Snort is a free and open source network intrusion prevention
system (NIPS) and network intrusion detection system (NIDS) . Snort
having the ability to perform real-time traffic analysis and packet
logging on Internet Protocol (IP) networks. Snort performs protocol
analysis, content searching, and content matching.
This program can be used to detect probes or attacks, including, but
not limited to, operating system fingerprinting attempts, common
gateway interface, buffer overflows, server message block probes, and
stealth port scans. Snort can be configured in three main modes:
sniffer, packet logger, and network intrusion detection.
The 7 Big Improvements on Snort 2.9.4.1
1. Updated File processing for partial HTTP content and MIME attachments.
2. Addition of new config option max_attribute_services_per_host and improve memory usage within attribute table.
3. Stream API updates to return session key for a session.
4. Handle excessive overlaps in frag3.
5. Reduce false positives for TCP window slam events.
6. Disable non-Ethernet decoders by default for performance reasons. If needed, use --enable-non-ether-decoders with configure.
7. Updates to provide better encoding for TCP packets generated for respond and react.
Snort 2.9.4.1 Can Be Downloaded Here For Free! Listed Below!!
Download Snort 2.9.4.1
No comments:
Post a Comment