发布于 2016-03-30 23:51:43 | 154 次阅读 | 评论: 0 | 来源: 网友投递
Snort 入侵检测系统
Snort是美国Sourcefire公司开发的发布在GPL v2下的IDS(Intrusion Detection System)软件
Snort 2.9.8.2 发布了,改进日志如下:
[*] New additions
* Future-flow and DNS API exposed to lua detector.
* Double VLAN tagging support.
[*] Improvements
* Performance improvements to AppID.
* Stability improvements to file and ftp_telnet preprocessor.
* Fixed several issues with SDF and obfuscation.
* Resolved an issue of improper handling of malformed DNS host
in AppID.
* HTTP PAF accepts all tokens between method and version strings
in a request URI.
* Resolved snort build issue with "--disable-perfprofiling" configure
option.
* Enhanced mime parsing by adding support for detecting files
after unknown headers and no headers.
* Fixed issue with gzip decompression. If the server response specifies
Content-Encoding as GZIP, but no Content-Length field for HTTP ver 1.0.
* End of Header(EOH) identification for HTTP response header spanning multiple
packets.
* Improved packet reassembly for HTTP.
* Fixed Flash LZMA decompression issue.
下载地址:https://www.snort.org/downloads