Snort 2.9.2.1 Adds Alerts for HTTP

Snort, an open source network intrusion prevention and detection system (IDS/IPS) developed by Sourcefire, which combines the benefits of signature, protocol, and anomaly-based inspection, is now at version 2.9.2.1.

There are a few updates for the latest version of Snort, 2.9.2.1, but the addition of new alerts for HTTP (undefined methods & HTTP 0.9 simple requests) seem to be the most important one.

Highlights of Snort 2.9.2.1:

· Stream preprocessor in TCP session tracking has received some updates in order to avoid re-queuing retransmitted data that was already flushed;
· flowbit groups now use the group when some rules refer to a “flow group”, while others do not refer to a group for the same flowbit;
· GTP preprocessor updates;
· Updates for SCADA preprocessors in their handling of PAF flushing and Modbus request/response length checking;
· Reputation preprocessor received an update to handle shared memory switching;
· sfrt library updates.

Download Snort 2.9.2.1 right now from Softpedia.