
– Rule analyzer (#349)
– On the fly md5 checksum calculation of extracted files
– File extraction for HTTP POST request that do not use multipart bodies
– Scripts for looking up files / file md5’s at Virus Total and others (contributed by Martin Holste)
– Experimental support for matching on large lists of known file MD5 checksums
– negated filemd5 matching, allowing for md5 whitelisting
– Line based file log, in json format
– New multi pattern engine: ac-bs
– Basic support for including other yaml files into the main yaml
– Commandline options to list supported app layer protocols and keywords (#344, #414)
– Profiling improvements, added lock profiling code

Download : suricata-1.4rc1.tar.gz (2.34 MB) 
Our post before : http://seclist.us/update-suricata-v1-3.html