2010年10月 7日

[installer 2531] snort-2.9.0

snort-2.9.0 出ています。

☆ snort-2.9.0
http://www.snort.org/
http://www.snort.org/snort-downloads

2010-10-04 - Snort 2.9.0

[*] New Additions
* Feature rich IPS mode including improvements to Stream for
inline deployments. Additionally a common active response API is
used for all packet responses, including those from Stream,
Respond, or React. A new response module, respond3, supports the
syntax of both resp & resp2, including strafing for passive
deployments. When Snort is deployed inline, a new preprocessor
has been added to handle packet normalization to allow Snort
to interpret a packet the same way as the receiving host.

* Use of a Data Acquisition API (DAQ) that supports many different
packet access methods including libpcap, netfilterq, IPFW, and
afpacket. For libpcap, version 1.0 or higher is now required.
The DAQ library can be updated independently from Snort and is
a separate module that Snort links to.

* A new rule option 'byte_extract' that allows extracted values to
be used in subsequent rule options for isdataat, byte_test,
byte_jump, and content distance/within/depth/offset.

* Two new rule options to support base64 decoding of certain pieces
of data and inspection of the base64 data via subsequent rule
options.

* Added a new pattern matcher that supports Intel's Quick Assist
Technology for improved performance on supported hardware
platforms. Visit http://www.intel.com to find out more about
Intel Quick Assist.

[*] Improvements
* Updates to HTTP Inspect to extract and log IP addresses from
X-Forward-For and True-Client-IP header fields when Snort generates
events on HTTP traffic.

* Updates to SMTP preprocessor to support MIME attachment decoding
across multiple packets.

* Updates to the Snort packet decoders for IPv6 for improvements to
anomaly detection.

----
こがよういちろう


投稿者 xml-rpc : 2010年10月 7日 19:44
役に立ちました?:
過去のフィードバック 平均:(0) 総合:(0) 投票回数:(0)
本記事へのTrackback: http://hoop.euqset.org/blog/mt-tb2006.cgi/98950
トラックバック
コメント
コメントする




画像の中に見える文字を入力してください。