diff options
| author | rh <rh@pkgsrc.org> | 2000-12-27 10:08:35 +0000 |
|---|---|---|
| committer | rh <rh@pkgsrc.org> | 2000-12-27 10:08:35 +0000 |
| commit | 589043a29f65318a6a05130b1563ca1665ce45a9 (patch) | |
| tree | 3abf6292eaccb0d1efffa8c9bfc46dce121444fe /ham | |
| parent | 2547c005cebe008edcb8853e8501bac3418b630b (diff) | |
| download | pkgsrc-589043a29f65318a6a05130b1563ca1665ce45a9.tar.gz | |
Update snort to 1.6.3.2. Notable changes include:
Fixes and additions:
* Fixed compilation problems on all non-BSD operating systems
* Added better configuration support for locating libpcap
* Fixed ICMP ping packet id/sequence printouts
* Made allowances for 64-bit machines in the decoders
* Updated the portscan detector to the latest version
* Disabled the defragmenter by default (in the rules file)
* Added a patch from Dave Dittrich to make daemon mode alerts
filenames conform
* to the data in the documentation
* Revamped the ICMP data structures to mimic those found in *BSD
and provide for higher fidelity decoding/printout in the future
* Repaired the output plugins so that they operate properly now
* For the record, the payload dump conforms to the length of the IP
datagram now and does not show pad bytes added by the minimum
Ethernet frame size
* Applied Chris Cramer's byte ordering patch to the flexresp code
Other updates and changes since version 1.6:
* New preprocessor plugin: IP defragmentation!!
* New output plugins cover all old logging and alerting options
* New output plugin no logs to MySQL, PostgreSQL, unixODBC databases
* Updated portscan detection functionality
* Added quote removal for most plugin parsers
* -C crash bug fixed
* PID/PATH_VARRUN file fixes
* Converted many putc(3) calls to fputc(3) for portability
* Transport layer decoders use ip_len field for length metric now
* String tokenizer code modified for more reliable operation
* Fixed flexible response code sequence prediction
* Fixed DEBUG ifdef's so DEBUG mode code will compile correctly on all
platforms
* Set automake options so that people don't need gmake anymore to
build Snort on BSD systems
* Fixed SMB alert code large tmp file hole
* Added sigsetmask code to fix SIGHUP weirdness
* Added execvp option for SIGHUP restart code
* Added ARP header printout validation
* Added Session logging file integrity checking
* Added -u/-g setuid/gid capability switches
* Added -O IP address obfuscation switch
* Added -t chroot switch
* Fixed non-TCP/UDP/ICMP transport layer decoding & logging
* Fixes and additions to the portscan preprocessor
* Fixed Tru64 u_int* type declarations
* Added check for pcap.h into configuration script
* Fixed timeval problems on Linux boxen
* Database logging plugin has been modified extensively, see the
www.incident.org website for more information
* Switched TCP flags printout routine to ensure proper RFP output
scan output. ;)
* Fixed default log/alert function code so that these functions are
never NULL
Diffstat (limited to 'ham')
0 files changed, 0 insertions, 0 deletions