Snort.org - Snort saved my bacon! http://www.snort.org/pub-bin/snortnews.cgi en News articles from Snort.org Snort 2.8.2 Release Candidate Now Available http://www.snort.org/pub-bin/snortnews.cgi#764
A release candidate of Snort 2.8.2 is now available on snort.org, at
http://www.snort.org/dl/

Snort 2.8.2 introduces performance improvements in fast pattern matcher
CPU caching and rules processing for common rule options.

Please see the release notes and changelog for more details.

Happy Snorting!
The Snort Release Team]]> Snort Release Team (Sourcefire) May 06, 2008 16:46:38 OSSEC v1.5 released http://www.snort.org/pub-bin/snortnews.cgi#763
OSSEC is an Open Source Host-based Intrusion Detection System. It performs log analysis, integrity checking, Windows registry monitoring, rootkit detection, real-time alerting and active response. It runs on most operating systems, including Linux, OpenBSD, FreeBSD, MacOS, Solaris and Windows.

This new release comes with numerous new features, including new LIDS (log-based IDS) support for Solaris BSM, Asterisk, Checkpoint, Postfix SASL, Smart Defense, Debian package and Shorewall logs. It also comes with support for localized pure-ftpd log messages (in more than 12
different languages) and DJB multilog. In addition to that, our installation was translated to Greek (our 12th language translation), and the agent_control tool was added to better manage the agents directly from the server...

And there is more...

For a full list of new features, visit:
http://www.ossec.net/main/ossec-v15-released

To download it: http://www.ossec.net/main/downloads/]]> Daniel Cid May 02, 2008 09:18:47 VRT Certified Rules Update Available http://www.snort.org/pub-bin/snortnews.cgi#762 The Sourcefire VRT is aware of vulnerabilities affecting CA BrightStor ARCServe Backup and Oracle Database Server.

These rules are available to subscribers only until Friday, May 30, 2008.

Download rules | view advisory | view changelog | subscribe now.

]]> Sourcefire VRT (Sourcefire) May 01, 2008 12:29:41 Snort wins SC Magazine Europe 2008 Best Network Security Award http://www.snort.org/pub-bin/snortnews.cgi#760 Hi everyone,

I just wanted to let you know that Snort won the SC Magazine Europe 2008 award for “Best Security Product”. The full article with all of the winners is available at:

http://www.scmagazine.com/uk/news/article/804222/sc-awards-europe-2008-winners-announced/

Please join me in congratulating the Marty and the rest of the Snort team!

Regards,

Mike

]]> Mike Guiterman (Sourcefire) April 24, 2008 16:47:32 Snort.org Maintenance http://www.snort.org/pub-bin/snortnews.cgi#759 Hi everyone,

The snort.org maintenance window announced a few weeks ago had to rescheduled.  The new maintenance window will be Thursday April 24, 8:00 PM - 10:00 PM US Eastern Time.  Snort.org and lists.snort.org will be unavailable during this time.  Snort-users, Snort-dev, and Snort-sigs mailing lists will be unaffected.


Regards,

Mike

]]> Mike Guiterman (Sourcefire) April 23, 2008 17:31:35 VRT Certified Rules Update Available http://www.snort.org/pub-bin/snortnews.cgi#758 The Sourcefire VRT is aware of vulnerabilities affecting HP OpenView and Asterisk Open Source applications.

These rules are available to subscribers only until Thursday, May 22, 2008.

Download rules | view advisory | view changelog | subscribe now.

]]> Sourcefire VRT (Sourcefire) April 22, 2008 16:37:27 Scholarship Deadline is Tomorrow http://www.snort.org/pub-bin/snortnews.cgi#757 I wanted to remind everyone that the application deadline for the Snort Scholarship is April 15, 2008. If you're interested in a $5,000 Scholarship make sure to submit your application by 12:00 AM EDT on April 16, 2008.

The application is available at: http://www.sourcefire.com/products/snort/scholarship/application/

Good Luck!

Mike

]]> Mike Guiterman (Sourcefire) April 14, 2008 17:22:36 Snort v2.8.1 Available http://www.snort.org/pub-bin/snortnews.cgi#755 Hi everyone,

Snort v2.8.1 is now available. View the release notes for all of the new features and improvements. Highlights include:

  • Target-based support allowing rules to use an attribute table describing services
  • Support for IP over IP tunneling (IP v4 and IP v6)
  • SSL Preprocessor
  • Updated HTTP Inspect
  • Upated IP v6 Support
  • Platform support enhancements
You can view the release notes and download the latest at: http://www.snort.org/dl/ ]]> Mike Guiterman (Sourcefire) April 04, 2008 16:18:58 VRT Certified Rules Update Available http://www.snort.org/pub-bin/snortnews.cgi#754 The Sourcefire VRT has added multiple rules in the spyware-put and web-client categories to provide coverage for emerging spyware and ActiveX control threats.

These rules are available to subscribers only until Friday, May 2, 2008.

Download rules | view advisory | view changelog | subscribe now.

]]> Sourcefire VRT (Sourcefire) April 02, 2008 18:38:37 Logging packets to MySQL http://www.snort.org/pub-bin/snortnews.cgi#753 Hi everyone,

There's a short how to on TechRepublic on configuring Snort to log packets to MySQL.  Here's the link:

http://blogs.techrepublic.com.com/opensource/?p=184

Have a great day.

Mike

]]> Mike Guiterman (Sourcefire) March 31, 2008 20:14:29