Irregular Expressions

Apr 25 2010   10:14PM GMT

3rd Suricata Beta



Posted by: Dan O'Connor
Tags:
ids
suricata beta
suricata ids

There is a 3rd Suricata Beta available, head on over to http://www.openinfosecfoundation.org/index.php/download-suricata .

Be warned that there is still a few items that need to be fixed.

Here is the list from the download section.

Known issues & missing features

We have made significant progress towards reaching our first full (non-beta) release
 of Suricata.  Your feedback is always important to us and we appreciate
 your time and effort.  As always, we are doing our best to make you
aware of continuing development and items within the engine that are not
 yet complete.  With this in mind, please notice the list we have
included of known items we are working on.

- Using the http_cookie keyword seems to cause a match on all packets.
- Currently we dont' support the dce option for byte_test and byte_jump.
- Stream reassembly is currently only performed for app-layer code.
- Inconsistent time stamps in http log file due to handling & updating of the http state.
- DCE/RPC over udp is not currently supported.
- dce_stub_data does not respect relative modifiers.
- Engine does not work properly on big endian platforms.
- Time based stats are not calculated correctly.

I don’t see anything that would effect the install procedures, it seems like the dependencies have not changed from I have found.

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: