./net/snort, The Open Source Network Intrusion Detection System

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: pkgsrc-2008Q1, Version: 2.8.1, Package name: snort-2.8.1, Maintainer: adrianp

Snort is a libpcap-based packet sniffer/logger which can be used
as a lightweight network intrusion detection system. It features
rules based logging and can perform protocol analysis, content
searching/matching and can be used to detect a variety of attacks
and probes, such as buffer overflows, stealth port scans, CGI
attacks, SMB probes, OS fingerprinting attempts, and much more.

Snort has a real-time alerting capability, with alerts being sent
to syslog or a separate "alert" file. As of version 1.1 it can
also send WinPopup messages via Samba.


Required to run:
[devel/pcre]

Required to build:
[devel/libtool-base]

Package options: inet6

Master sites:

SHA1: 1551ffc7bf60f5330304f3f222fa4f7c4929f5c5
RMD160: cb7cc76c07abbfdddcb4b3a5b5fc39371faf0a0c
Filesize: 4219.125 KB

Version history: (Expand)


CVS history: (Expand)


   2008-05-26 09:50:33 by Tyler R. Retzlaff | Files touched by this commit (3) | Package updated
Log message:
pullup ticket #2398 - requested by adrianp
snort: update for fixes & security vulnerability

revisions pulled up:
- pkgsrc/net/snort/Makefile	1.37
- pkgsrc/net/snort/PLIST	1.27
- pkgsrc/net/snort/distinfo	1.43

   Module Name:	pkgsrc
   Committed By:	adrianp
   Date:		Sun May 25 23:49:07 UTC 2008

   Modified Files:
   	pkgsrc/net/snort: Makefile PLIST distinfo

   Log message:
   Update to 2.8.1

   Includes fix for CVE-2008-1804

   [*] New Additions
   * Target-Based support to allow rules to use an attribute table
    describing services running on various hosts on the network.
    Eliminates reliance on port-based rules.
   * Support for GRE encapsulation for both IPv4 & IPv6.
   * Support for IP over IP tunneling for both IPv4 & IPv6.
   * SSL preprocessor to allow ability to not inspect encrypted traffic.
   * Ability to read mulitple PCAPs from the command line.
   * Support for new CVS rule detection options.

   [*] Improvements
   * Update to HTTP Inspect to identify overly long HTTP header fields.
   * Updates to IPv6 support, including changes to avoid namespace
    conflicts for certain Operating systems.
   * Updates to address issues seen on various Sparc platforms.
   * Stricter enforcement of shared object versions to avoid API
    conflicts.