SnortSP 3.0 Available now!
I know I’m a few days late, however Snort Security Platform (SnortSP) 3.0 Beta is available from Snort’s website. SnortSP 3.0 is the software platform which has traffic analysis engine modules that plug into SnortSP. It still runs on the 2.8.2 detection platform but it runs as a SnortSP engine module.
Some of the major features include:
- Shell-based user interface with embedded scripting language
- Native IPv6, MPLS and GRE support
- Native support for inline operation
- More subsystem plugin types such as data acquisition modules, decoders and traffic analyzers
- Multithreaded execution model - multiple analysis engines may operate simultaneously on the same traffic
- Performance increases
I’ve been messing around with it for a few days now and have found it to be an entirely different program altogether as the syntax and commands to get it up and running can become rather of a headache when first starting out. Overall though I like the idea of multiple detection analysis engines as well as the shell-based interface therefore preventing you from simply killing the snort process inadvertently. Anyways, thought I’d let you all know that it’s there now for all your sniffing needs!
Add New Comment
Thanks. Your comment is awaiting approval by a moderator.
Do you already have an account? Log in and claim this comment.
Add New Comment
Trackbacks
(Trackback URL)