Snort v3.1.57 releases: Intrusion Prevention System

Snort++

The Snort++ (Snort 3) project has been hard at work for a while now and we have released the fourth alpha of the next generation Snort IPS (Intrusion Prevention System). This file will show you what Snort++ has to offer and guide you through the steps from download to demo.

This version of Snort++ includes new features as well as all Snort 2.X features and bug fixes for the base version of Snort except as indicated below:

Project = Snort++
Binary = snort
Version = 3.0.0-a4 build 235
Base = 2.9.8 build 383

Here are some key features of Snort++:

• Support multiple packet processing threads
• Use a shared configuration and attribute table
• Use a simple, scriptable configuration
• Make key components pluggable
• Autodetect services for portless configuration
• Support sticky buffers in rules
• Autogenerate reference documentation
• Provide better cross-platform support
• Facilitate component testing

Additional features on the roadmap include:

• Use a shared network map
• Support pipelining of packet processing
• Support hardware offload and data plane integration
• Support proxy mode
• Windows support

Changelog v3.1.57

Changes in this release since 3.1.56.0:

• ftp_telnet: updated flushing around subnegotiation parameters
• profiler: add rule time percentage table field
• search_engine: allocate a single shared scratch space

Download && Install