Net Manager
Network Managing, Engineering and Administration with an eye toward security.

Best practices meets the real world!


Tuesday, April 22, 2003  

Very major update to this great IDS:

Snort 2.0 has been released and is available at snort.org.
Snort 2.0 is the result of many months of effort on the part of dozens of people and has a slew of new features:

  • Enhanced high-performance detection engine
  • Stateful Pattern Matching
  • New detection keywords: byte_test & byte_jump
  • The Snort code base has undergone an external third party professional security audit funded by
  • Sourcefire (http://www.sourcefire.com)
  • Many new and updated rules
  • snort.conf has been updated
  • Enhancements to self preservation mechanisms in stream4 and frag2
  • State tracking fixes in stream4
  • New HTTP flow analyzer
  • Enhanced protocol decoding (TCP options, 802.1q, etc)
  • Enhanced protocol anomaly detection (IP, TCP, UDP, ICMP, RPC, HTTP, etc)
  • Enhanced flexresp mode for real-time TCP session sniping
  • Better chroot()'ing
  • Tagging system updated
  • Several million bugs addressed....
  • Updated FAQ (thanks to Erek Adams and Dragos Ruiu)

    posted by David | 4/22/2003 04:47:00 PM

    0 Comments:

    Post a Comment

    << Home

    		•
    links
    Net Manager Blog
    Cockatiel Lair

    cNet News
    eWeek
    cNet
    InterNet Week
    Network World
    Information Week
    Security Focus
    SANS InfoSec Reading Room
    CERT
    SlashDot
    GrokLaw
    NewsForge
    LWN.net
    Linux Journal
    Linux Today
    Linux Gazette
    The Register

    Internet Storm Center
    DShield
    Internet Health Report
    Global Instability
    SamSpade DNSBLomatic
    Virus Encyclopedia
    Symantec Anti-Virus
    TMS - Symantec
    McAfee
    Sophos Top Ten

    Security Tracker
    Hacker Toolkit
    Security-Forums
    PacketStorm
    Phrack
    Astalavista
    Interhack
    RootKits
    Knoppix
    Knoopix STD
    News Links
    CNN Online
    MSNBC News
    CBS News
    ABC News
    FOX News
    USA Today
    The Miami Herald
    The Washington Post
    The New York Times
    BBC News
    The Guardian
    Canada's CBC
    Austraila's ABC
    Blog Links
    IT Blogs
    Just Another Geeks Blog
    The Lost Olive
    CyberCrime Archives
    DataCom Guy
    One Man I.T.
    Geek Style
    Pete's Perfect World
    TechDirt
    archives



    contact
    You can contact me at: security.networking (at) gmail.com

    My Personal Home Page is: LAN Technican.

    The views expressed on this site are mine alone and do not necessarily reflect the views of my employer.
    Site Feed

    PicoSearch

    Reading blogs at work? Click to escape to a suitable site!
    Get Firefox

    Site Meter

    Powered by Blogger