Snort is a powerful network intrusion prevention system, capable of performing real-time traffic analysis and packet logging on IP networks.
Combining the benefits of signature, protocol, and anomaly-based inspection, Snort is the most widely deployed IDS/IPS technology worldwide. With millions of downloads and nearly 400,000 registered users, Snort has become the de facto standard for IPS.
What's New in This Release:
· Updates to HTTP Inspect to handle normalization with large number of directories, eliminate false positives when chunks span multiple packets, and remove the upper limit on the gzip memcap.
· Update stream handling for TCP session cleanup with RSTs and other TCP state tracking.
· Update for active responses to fragmented IPv6 traffic and to the react page configuration.
· Updates to SIP preprocessor to limit false positives.
· Update for correct logging in unified2 when interface is passive.
· Add stats for SMTP preprocessor at termination.
· State tracking improvements to SMB processing in the dcerpc2 preprocessor when missing packets on a session