is a network intrusion prevention and detection system (IDS/IPS) combining the benefits of signature, protocol and anomaly-based inspection.
| overview.txt (snort3-3.1.29.0) | : | overview.txt (snort3-3.1.30.0) |
|---|
| | |
| skipping to change at line 23 | | skipping to change at line 23 |
|---|
| * Hyperscan support | | * Hyperscan support |
| * Rewritten TCP handling | | * Rewritten TCP handling |
| * New rule parser and syntax | | * New rule parser and syntax |
| * Service rules like alert http | | * Service rules like alert http |
| * Rule "sticky" buffers | | * Rule "sticky" buffers |
| * Way better SO rules | | * Way better SO rules |
| * New HTTP inspector | | * New HTTP inspector |
| * New performance monitor | | * New performance monitor |
| * New time and space profiling | | * New time and space profiling |
| * New latency monitoring and enforcement | | * New latency monitoring and enforcement |
|
| * Piglets to facilitate component testing | | |
| * Inspection Events | | * Inspection Events |
| * Autogenerate reference documentation | | * Autogenerate reference documentation |
| | |
| === Efficacy | | === Efficacy |
| | |
| * Detects and blocks all but 10 HTTP Evader tests (see https://noxxi.de/research
/http-evader.html). | | * Detects and blocks all but 10 HTTP Evader tests (see https://noxxi.de/research
/http-evader.html). |
| | |
| * Autodetection of services reduces misses due to incorrect or out of date port
configurations and | | * Autodetection of services reduces misses due to incorrect or out of date port
configurations and |
| improves detection on unexpected command and control channels. | | improves detection on unexpected command and control channels. |
| | |
| | | |
| End of changes. 1 change blocks. |
|---|
| 1 lines changed or deleted | | 0 lines changed or added |
|---|
"Fossies" - the Fresh Open Source Software Archive 