diff options
author | salo <salo@pkgsrc.org> | 2003-04-16 06:37:19 +0000 |
---|---|---|
committer | salo <salo@pkgsrc.org> | 2003-04-16 06:37:19 +0000 |
commit | 8dd2d2ad1d34f90875e380e2e21091677d393763 (patch) | |
tree | c1c4b6e5449d3a48997a05aca28fa1ac46c772bb /net/snort/PLIST | |
parent | e88489b19454038603fd537d33852ffe1f578bd5 (diff) | |
download | pkgsrc-8dd2d2ad1d34f90875e380e2e21091677d393763.tar.gz |
Updated to version 2.0.0.
IMPORTANT: This version fixes remotely exploitable heap overflow in the stream4
preprocessor module.
Advisory: http://www.coresecurity.com/common/showdoc.php?idx=313&idxseccion=10
Changes:
2.0.0:
======
- Enhanced high-performance detection engine
- Stateful Pattern Matching
- New detection keywords: byte_test & byte_jump
- The Snort code base has undergone an external third party professional
security audit funded by Sourcefire (http://www.sourcefire.com)
- Many new and updated rules
- snort.conf has been updated
- Enhancements to self preservation mechanisms in stream4 and frag2
- State tracking fixes in stream4
- New HTTP flow analyzer
- Enhanced protocol decoding (TCP options, 802.1q, etc)
- Enhanced protocol anomaly detection (IP, TCP, UDP, ICMP, RPC, HTTP, etc)
- Enhanced flexresp mode for real-time TCP session sniping
- Better chroot()'ing
- Tagging system updated
- Several million bugs addressed....
- Updated FAQ (thanks to Erek Adams and Dragos Ruiu) Snort 2.0 can be
downloaded at http://www.snort.org/dl/snort-2.0.0.tar.gz. Binary
versions of the codebase will be built over the next several days and
made available at here.
2.0.rc4:
========
- byte_jump/byte_test don't force relative content options
- byte_jump/byte_test absolute offsets work
- Better FIN handling in Stream4
2.0.rc3:
========
- A low memory usage detection method (enabled via "config detection:
search-method lowmem")
- Moved the default unix socket location to LOGDIR
2.0.rc2:
========
- syslog should work on win32 and unix
- major tagging updates
- new UDP decoding alerts
- snort.conf updates
2.0.rc1:
========
- Higher performance (due to a new pattern matcher and rebuilt detection
engine)
- Better decoders
- Enhanced stream reassembly and defragmentation
- Tons of bug fixes
- Updated rules
- Updated snort.conf
- New detection keywords (byte_test, byte_jump, distance, within) &
stateful pattern matching
- New HTTP flow analyzer
- Enhanced anomaly detection (HTTP, RPC, TCP, IP, etc)
- Better self preservation in stateful subsystems
- Xrefs fixed
- Flexresp works faster and more effectively
- Better chroot()'ing
- Fixed 802.1q decoding
- Better async state handling
- New alerting option: -A cmg!!
Diffstat (limited to 'net/snort/PLIST')
-rw-r--r-- | net/snort/PLIST | 9 |
1 files changed, 3 insertions, 6 deletions
diff --git a/net/snort/PLIST b/net/snort/PLIST index c24cb079597..571c2fabcdf 100644 --- a/net/snort/PLIST +++ b/net/snort/PLIST @@ -1,4 +1,4 @@ -@comment $NetBSD: PLIST,v 1.8 2003/03/04 01:02:25 salo Exp $ +@comment $NetBSD: PLIST,v 1.9 2003/04/16 06:37:19 salo Exp $ bin/snort etc/rc.d/snort man/man8/snort.8 @@ -11,19 +11,16 @@ share/doc/snort/NEWS share/doc/snort/README share/doc/snort/README.FLEXRESP share/doc/snort/README.PLUGINS -share/doc/snort/README.SNMP share/doc/snort/README.csv share/doc/snort/README.database -share/doc/snort/README.xml share/doc/snort/RULES.todo share/doc/snort/SnortUsersManual.pdf share/doc/snort/TODO share/doc/snort/USAGE +share/doc/snort/snortman.tex share/examples/snort/classification.config share/examples/snort/reference.config share/examples/snort/snort.conf.default -share/snort/rules/SnortCommonMIB.txt -share/snort/rules/SnortIDAlertMIB.txt share/snort/rules/attack-responses.rules share/snort/rules/backdoor.rules share/snort/rules/bad-traffic.rules @@ -76,6 +73,6 @@ share/snort/rules/web-misc.rules share/snort/rules/web-php.rules share/snort/rules/x11.rules @dirrm share/snort/rules +@dirrm share/snort @dirrm share/examples/snort @dirrm share/doc/snort -@dirrm share/snort |