UPDATE SNORT V-2.9.4.1 - network intrusion detection and prevention system

Release Notes v-2.9.4.1: This release updates file processing for partial HTTP content and MIME attachments, adds the new configuration option max_attribute_services_per_host and improves memory usage within attribute tables, handles excessive overlaps in frag3, adds Stream API updates to return a session key for a session, reduces false positives for TCP window slam events, updates to provide better encoding for TCP packets generated for “respond and react”, and disables non-ethernet decoders by default (for performance reasons)

Snort is a network intrusion detection and prevention system. It is the most widely deployed technology of its kind in the world. It performs detection using a variety of methods including rules-based detection, anomaly detection, and heuristic analysis of network traffic. Its rules language is open source and available to the public as well.

Features

• Protocol analysis and content searching/matching
• Uses a flexible rules language to describe traffic that it should collect or pass
• Detection engine that utilizes a modular plug-in architecture
• Real-time alerting capability
• Detects buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and more

Download version :
windows : Snort_2_9_4_1_Installer.exe (2.7 MB)
Unix/Linux : snort-2.9.4.1.tar.gz (5.3 MB)
Find Other version |
Sources : http://www.snort.org