Jump to letter: [
snort - An open source Network Intrusion Detection System (NIDS)
Snort is an open source network intrusion detection system, capable of
performing real-time traffic analysis and packet logging on IP networks.
It can perform protocol analysis, content searching/matching and can be
used to detect a variety of attacks and probes, such as buffer overflows,
stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts,
and much more.
Snort has three primary uses. It can be used as a straight packet sniffer
like tcpdump(1), a packet logger (useful for network traffic debugging,
etc), or as a full blown network intrusion detection system.
You MUST edit /etc/snort/snort.conf to configure snort before it will work!
Please see the documentation in /usr/share/doc/snort-188.8.131.52 for more
information on snort features and configuration.
by Lawrence R. Rogers (2022-09-26):
- Release 184.108.40.206-1
See https://github.com/snort3/snort3/releases/tag/220.127.116.11 for the list of changes
by Lawrence R. Rogers (2021-12-01):
- Release 18.104.22.168-1
* src/snort.c :
Fixed an issue where verdict will be applied onto next session when timeout occurs in some scenarios.
* rc/file-process/file_service.c :
Removed an excessively flooding log.
* src/dynamic-preprocessors/modbus/modbus_decode.c :
Fixed possible integer overflow.
* src/fpcreate.c :
Added fix to GCC compiled snort to use AC-BNFA-Q search-method when Intel-cpm is enabled.
Added fix to not to drop packets when window size is 0 by TCP normalizer and Added new alert with GID 129 and SID 21 when such packets are seen.
Added support for Appid to detect login success and failure for IMAP and POP3 protocols.
Fixed terminology to be bias-free in log/error messages.
* src/snort.c :
Fixed a potential race condition.