Snort 2.8.6.1 released

Snort is an open source network intrusion prevention system, capable of performing real-time traffic analysis and packet logging on IP networks.

It can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more.

Updates

  • Fix installer packages to include correct version of sensitive data preprocessor for linux and Windows
  • Eliminate false positives when using fast_pattern:only and having only one http content in the pattern matcher.
  • Address false positives in FTP preprocessor with string format verification. Also addressed issue with handling of response codes to data transfer commands where the response code didn’t contain a message.



Share this