Sophie

Sophie

distrib > Mandriva > 2008.1 > x86_64 > media > main-release > by-pkgid > ed16fde01eb46d18d025b68d04b42b63 > files > 50

snort-2.8.0.1-0.2mdv2008.1.x86_64.rpm

2007-11-20 - Snort 2.8.0.1
[*] Improvements
    * Updates to build with new versions of libPCRE.

    * Fix Stream5 debugging output to actually compile and have correct output
      for normal & IPv6 enabled builds.

    * Correct perfmonitor statistic calculation for pattern matcher percentage.

2007-09-20 - Snort 2.8.0 

[*] New Additions
    * 1st Phase of IPv6.  Added support for IP variables (ipvar) and improved
      support for IP list handling.  Supported areas include Rules, Variables,
      and Stream5, HttpInspect, DCE/RPC preprocessors.  See README.ipv6 for
      details.

    * Port Lists.  Added and improved handling of lists of Ports, Port Ranges, 
      and use of Port variables (portvar) within rules.  Eliminates need to
      duplicate rules for different that are far apart, like HTTP ports 80 and
      8080.  See README.variables for details.

    * Packet Performance Monitoring.  Provide capability within Snort to 
      limit time spent inspecting individual packets as well as handle
      performance intensive rules.  See README.ppm for details.

    * Experimental support for Target-Based Stream & IP Frag reassembly and
      rule processing.

    * Ability to control actions (pass, drop, alert, sdrop, etc) taken
      when a preprocessor or decoder event is triggered.  Users can specify
      classifications and CVS/Bugtraq/etc reference information for those
      events.  Preprocessor and decoder events are controlled through rules
      (similar format to regular Snort rules, only without the Protocol, IP &
      Port specifiers).

    * Basic support to detect TCP session hijacking based on changes to the
      MAC address.

    * Unified2 Output plugin.

[*] Improvements
    * Ability to generate stats from all preprocessors at exit or upon
      receipt of USR1 signal.  Fixed issues with packet counters from PCAP
      library (received/dropped) being inconsistent between versions of
      libpcap.

    * Cleanup memory at Snort exit from session & client configurations.

    * Improved detection of encrypted ftp sessions and reduction of
      false positives generated by ftptelnet preprocessor.

    * Improvements to SMTP preprocessor for better normalization,
      SMTP header processing and additional ports.

    * Update output to better handle printing 64bit values across
      many platforms.

    * Improved performance in the pattern match engines to avoid
      re-evaluating a rule when a pattern has already been seen earlier
      in the packet.

Perl :: Catalyst :: PostgreSQL :: RPM Valid HTML 4.01 Transitional