snort-openappid - An open source Network Intrusion Detection System (NIDS) with open AppId support
Snort is an open source network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks. It can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more. Snort has three primary uses. It can be used as a straight packet sniffer like tcpdump(1), a packet logger (useful for network traffic debugging, etc), or as a full blown network intrusion detection system. You MUST edit /etc/snort/snort.conf to configure snort before it will work! Please see the documentation in /usr/share/doc/snort-18.104.22.168 for more information on snort features and configuration.
|snort-openappid-22.214.171.124-1.el6.i686 [8.2 MiB]||
by Lawrence R. Rogers (2020-10-30):
- Release 126.96.36.199-1 New Additions Added support for s7Commplus protocol. Support for allowing common names across rule options. Added support to detect TCP Fast Open packets. Improvements / Fix Added support for HTTP range field parsing to detect if HTTP response/request is indeed partial or full content. Fixed TCP segment queue hole issue as per the RFC793 recommendation for OOO Ack packet handling. Fixed multiple static analysis issues. Miscellaneous SMB bug fixes.