Snort mailing list archives

Suricata 0.8.1 Released


From: Matt Jonkman <jonkman () jonkmans com>
Date: Fri, 19 Feb 2010 13:33:53 -0500

We're proud to announce that a new version of the Suricata engine is
available for download! There are some major changes and significant
improvements, we ask that you give this a run and continue giving us
feedback and patches!

http://www.openinfosecfoundation.org/index.php/downloads


The 0.8.1 release brings the following new features:

- the engine will now detect the number of cpu's/core's and setup the
engine to use them fully
- libhtp is now included in the source
- experimental CUDA support for NVIDIA GPU accelerated pattern matching
- initial support for Win32 (using mingw) was added
- FreeBSD/Mac OS X IPFW inline support was added
- many options in the configuration file for performance tuning
- VLAN decoding support was added
- Prelude output support

Major issues fixed & improvements made:

- threading issues in the unified1 and unified2 logging modules
- major stream engine issues were solved
- uricontent, urilen inspection is now done against the libhtp parsed uri
- ip only signature detection fixes in inline mode
- add the /P (request body) option to the pcre keyword
- many SMB, SMB2 and DCERPC improvements
- logging is more configurable
- pcap and pfring modes support for bpf was added
- many bugs were fixed, cleanups were made

Known issues:

- Some signatures fail to load because of missing keywords or keyword
options
- We have identified some serious performance issues with certain
signatures and traffic combinations
- Although we improved big endian support, there are still some issues
- CUDA code is expected to work only on 32bit and probably doesn't speed
things up yet as we will need further redesign to fully benefit


----------------------------------------------------
Matthew Jonkman
Emerging Threats
Open Information Security Foundation (OISF)
Phone 765-429-0398
Fax 312-264-0205
http://www.emergingthreats.net
http://www.openinfosecfoundation.org
----------------------------------------------------

PGP: http://www.jonkmans.com/mattjonkman.asc

------------------------------------------------------------------------------
Download Intel&#174; Parallel Studio Eval
Try the new software tools for yourself. Speed compiling, find bugs
proactively, and fine-tune applications for parallel performance.
See why Intel Parallel Studio got high marks during beta.
http://p.sf.net/sfu/intel-sw-dev
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users


Current thread: