[Snort-users] Snort 3.0 Beta 3 is available.
This is a discussion on [Snort-users] Snort 3.0 Beta 3 is available. within the Snort forums, part of the System Security and Security Related category; Go get it here: http://www.snort.org/dl/snortsp/ >From the RELEASE.NOTES Snortsp-3.0.0b3: * Updated ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
04-01-2009
|
|||
|
|||
[Snort-users] Snort 3.0 Beta 3 is available.
Go get it here:
http://www.snort.org/dl/snortsp/ >From the RELEASE.NOTES Snortsp-3.0.0b3: * Updated snort analytic to 2.8.3.1. * Added dynamic-plugins/sf_engine/examples/ and tweaked sspiffy.sh to handle SO rules. * Hardened PORTLISTS code. * Fixed load balancing bug in framework. * Better integration of the Snort analytic with the framework. Packet decoding and flow computation are now done solely by the framework. * Added more options to sspiffy.sh. * Added single threaded mode (configure --enable-single-threaded). More on this below. * Reduced thread local storage (TLS) accesses. * Changed shared objects to use hidden visibility by default to reduce translation overhead. The SnortSP architecture was designed to be as flexible as possible to obtain the best performance for your security software on any given platform. In this 3rd Beta release, you can build SnortSP in two basic ways: * Multithreaded mode (original): this is the default. In this mode the core functions like packet acquisition, decoding, and flowing are peformed by the framework in one thread and the analytics perform detection in their own separate threads. * Single-threaded mode (new): this is enabled by configure --enable-single-threaded. In this mode, the framework and analytics are "stacked" up to run sequentially in the same thread. You can even configure multiple stacks to run in parallel. In either mode, you can pin the engine and analytics to specific processors on multicore systems. That's the basics. I'll be doing a more extensive posting to cover the architectural changes shortly. Thanks to the Snort Team and everyone at Sourcefire who helped get this one out the door! Marty -- Martin Roesch - Founder/CTO, Sourcefire Inc. - +1-410-290-1616 Sourcefire - Security for the Real World - http://www.sourcefire.com Snort: Open Source IDP - http://www.snort.org ------------------------------------------------------------------------------ _______________________________________________ Snort-users mailing list Snort-users@lists.sourceforge.net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/...fo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.p...st=snort-users 
|
Linear Mode
