Snort is a powerful network intrusion prevention system, capable of performing real-time traffic analysis and packet logging on IP networks.
Combining the benefits of signature, protocol, and anomaly-based inspection, Snort is the most widely deployed IDS/IPS technology worldwide. With millions of downloads and nearly 400,000 registered users, Snort has become the de facto standard for IPS.
What's New in This Release:
· Added new alerts for HTTP (undefined methods & HTTP 0.9 simple requests)
· Updates to the Stream preprocessor in TCP session tracking to avoid re-queuing retransmitted data that was already flushed. Also various tweaks for PAF flushing
· Updates to the reputation preprocessor to handle shared memory switching
· Updates to the SCADA preprocessors in their handling of PAF flushing and Modbus request/response length checking. Also tweaks in alerts for reserved DNP3 functions
· Updates to flowbit groups to always use the group when some rules refer to a flow group while others do not refer to a group for the same flowbit
· Updates to GTP preprocessor to check invalid extension header length for GTPv1
· Updates to sfrt library, used in reputation preprocessor and target based configuration, when calculating memory allocated and support for IPv6