snort-2.9.12-1.{fc23,fc24,fc25,fc26,fc27,fc28,el6}.{i686,x86_64}.rpm and snort-2.9.12-1.el7.x86_64.rpm-
Snort is an open source network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks.
It can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes, such as buffer overflows,
stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more.
See here for the changes in this version.
This release includes support for PF_Ring for CentOS/RHEL 6 and 7 for the x86_64 architecture.
snort-sample-rules-2.9.12-1.{fc23,fc24,fc25,fc26,fc27,fc28,el6,el7}.noarch.rpm - These rules are sample rules only and are intended to allow
snort to start successfully.
These rules only flag HttP traffic destined for port 80.
Please see the snort rules page to acquire a current set of snort rules.
snort-openappid-2.9.12-1.{fc23,fc24,fc25,fc26,fc27,fc28,el6}.{i686,x86_64}.rpm and snort-openappid-2.9.12-1.el7.x86_64.rpm -
This is the snort package built --enable-open-appid option added to the configure script that configures the build of snort.
See here for more details.
See the OpenAppId Detector Developer Guide for more information.
To install snort-openappid on your system, you must first remove snort.
Here is an example:
if rpm -q --quiet snort; then sudo rpm -ev snort --nodeps; fi
sudo dnf install snort-openappid # On CentOS/RHEL, use yum instead of dnf
In addition, this release includes support for PF_Ring for CentOS/RHEL 6 and 7 for the x86_64 architecture.
Volatility-2.6-4.{fc23,fc24,fc25,fc26,fc27,fc28,el6}.{i386,x86_64}.rpm and Volatility-2.6-4.el7.x86_64.rpm -
The Volatility Framework is a completely open collection of tools, implemented in Python under the GNU General Public License, for the extraction of digital artifacts from volatile memory (RAM) samples.
This version of Volatility is the official version of Volatility 2.6 that has been patched to October 15, 2018.
You can read about this version here
Since the Volatility-community-plugins contain the mimikatz plugin, that plugin is no longer packaged with Volatility.
sleuthkit{,-devel,-libs}-4.6.3-1.{fc23,fc24,fc25,fc26,fc27,fc28,el6,el7}.{i686,x86_64}.rpm - The Sleuth Kit (TSK) is a
library and collection of command line tools that allow you to investigate volume and file system data.
See here for the changes since the last version (4.6.2) released to this repository.
regripper-plugins-20181017-1.{fc23,fc24,fc25,fc26,fc27,fc28,el6,el7}.noarch.rpm - Regripper-plugins
are the plugins packaged separately from the regripper application.
This package is taken from the plugins directory at the Github source code site as of 2018-10-17.
python-certifi-2018.10.15-1.{fc23,fc24,fc25,fc26,fc27,fc28,el7}.noarch.rpm - Certifi is a
carefully curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts.
This package was supports plaso.
pfring-7.2.0-2190.{el6,el7}.x86_64.rpm - PF_Ring is a new type of network socket that dramatically
improves the packet capture speed.
This package contains header files and libraries, among other files, to support the PF_Ring network socket.
pfring-dkms-7.2.0-2190.{el6,el7}.x86_64.rpm - PF_Ring is a new type of network socket that dramatically
improves the packet capture speed.
This package conains the code and supporting files needed to create the PF_Ring kernel module.
fmem-kernel-modules-fc28-{i386,x86_64}-1.6-1.20.noarch.rpm - Support for the following kernels were added for
Fmem:
4.18.14-200 for FC28
4.18.13-200 for FC28
lime-kernel-modules-fc28-{i386,x86_64}-1.1.r17-20.noarch.rpm - Support for the following kernels were added for
LiME:
4.18.14-200 for FC28
4.18.13-200 for FC28
fmem-kernel-modules-fc27-{i386,x86_64}-1.6-1.39.noarch.rpm - Support for the following kernels were added for
Fmem:
4.18.13-100 for FC27
lime-kernel-modules-fc27-{i386,x86_64}-1.1.r17-39.noarch.rpm - Support for the following kernels were added for
LiME: