Snort mailing list archives
Suricata Development Meeting Update
From: Matt Jonkman <jonkman () jonkmans com>
Date: Thu, 04 Mar 2010 13:12:11 -0500
The OISF Team conducted a major development and planning session the last week of February in preparation for the next phase of Suricata Development. We have made some incredible progress in a very short time and much of that progress is due to the great feedback and testing we receive from the community. We are extremely grateful for the support both from individuals and large corporations who are putting the engine to the test in their environments. The amount of code and and patches flowing in has been very exciting and we have progressed farther and faster than our expectations! We are still in Phase One of our development plan and we are officially announcing a feature freeze and release date for a final phase one production ready engine! The feature freeze is now in effect for Phase One. We will have a Phase One Release Candidate available for testing on Monday May 3rd, 2010. We will then release the final production ready Phase One engine on July 1st, 2010. In addition to what Suricata does so well now, the following additional features will be made available with this production release: Complete Snort Syntax and Keyword Support (A few details to finalize, yet we will support 2.8.5 and prior syntax) SMB Preprocessor Completion (Features such as request logging, etc) Complete LibHTP Integration, and added keywords to make use of those capabilities Complete Documentation of the Engine, Configuration, and Tuning Configurable Run Modes will be available CUDA GPU Acceleration Support as an Experimental Feature Fully tested Windows Binaries will be available Basic Performance Statistics Available (Very advanced statistics will be made available in Phase Two) Detailed Error Codes and associated Documentation Local IP Reputation Support and GeoIP capabilities (Distributed Reputation functionality to be released in Phase Two) Included in this cycle will be some major internal performance tuning. We are learning a lot with the multi-threaded nature of this engine, and it’s being tested on some incredibly high speed links. Throughput rates are very impressive, but we're seeing where we can make it even better! The above features are in addition to what Suricata is already doing well. As a reminder, some of the more exciting features already functional and in the current release are: Multi-Threading Native IPv6 Support FlowInts HTTP logging LibHTP from Ivan Ristic Mac OS X & FreeBSD inline And many more... Further announcements will be made in the near future including the new features we are targeting for Phase Two, upcoming brainstorming meetings near you, and some new ancillary projects. So stay tuned, and thanks for supporting the Foundation, this is a community project and we are proud to be a part of it! Please Stay Tuned! And keep the feedback and patches coming! ---------------------------------------------------- Matthew Jonkman Emerging Threats Open Information Security Foundation (OISF) Phone 765-429-0398 Fax 312-264-0205 http://www.emergingthreats.net http://www.openinfosecfoundation.org ---------------------------------------------------- PGP: http://www.jonkmans.com/mattjonkman.asc ------------------------------------------------------------------------------ Download Intel® Parallel Studio Eval Try the new software tools for yourself. Speed compiling, find bugs proactively, and fine-tune applications for parallel performance. See why Intel Parallel Studio got high marks during beta. http://p.sf.net/sfu/intel-sw-dev _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Suricata Development Meeting Update Matt Jonkman (Mar 04)