Snort 3 beta 3.0.0-255 releases: Intrusion Prevention System

Snort++

The Snort++ (Snort 3) project has been hard at work for a while now and we have released the fourth alpha of the next generation Snort IPS (Intrusion Prevention System). This file will show you what Snort++ has to offer and guide you through the steps from download to demo.

This version of Snort++ includes new features as well as all Snort 2.X features and bug fixes for the base version of Snort except as indicated below:

Project = Snort++
Binary = snort
Version = 3.0.0-a4 build 235
Base = 2.9.8 build 383

Here are some key features of Snort++:

  • Support multiple packet processing threads
  • Use a shared configuration and attribute table
  • Use a simple, scriptable configuration
  • Make key components pluggable
  • Autodetect services for portless configuration
  • Support sticky buffers in rules
  • Autogenerate reference documentation
  • Provide better cross-platform support
  • Facilitate component testing

Additional features on the roadmap include:

  • Use a shared network map
  • Support pipelining of packet processing
  • Support hardware offload and data plane integration
  • Support proxy mode
  • Windows support

Changelog 3.0.0-255

— ips: add includer for better relative path support
— module_manager: Fix potential null deref in module parameter dumping

Download && Install

Share