File Processing Updated in Snort

The latest version of Snort can be downloaded from Softpedia

Snort, an open source network intrusion prevention and detection system (IDS/IPS) developed by Sourcefire, which combines the benefits of signature, protocol, and anomaly-based inspection, is now at version

Highlights of Snort

• File processing has been updated for partial HTTP content and MIME attachments;

• A new config option called max_attribute_services_per_host has been added, improving the memory usage within attributes table;

• Excessive overlaps are now handled in frag3;

• Stream API updates now return session key for a session;

• False positives have been reduced for TCP window slam events;

• Updates have been added to provide better encoding for TCP packets generated, for respond and react;

• Non-ethernet decoders have been disabled by default, for performance reasons. If needed, use --enable-non-ether-decoders with configure.

Check out the complete changelog for a comprehensive list of updates and new features.

Download Snort right now from Softpedia.

Hot right now  ·  Latest news