ARTICLE

Snort 2.8.0 released

Friday 28 September 2007

Snort is a lightweight network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks. It can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more. Snort uses a flexible rules language to describe traffic that it should collect or pass, as well as a detection engine that utilizes a modular plugin architecture. Snort has a real-time alerting capability as well, incorporating alerting mechanisms for syslog, a user specified file, a UNIX socket, or WinPopup messages to Windows clients using Samba’s smbclient.

Feature highlights:

- Port lists
- IPv6 support
- Packet performance monitoring
- Experimental support for target-based stream and IP frag reassembly
- Ability to take actions on preprocessor events
- Detection for TCP session hijacking based on MAC address
- Unified2 output plugin
- Improved performance and detection capabilities


POSTSCRIPTUM

Download (Happy snorting. .. dont abuse)


RELATED ARTICLES

Data Sniffer, IDS, Snort,

19 June 2008 : Snort 2.8.2.1 released
28 September 2007 : Snort 2.8.0 released
2 September 2007 : Snort 2.8 Beta is out
1 July 2007 : Snort 2.7.0 RC2 released
24 June 2007 : Snort 2.7.0 RC1 released