Snort 3.1.83.0 26 Mar 03:25
Snort is the foremost Open Source Intrusion Prevention System (IPS) in the world. Snort IPS uses a series of rules that help define malicious network activity and uses those rules to find packets that match against them and generates alerts for users. Snort can be deployed inline to stop these packets, as well. Snort has three primary uses: As a packet sniffer like tcpdump, as a packet logger — which is useful for network traffic debugging, or it can be used as a full-blown network intrusion pr
major bugfix: Detection: use correct packet in trace logs. Doc: add libml to optional dependencies. Flow: add filter to dump flows. Flow: UT. Hash: exception handling for random device. Packet_capture: wrong dlt in pcap header when nfq is used. Stream: count retransmits when we disable content rules. Trace: replace colon delimiter for tenant with whitespace in the trace_logger output.