Re: Snort 2.0 Released!

From: Martin Roesch (roesch@sourcefire.com)
Date: 04/15/03

  • Next message: Quynh Nguyen Anh: "host-based ips ?"
    Date: Mon, 14 Apr 2003 18:32:07 -0400
    From: Martin Roesch <roesch@sourcefire.com>
    To: focus-ids@securityfocus.com
    
    

    On 4/14/03 11:58 AM, "Martin Roesch" <roesch@sourcefire.com> wrote:

    > Snort 2.0 has been released and is available at http://www.snort.org.
    > Snort 2.0 is the result of many months of effort on the part of dozens
    > of people and has a slew of new features:

    [...snip...]

    > ----------------------------------------------------------------------------
    > INTRUSION PREVENTION: READY FOR PRIME TIME?
    >
    > IntruShield now offers unprecedented Intrusion IntelligenceTM capabilities -
    > including intrusion identification, relevancy, direction, impact and analysis
    > - enabling a path to prevention.
     
    > Download the latest white paper "Intrusion Prevention: Myths, Challenges, and
    > Requirements" at: http://www.securityfocus.com/IntruVert-focus-ids

    I'd like to note that the advertisement added by SecurityFocus to my Snort
    2.0 release announcement should in no way be seen as an endorsement of
    Intruvert's products or philosophy by me. They probably wouldn't like my
    answer their lead-in question.... :)

        -Marty

    -- 
    Martin Roesch - Founder/CTO Sourcefire Inc. - (410) 290-1616
    Sourcefire: Professional Snort Sensor and Management Console appliances
    roesch@sourcefire.com - http://www.sourcefire.com
    Snort: Open Source Network IDS - http://www.snort.org
    ------------------------------------------------------------------------------
    INTRUSION PREVENTION: READY FOR PRIME TIME?
     
    IntruShield now offers unprecedented Intrusion IntelligenceTM capabilities - 
    including intrusion identification, relevancy, direction, impact and analysis - enabling a path to prevention. 
     
    Download the latest white paper "Intrusion Prevention: Myths, Challenges, and Requirements" at: http://www.securityfocus.com/IntruVert-focus-ids
    

  • Next message: Quynh Nguyen Anh: "host-based ips ?"

    Relevant Pages

    • RE: dragon and snort logs
      ... Send the snort alerts via syslog to a remote host. ... snort syslog into Dragon HIDS, ... INTRUSION PREVENTION: READY FOR PRIME TIME? ...
      (Focus-IDS)
    • sidestep
      ... I have a snort box and I am testing it using a tool called sidestep. ... type of attack you want, for example RPC, DNS, FTP etc and then run it ... INTRUSION PREVENTION: READY FOR PRIME TIME? ...
      (Focus-IDS)
    • RE: Snort test logs available?
      ... Whether you use these or the ones from SANS you will want to run snort ... repositories of Snort logs which we could use to test our tools. ... IntruShield now offers unprecedented Intrusion ... > INTRUSION PREVENTION: READY FOR PRIME TIME? ...
      (Focus-IDS)
    • Snort 2.0 Released!
      ... Snort 2.0 has been released and is available at http://www.snort.org. ... New detection keywords: byte_test & byte_jump ... Enhancements to self preservation mechanisms in stream4 and frag2 ... Snort-based Enterprise Intrusion Detection Infrastructure ...
      (Focus-IDS)
    • RE: ISS and Snort logs
      ... Integrating through their HIDS should take care of meta-data ... >> the Snort DB. ... > INTRUSION PREVENTION: READY FOR PRIME TIME? ... > IntruShield now offers unprecedented Intrusion IntelligenceTM ...
      (Focus-IDS)