Sort is a network intrusion prevention and detection system that uses a rule-driven language, which combines the benefits of protocol, signature and anomaly based inspection methods.
Snort is the most widely deployed intrusion detection and prevention technology worldwide and has become the de facto standard for the industry.
Requirements:
· PCRE library
What`s New in This Release: [ read full changelog ]
Improvements:
· The normalization perprocessor now has options to configure packet trimming and TOS clearing. Packets injected by the preprocessor will now appear in Snort`s packet statistics. TCP timestamps are now only normalized if a session is established without timestamp negotiation. See ChangeLog or README.normalize for more details.
· Added a "config vlan_agnostic" setting that globally disables Stream`s use of vlan tags in session tracking.
· Fixed some issues in the packet decoder, including one where IPv6 fragments were being decoded incorrectly.
· Updated the default snort.conf to enable unlimited decompression of gzipped HTTP server responses.