14 DAY TRIAL // Snort, an open source network intrusion prevention and detection system (IDS/IPS) developed by Sourcefire, which combines the benefits of signature, protocol, and anomaly-based inspection, is now at version 2.9.2.1.
There are a few updates for the latest version of Snort, 2.9.2.1, but the addition of new alerts for HTTP (undefined methods & HTTP 0.9 simple requests) seem to be the most important one.
Highlights of Snort 2.9.2.1:
· Stream preprocessor in TCP session tracking has received some updates in order to avoid re-queuing retransmitted data that was already flushed; · flowbit groups now use the group when some rules refer to a “flow group”, while others do not refer to a group for the same flowbit; · GTP preprocessor updates; · Updates for SCADA preprocessors in their handling of PAF flushing and Modbus request/response length checking; · Reputation preprocessor received an update to handle shared memory switching; · sfrt library updates.
Download Snort 2.9.2.1 right now from Softpedia.