![[LWN Logo]](/images/lcorner.png) |
|
![[LWN.net]](/images/Included.png) |
From: Martin Roesch <roesch@sourcefire.com>
To: snort-users <snort-users@lists.sourceforge.net>,
snort-dev <snort-devel@lists.sourceforge.net>,
focus-ids <focus-ids@securityfocus.com>, ids@uow.edu.au,
snort-announce <snort-announce@lists.sourceforge.net>, lwn@lwn.net
Subject: IDS: Snort 1.8.2 released
Date: Sun, 04 Nov 2001 01:29:23 -0500
Archive: http://msgs.securepoint.com/ids
FAQ IDS: http://www.sans.org/newlook/resources/IDFAQ/ID_FAQ.htm
FAQ NIDS: http://www.ticm.com/kb/faq/idsfaq.html
IDS: http://www-rnks.informatik.tu-cottbus.de/~sobirey/ids.html
HELP: Having problems... email questions to ids-owner@uow.edu.au
NOTE: Remove this section from reply msgs otherwise the msg will bounce.
SPAM: DO NOT send unsolicted mail to this list.
UNSUBSCRIBE: email "unsubscribe ids" to majordomo@uow.edu.au
-----------------------------------------------------------------------------
Snort 1.8.2 is available for download at http://www.snort.org!
This is mostly a bugfix release, Snort is now more stable and more
usable than it's been in quite a while, and should do a good job of
tiding people over while we transition to 2.0 and the codebase gets a
little more "fluid".
Here's the list of fixes:
* fixed UTC timestamps
* fixed SIGUSR1 handling, should reset properly now after getting
a signal on all platforms
* fixed PID path generation code, PID files go in the right place
now
* fixed stability problems in stream4
* fixed stability problems in frag2
* tweaks to spo_unified for better integration with barnyard
* added -f switch to turn off fflush() calls in binary logging mode
* added new config keyword to stream4, "log_flushed_streams", which
causes all buffered packets in the stream reassembler for that
session to be logged in the event of an event on that stream (must
be used in conjunction with spo_log_tcpdump)
* added packet precacheing for flexresp TCP packets, responses
should be generated more quickly
* fixed rules parser code for various failure modes
* several new rules files and a new classification system
* 60+ new rules since the last release added
After this release we're going to reorganize the whole source tree and
do a quick 1.9 version with the new code layout. Once that's done,
we're going to begin coding 2.0 in earnest in December, hopefully doing
our initial release sometime in the February time frame.
Snort 1.8.2 is available in the following package types at
http://www.snort.org on the Downloads page:
* source tarball
* RPM (10 flavors)
* Solaris Package
* OpenBSD Package
* FreeBSD Package
* win32 executable installer
Enjoy!
-Marty
--
Martin Roesch - President, Sourcefire Inc. - (410)552-6999
roesch@sourcefire.com - http://www.sourcefire.com
Snort: Open Source Network IDS - http://www.snort.org