14 DAY TRIAL // Snort, an open source network intrusion prevention and detection system (IDS/IPS) developed by Sourcefire, which combines the benefits of signature, protocol, and anomaly-based inspection, is now at version 2.9.6.0.
This is not a big release for Snort, but quite a few fixes and improvements have been implemented. Users have been asked to update to the latest version if they want to keep up with the most recent changes.
According to the changelog, the support to do file specific processing within DCERPC preprocessor for files being transferred over SMB has been added, file capture and storage is now possible, SMTP has been updated to detect Cyrus SASL authentication attacks, the POP and IMAP protocols support simple PAF for improved identification and capture of files, and much more.
Also, the SMTP, POP, and IMAP protocols have improved the inspection when mime boundaries are split across packets, and an out of order SSL handshake in SMTP has been corrected.
Check out the complete changelog for a comprehensive list of updates, new features, and other changes. Download Snort 2.9.6.0 right now from Softpedia.