In association with heise online

« previous | next »
27 April 2010, 17:56

Intrusion detector Snort now has improved HTTP inspection

Snort Logo According to the Snort developers, the latest 2.8.6 release can now divide HTTP requests into five components – method, URI, header, cookies and body – to allow better analysis. This makes it easier to apply rules to individual components. Decompression of packets zipped using Gzip has been improved and a sensitive data filter, which seeks to detect and prevent the transfer of personal data, implemented. There are a number of additional fixes and stability enhancements.

In a post on its blog, Sourcefire points out a couple of stumbling blocks which arise as a result of the change in rules files version numbers. Version 0.4.1 of Snort rules updater PulledPork is also available and includes a number of improvements.

More details about the release can be found in the release notes (direct download text file). Snort 2.8.6.0 is available to download from the project's web site and is dual licensed under version 2 of the GNU General Public License (GPLv2) and the Non-Commercial Use License for the Proprietary Snort Rules.

See also:

(crve)

Add your comment

« previous | next »
Print Version | Send by email | Permalink: http://h-online.com/-988356

Also on The H:

  • Share this article
  • Twitter
  • Facebook
  • digg this
  • submit to slashdot
  • post to delicious
  • StumbleUpon
  • submit to reddit
The H Open Headlines

Price Insight Top 10 powered by Skinflint

  1. Samsung SSD 830 Series 128GB
  2. Samsung SSD 830 Series 256GB
  3. Samsung SSD 830 Series Desktop Upgrade Kit 256GB
  4. Intel Core i5-3570K
  5. Samsung Galaxy S3 i9300 16GB blau
  6. Crucial m4 SSD 128GB
  7. Diablo 3 (deutsch)
  8. Gigabyte GeForce GTX 670 OC
  9. Samsung Galaxy Nexus i9250 16GB silber
  10. Palit GeForce GTX 670

The H

The H open source

The H Security

The H Internet Toolkit