Snort mailing list archives
Re: Snort 2.9.8 Now Available
From: Rafael Leiva-Ochoa <spawn () rloteck net>
Date: Tue, 1 Dec 2015 13:17:53 -0800
Works fine for me too when upgrading from 2.9.7.x On Tuesday, December 1, 2015, Rafael Paris <raparis () gmail com> wrote:
Good afternoon everyone. I have upgraded to snort 2.9.8.0 on 2 sensors with 2.9.7.6 signatures with no problems. They usually works fine. Cheers, Rafael Paris 2015-11-30 21:06 GMT-04:30 Dr. Stephen Gantz < stephen.gantz () faculty umuc edu <javascript:_e(%7B%7D,'cvml','stephen.gantz () faculty umuc edu');>>:Any issue with running 2.9.7.6 rules with this release pending a 2.9.8 ruleset? Dr. Stephen D. Gantz CISSP-ISSAP, CEH, CGEIT, CRISC, CIPP/G, C|CISO Professor of Information Assurance The Graduate School University of Maryland University College stephen.gantz () faculty umuc edu <javascript:_e(%7B%7D,'cvml','stephen.gantz () faculty umuc edu');> -------- Original message -------- From: Snort Releases <snortreleases () snort org <javascript:_e(%7B%7D,'cvml','snortreleases () snort org');>> Date: 11/30/2015 2:30 PM (GMT-05:00) To: snort-devel () lists sourceforge net <javascript:_e(%7B%7D,'cvml','snort-devel () lists sourceforge net');>, snort-users () lists sourceforge net <javascript:_e(%7B%7D,'cvml','snort-users () lists sourceforge net');> Subject: [Snort-users] Snort 2.9.8 Now Available Snort 2.9.8 is now available on snort.org at http://www.snort.org/downloads in the Snort Stable Release section. 2015-11-17 - Snort 2.9.8.0 [*] New additions * SMBv2/SMBv3 support for file inspection. * Port override for metadata service in IPS rules. * AppID Lua detector performance profiling. * Perfmon dumps stats at fixed intervals from absolute time. * New preprocessor alert (120:18) to detect SSH tunneling over HTTP * New config option |disable_replace| to disable replace rule option. * New Stream configuration |log_asymmetric_traffic| to control logging to syslog. * New shell script in tools to create simple Lua detectors for AppID. [*] Improvements * sfip_t refactored to use struct in6_addr for all ip addresses. * Post-detection callback for preprocessors. * AppID support for multiple server/client detectors evaluating on same flow. * AppID API for DNS packets. * Memory optimizations throughout. * Support sending UDP active responses. * Fix perfmon tracking of pruned packets. * Stability improvements for AppID. * Stability improvements for Stream6 preprocessor. * Added improved support to block malware in FTP preprocessor. * Added support to differentiate between active and passive FTP connections. * Improvements done in Stream6 preprocessor to avoid having duplicate packets in the DAQ retry queue. * Resolved an issue where reputation config incorrectly displayed 'blacklist' in priority field even though 'whitelist' option was configured. * Added support for multiple expected sessions created per packet * Active response now supports MPLS Please submit bugs, questions, and feedback to bugs () snort org <javascript:_e(%7B%7D,'cvml','tobugs () snort org');> or the Snort-Users mailing list. Happy Snorting! The Snort Release Team ------------------------------------------------------------------------------ Go from Idea to Many App Stores Faster with Intel(R) XDK Give your users amazing mobile app experiences with Intel(R) XDK. Use one codebase in this all-in-one HTML5 development environment. Design, debug & build mobile apps & 2D/3D high-impact games for multiple OSs. http://pubads.g.doubleclick.net/gampad/clk?id=254741911&iu=/4140 _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net <javascript:_e(%7B%7D,'cvml','Snort-users () lists sourceforge net');> Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
------------------------------------------------------------------------------ Go from Idea to Many App Stores Faster with Intel(R) XDK Give your users amazing mobile app experiences with Intel(R) XDK. Use one codebase in this all-in-one HTML5 development environment. Design, debug & build mobile apps & 2D/3D high-impact games for multiple OSs. http://pubads.g.doubleclick.net/gampad/clk?id=254741911&iu=/4140
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- Snort 2.9.8 Now Available Snort Releases (Nov 30)
- <Possible follow-ups>
- Re: Snort 2.9.8 Now Available Dr. Stephen Gantz (Nov 30)
- Re: [Snort-users] Snort 2.9.8 Now Available Y M (Dec 01)
- Re: [Snort-users] Snort 2.9.8 Now Available Michael Steele (Dec 01)
- Re: [Snort-users] Snort 2.9.8 Now Available Joel Esler (jesler) (Dec 01)
- Re: [Snort-users] Snort 2.9.8 Now Available Y M (Dec 01)
- Re: Snort 2.9.8 Now Available Rafael Paris (Dec 01)
- Re: Snort 2.9.8 Now Available Rafael Leiva-Ochoa (Dec 01)