Download

More Information

Snort

Changes: This release adds a revised DCE/RPC preprocessor with more rule options (there will be a number of updates to the rules; be sure to update your rules when that package is available in the next few days), support for IPv6 in Frag3 and all application preprocessors, improved target-based support in preprocessors, an option to automatically pre-filter traffic that is not inspected in order to improve performance, and several other improvements and fixes.

Changes: A problem was fixed with the target based/attribute table and false positives for rules that don't have service metadata. The target based/attribute table's compatability with older versions of bison was fixed and it no longer exits when exceeding the configured limit on attribute table reload. Stream5 was updated to better handle out-of-sequence server responses that contain data when not doing server-side reassembly. Configurable limits were added on the amount of data queued for a single connection.

Changes: Many changes, fixes, and features have been engineered since then.

Changes: This release includes a number of new features, fixes, and performance enhancements, including the Frag3 preprocessor, a target-based IP defragmentation module, and an "ftpbounce" rule detection plugin.

Changes: A remote root vulnerability in the RPC fragment normalization code was fixed along with some other bugs, and some new options were added.