Open Hub
Open Hub

 Settings |  Report Duplicate

88
I Use This!
High Activity

News

Analyzed 1 day ago. based on code collected 1 day ago.
Snort Subscriber Rule Set Update for 09/01/2015
Posted about 10 years ago by [email protected] (Joel Esler)
Just released:Snort Subscriber Rule Set Update for 09/01/2015We welcome the introduction of the newest rule release from Talos. In this release we introduced 18 new rules and made modifications to 15 additional rules. There were no changes made to ... [More] the snort.conf in this release.Talos's rule release: Talos has added and modified multiple rules in the blacklist, browser-chrome, browser-ie, exploit-kit, file-flash, file-image, file-other, malware-cnc, policy-other and server-webapp rule sets to provide coverage for emerging threats from these technologies. In order to subscribe now to Talos's newest rule detection functionality, you can subscribe for as low as $29 US dollars a year for personal users, be sure and see our business pricing as well at https://www.snort.org/products. Make sure and stay up to date to catch the most emerging threats! [Less]
Snort++ Build 167 Available Now
Posted about 10 years ago by [email protected] (Russ Combs)
Snort++ build 167 is now available on snort.org.  This is the latest monthly update of the downloads.  You can also get the latest updates from github (snortadmin/snort3) which is updated weekly.New Featuressupport multiple script-path args and ... [More] single filesflow depth support for new_http_inspectBug Fixesfix xcode warningsfix link error with g++ 4.8.3piglet bug fixesfix parameter range for those depending on loaded plugins; thanks to Siti Farhana Binti Lokman "[email protected]"; for reporting the issuefixed port_scan packet selectionfixed rpc_decode sequence number handling and buffer setupperf_monitor fixes for file outputfix ac_sparse_bands search methodfix unit test return valuefix documentation errors in user manualfix unit test build on osxDAQ packet header conditional compilation for pigletcleanup debug macrosOther Changesadd usage examples with live interfaces; thanks to Aman Mangal "[email protected]" for reporting the problemTCP session refactoring and create libtcpdoc and build tweaks for pigletsexpanded piglet interfaces and other enhancementsadd catch.hpp include from https://github.com/philsquared/Catchrun catch unit tests after check unit testsadd range and default to command line argsadd make targets for dev_guide.html and snort_online.htmlPlease submit bugs, questions, and feedback to [email protected] or the Snort-Users mailing list.Happy Snorting!The Snort Release Team [Less]
Snort Subscriber Rule Set Update for 08/27/2015
Posted about 10 years ago by [email protected] (Joel Esler)
Just released:Snort Subscriber Rule Set Update for 08/27/2015We welcome the introduction of the newest rule release from Talos. In this release we introduced 47 new rules and made modifications to 36 additional rules. There were no changes made to ... [More] the snort.conf in this release.Talos's rule release: Talos has added and modified multiple rules in the blacklist, browser-ie, browser-plugins, exploit-kit, file-executable, file-flash, file-identify, file-image, file-other, file-pdf, malware-cnc, malware-other, os-windows, policy-other and sql rule sets to provide coverage for emerging threats from these technologies. In order to subscribe now to Talos's newest rule detection functionality, you can subscribe for as low as $29 US dollars a year for personal users, be sure and see our business pricing as well at https://www.snort.org/products. Make sure and stay up to date to catch the most emerging threats! [Less]
Snort Subscriber Rule Set Update for 08/25/2015
Posted about 10 years ago by [email protected] (Joel Esler)
Just released:Snort Subscriber Rule Set Update for 08/25/2015We welcome the introduction of the newest rule release from Talos. In this release we introduced 48 new rules and made modifications to 7 additional rules. There were no changes made to ... [More] the snort.conf in this release. Talos would like to thank the following individuals for their contributions, their rules are included in the Community Ruleset:Yaser Mansour35745357463574935750Talos's rule release: Talos has added and modified multiple rules in the blacklist, browser-ie, file-flash, file-image, file-multimedia, file-office, file-pdf, indicator-compromise, indicator-obfuscation, malware-cnc, os-other, os-windows and server-webapp rule sets to provide coverage for emerging threats from these technologies. In order to subscribe now to Talos's newest rule detection functionality, you can subscribe for as low as $29 US dollars a year for personal users, be sure and see our business pricing as well at https://www.snort.org/products. Make sure and stay up to date to catch the most emerging threats! [Less]
Snort OpenAppID Detectors have been updated!
Posted about 10 years ago by [email protected] (Costas Kleopa)
An update has been released today for the Snort OpenAppID Detector content.This release, build 251, includesA total of 2,633 detectors.This was a maintenance release with some minor fixes and improvementsIt also includes some additional detectors ... [More] that came in from the open source community. For more details on which contributions were included, we have added them in the AUTHORS file in this package.Available now for download from our downloads page, we look forward to you downloading and using the new features of 2.9.7.0's OpenAppID preprocessor and sharing your experiences with the community.The OpenAppID community has a mailing list specifically dedicated to the exchange and discussion of detector content.  Please visit the mailing lists page to sign up. [Less]
Snort++ Update
Posted about 10 years ago by [email protected] (Russ Combs)
Pushed build 166 to github (snortadmin/snort3):fix link error with g++ 4.8.3support multiple script-path args and single filespiglet bug fixesadd usage examples with live interfaces (thanks to Aman Mangal <[email protected]> for reporting ... [More] the issue)fixed port_scan packet selectionfixed rpc_decode sequence number handling and buffer setupperf_monitor fixes for file output [Less]
Snort Subscriber Rule Set Update for 08/18/2015, 2.9.7.2 EOL
Posted about 10 years ago by [email protected] (Joel Esler)
Just released:Snort Subscriber Rule Set Update for 08/18/2015We welcome the introduction of the newest rule release from Talos. In this release we introduced 55 new rules and made modifications to 17 additional rules.Talos's rule release: Microsoft ... [More] Internet Explorer Vulnerability CVE-2015-2502: Microsoft Internet Explorer suffers from programming errors that may lead to remote code execution. Previously released rules will detect attacks targeting this vulnerability and have been updated with the appropriate reference information. They are included in this release and are identified with GID 1, SIDs 35536 through 35537.  Talos has added and modified multiple rules in the blacklist, browser-plugins, file-flash, file-multimedia, file-pdf, indicator-compromise, malware-cnc, policy-other and server-webapp rule sets to provide coverage for emerging threats from these technologies. In order to subscribe now to Talos's newest rule detection functionality, you can subscribe for as low as $29 US dollars a year for personal users, be sure and see our business pricing as well at https://www.snort.org/products. Make sure and stay up to date to catch the most emerging threats! [Less]
2015 Snort Scholarship Winners!
Posted about 10 years ago by [email protected] (Joel Esler)
Columbia, MD – August 18, 2015 – Snort® today announced that it has selected JT Blodgett and Richard McCaslin as the recipients of the 2015 Snort Scholarship. The scholarships, each worth $5,000, are awarded to university students around the world ... [More] that use Snort to further their education and gain hands-on experience in network security.To qualify, applicants must be enrolled in a university that uses Snort to protect its network or uses Snort as part of the curriculum in the classroom. The scholarships assist the winning students in completing their degrees and covering educational costs. Snort selected JT and Richard from a pool of tens of thousands of applicants, making this year the highest number of applicants to the Snort Scholarship in the history of the award:JT Blodgett is pursuing a Bachelors of Science in Electrical Engineering and studying Cyber Security in the ACES program at the University of Maryland, College ParkRichard McCaslin is pursing a Masters of Science in IT - Information Assurance Concentration, at the University of Texas in San Antonio.To assist the winning students in completing their degrees, Sourcefire has awarded each a $5,000 scholarship for educational costs at the students’ respective universities. Sourcefire, now a part of Cisco, developed the Snort Scholarship in 2004 as a way to give back to the open source and security communities. Since the inception of the Snort Scholarship program seven years ago, Sourcefire has recognized university students from around the world, including the United States, Australia, Turkey, Mexico, the Netherlands and Rwanda. Snort is the world’s most widely deployed intrusion detection and prevention technology with more than 400,000 registered users and over 5 million downloads to date.Congratulations to our winners! [Less]
Snort 2.9.7.2 is now EOL!
Posted about 10 years ago by [email protected] (Joel Esler)
Several weeks ago, I reminded everyone that Snort 2.9.7.2 was approaching it's end of life, and after I posted that, we saw tens of thousands of you move to an updated version, so thank you.  However, we still have several thousand on that version ... [More] , and guess what?Today is the day to move.For more information on our EOL policy, please visit Snort.org's EOL page where all the current versions and expiration dates are listed.The current version of Snort is 2.9.7.5, and is available from our downloads page on Snort.org.Thanks for your support of Snort! [Less]
Snort 2.9.8 Beta has been released!
Posted about 10 years ago by [email protected] (Joel Esler)
Join us as we welcome the newest Snort beta, 2.9.8!  Check out the following release notes:Snort 2.9.8 Beta[*] New additionsAppID is no longer experimental.SMBv2/SMBv3 support for file inspection. Port override for metadata service in IPS rules.AppID ... [More] Lua detector performance profiling.Perfmon dumps stats at fixed intervals from absolute time.New preprocessor alert (18:120) to detect SSH tunneling over HTTPNew config option |disable_replace| to disable replace rule option.New Stream configraution |log_asymmetric_traffic| to control logging to syslog.New shell script in tools to create simple Lua detetors for AppID.[*] Improvementssfip_t refactored to use struct in6_addr for all ip addresses.Post-detection callback for preprocessors.AppID support for multiple server/client detectors evaluting on same flow.AppID API for DNS packets.Memory optimizations throughout.Support sending UDP active responses.Fix permon tracking of pruned packets.Improved support for expected sessions.You can download and use Snort 2.9.8 beta after downloading it from the Snort.org Downloads page under "Development Releases"Feedback on Snort 2.9.8.0 Beta can be provided on the Snort-Devel mailing list!Thank you for supporting Snort. [Less]