SnortSP 3.0 Available now!

I know Im a few days late, however Snort Security Platform (SnortSP) 3.0 Beta is available from Snorts website. SnortSP 3.0 is the software platform which has traffic analysis engine modules that plug into SnortSP.  It still runs on the 2.8.2 detection platform but it runs as a SnortSP engine module.

Some of the major features include:

  • Shell-based user interface with embedded scripting language
  • Native IPv6, MPLS and GRE support
  • Native support for inline operation
  • More subsystem plugin types such as data acquisition modules, decoders and traffic analyzers
  • Multithreaded execution model – multiple analysis engines may operate simultaneously on the same traffic
  • Performance increases

Ive been messing around with it for a few days now and have found it to be an entirely different program altogether as the syntax and commands to get it up and running can become rather of a headache when first starting out. Overall though I like the idea of multiple detection analysis engines as well as the shell-based interface therefore preventing you from simply killing the snort process inadvertently.  Anyways, thought Id let you all know that its there now for all your sniffing needs!

Leave a Reply