|
Contributed by Chad Brandt
|
|
|
|
Tuesday, 29 June 2004
The first release candidate of Snort v2.2 is available. Many new features and
fixes since the 2.1.3 releaseThe major features of Snort 2.2.0 RC1 include:
- Added new TCP state engine
- Added ASN.1 parsing and detection functionality to snort. Please refer to
README.asn1 for more information on rule usage.
- Fixed rebuilt TCP packet munging reported by Steve Halligan. Thanks a lot
for getting this problem down to pcap so we could analyze the problem.
- Improve TCP reassembly flushing for TCP streams that have already generated
an alert. This was illustrated by Brian Bailey in his SANS GIAC practical
examination. Thanks for working with us on this one.
- Added webroot alert. This alert is generated when a URL directory traversal
traverses past the webroot. Added new URI discovery technique pointed out by
Kanatoko. Please see doc/README.http_inspect for more details.
- New Aho-Corasick pattern matchers. Added content length tracking on otnx
structures.
- Chunked Encoding false positives fixed in http_inspect. Thanks Lindsey Cheng
for finding the problem.
- Updated RPMs - please see contrib/rpm/CHANGES.rpms for further details
Get the full details
Only registered users can write comments.
Please login or register. Powered by AkoComment 1.0 beta 2! |
Home 
Snort 2.2.0 RC1 Released 
