Saturday, July 24, 2010

Snort 2.8.6.1 released

Snort is a lightweight network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks. It can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more.

* Fix installer packages to include correct version of sensitive data
preprocessor for linux and Windows
* Eliminate false positives when using fast_pattern:only and having
only one http content in the pattern matcher.
* Address false positives in FTP preprocessor with string format
verification. Also addressed issue with handling of response
codes to data transfer commands where the response code didn't
contain a message.

See the Release Notes and ChangeLog for more details.

Download: http://www.snort.org

No comments: