Irregular Expressions

Apr 27 2010   11:11PM GMT

Snort updated

Dan O'Connor Dan O'Connor Profile: Dan O'Connor

Snort was updated on the 26th, .

Here is the list of new additions and improvements from the update.

2010-04-22 - Snort 2.8.6

[*] New Additions
   * HTTP Inspect now splits requests into 5 components -
     Method, URI, Header (non-cookie), Cookies, Body.
     Content and PCRE rule options can now search one or more of these buffers.

     HTTP server-specific configurations to normalize the HTTP header and/or
     cookies have been added.

     Support gzip decompression across multiple packets.

   * Added a Sensitive Data preprocessor, which performs detection of
     Personally Identifiable Information (PII).  A new rule option is available
     to define new PII.  See README.sensitive_data and the Snort Manual
     for configuration details.

   * Added a new pattern matcher and related configurations.  The new pattern
     matcher is optimized to use less memory and perform at AC speed.

[*] Improvements
   * Addressed problem to resolve output obfuscation affecting packets
     when Snort is inline.

   * Preprocessors with memcap settings can now be configured in a "disabled"
     state.  This allows you to configure that memcap globally, but only enable
     the preprocessor in targeted configurations.

 Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: