[Snort-devel] Snort 2.1.3 RC1 available

From: Jeremy Hewlett <jh(at)sourcefire.com>
Date: Wed Apr 21 2004 - 18:13:47 EDT

Hello all,

We're proud to release Snort 2.1.3 Release Candidate 1. We're releasing this as a Release Candidate so the community can give us feedback on what they like or dislike about the new method of logging events. We'd also like to get any suggestions on other event ordering algorithms that users would like to order events with. We currently support ordering events based on Event Priority and Rule Content Length.

The following is a list of the major changes in Snort 2.1.3 RC1:

• Added multi-event queueing in Snort. Snort now supports logging multiple events per packet, and prioritizing those events using different methods. Thanks to H.D. Moore for illustrating event obfuscations when snort only logged one event per packet.

  Please see ./doc/README.event_queue for details

• Fixed timezone problems with database output plugins. Thanks Marcus Janoski and Chris Reid.
• Revert to old tag functionality. Will add proposed tagging configurations in a future release.

Thanks to everyone for supporting Snort development and giving us your feedback!

As a side note, Sourceforge (?) is very slow at the moment, so CVS STABLE tag hasn't yet been synced up with the 2.1.3-RC1 tag.

Cheers,
The Snort Team

---

This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click

---

Snort-devel mailing list
Snort-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/snort-devel Received on Wed Apr 21 18:25:11 2004