Net Manager
Network Managing, Engineering and Administration with an eye toward security.

Best practices meets the real world!

Tuesday, April 22, 2003  

Very major update to this great IDS:

Snort 2.0 has been released and is available at
Snort 2.0 is the result of many months of effort on the part of dozens of people and has a slew of new features:

  • Enhanced high-performance detection engine
  • Stateful Pattern Matching
  • New detection keywords: byte_test & byte_jump
  • The Snort code base has undergone an external third party professional security audit funded by
  • Sourcefire (
  • Many new and updated rules
  • snort.conf has been updated
  • Enhancements to self preservation mechanisms in stream4 and frag2
  • State tracking fixes in stream4
  • New HTTP flow analyzer
  • Enhanced protocol decoding (TCP options, 802.1q, etc)
  • Enhanced protocol anomaly detection (IP, TCP, UDP, ICMP, RPC, HTTP, etc)
  • Enhanced flexresp mode for real-time TCP session sniping
  • Better chroot()'ing
  • Tagging system updated
  • Several million bugs addressed....
  • Updated FAQ (thanks to Erek Adams and Dragos Ruiu)

    posted by David | 4/22/2003 04:47:00 PM


    Post a Comment

    << Home

  • links
    News Links
    Blog Links


    Reading blogs at work? Click to escape to a suitable site!
    Get Firefox

    Site Meter

    Powered by Blogger