Snort: Intrusion Prevention System
Snort++
Snort 3 is the next generation Snort IPS (Intrusion Prevention System).
This version of Snort++ includes new features as well as all Snort 2.X features and bug fixes for the base version of Snort except as indicated below:
Project = Snort++ Binary = snort Version = 3.0.0-a4 build 235 Base = 2.9.8 build 383
Here are some key features of Snort++:
- Support multiple packet processing threads
- Use a shared configuration and attribute table
- Use a simple, scriptable configuration
- Make key components pluggable
- Autodetect services for portless configuration
- Support sticky buffers in rules
- Autogenerate reference documentation
- Provide better cross platform support
- Facilitate component testing
- Use a shared network map
Additional features on the roadmap include:
- Use a shared network map
- Support pipelining of packet processing
- Support hardware offload and data plane integration
- Support proxy mode
- Windows support
