Home Security Cybersecurity Snort 3 beta available now!

Snort 3 beta available now!

September 10, 2018 - 3:29 am

2662

2 min read

On 29th August 2018, the team at Snort released the fourth alpha of the next generation Snort IPS– Snort 3, in beta version. Along with all the Snort 2.X features, this version of Snort++ includes new features as well as bug fixes for the base version of Snort.

Here are some key features of Snort++:

Support provided for multiple packet processing threads
Shared configuration and attribute table available
Simple, scriptable configuration
Key components are now pluggable
Autodetect services for portless configuration
Support for sticky buffers in rules
Autogenerate reference documentation
Provide better cross-platform support
Facilitate component testing
Support pipelining of packet processing, hardware offload and data plane integration, and proxy mode

Below is a brief gist of these upgrades,

Easy Configuration

LuaJIT is used for configuration with a consistent, and executable syntax.

Better Detection of Services

The team has worked closely with Cisco Talos to update rules to meet their needs, including a feature they call “sticky buffers.” The Hyperscan search engine, and regex fast patterns make rules faster and more accurate.

HTTP Support

Snort 3 has a stateful HTTP inspector that handles 99 percent of the HTTP Evader cases. The aim is to achieve 100% coverage soon. The HTTP support also includes new rule options.

Better Performance

Deep packet inspection now gives a better performance. Snort 3 supports multiple packet-processing threads, and scales linearly with a much smaller amount of memory required for shared configs.

JSON event logging

This can be used to integrate with tools such as the Elastic Stack. Check out the Snort blog post for more details on the same.

More Plugins!

Snort 3 was designed to be extensible. It has over 225 of plugins of various types. It is easy for users to add their own codec, inspector, rule action, rule option, or logger.

In addition to all these features, users can also watch out for additional upgrades like next generation DAQ, connection events, search engine acceleration among others. To know more about the release of Snort 3, head over to Snort’s official page.

Top 6 Cybersecurity Books from Packt to Accelerate Your Career

Your Quick Introduction to Extended Events in Analysis Services from Blog…

Logging the history of my past SQL Saturday presentations from Blog…

Storage savings with Table Compression from Blog Posts – SQLServerCentral

Daily Coping 31 Dec 2020 from Blog Posts – SQLServerCentral

Learning Essential Linux Commands for Navigating the Shell Effectively

Exploring the Strategy Behavioral Design Pattern in Node.js

How to integrate a Medium editor in Angular 8

Implementing memory management with Golang’s garbage collector

How to create sales analysis app in Qlik Sense using DAR…

Snort 3 beta available now!

Here are some key features of Snort++:

Easy Configuration

Better Detection of Services

HTTP Support

Better Performance

JSON event logging

More Plugins!

Read Next-

Must Read in Security

Top 6 Cybersecurity Books from Packt to Accelerate Your Career

Win-KeX Version 2.0 from Kali Linux

Kali Linux 2020.3 Release (ZSH, Win-Kex, HiDPI & Bluetooth Arsenal) from...

Interviews

Learn Transformers for Natural Language Processing with Denis Rothman

Clean Coding in Python with Mariano Anaya

Bringing AI to the B2B world: Catching up with Sidetrade CTO Mark Sheldon [Interview]

On Adobe InDesign 2020, graphic designing industry direction and more: Iman Ahmed, an Adobe Certified Partner and Instructor [Interview]

Is DevOps experiencing an identity crisis? [Interview]

MobilePro

datapro

Programming

Subscribe to our newsletter