Snort, an open source network intrusion prevention and detection system (IDS/IPS) developed by Sourcefire, which combines the benefits of signature, protocol, and anomaly-based inspection, is now at version 220.127.116.11.
Highlights of Snort 18.104.22.168:
• File processing has been updated for partial HTTP content and MIME attachments;
• A new config option called max_attribute_services_per_host has been added, improving the memory usage within attributes table;
• Excessive overlaps are now handled in frag3;
• Stream API updates now return session key for a session;
• False positives have been reduced for TCP window slam events;
• Updates have been added to provide better encoding for TCP packets generated, for respond and react;
• Non-ethernet decoders have been disabled by default, for performance reasons. If needed, use --enable-non-ether-decoders with configure.
Check out the complete changelog for a comprehensive list of updates and new features.
Download Snort 22.214.171.124 right now from Softpedia.