Snort: Intrusion Prevention System

by ddos ·

Snort++

Snort 3 is the next generation Snort IPS (Intrusion Prevention System).

 

Snort 3

This version of Snort++ includes new features as well as all Snort 2.X features and bug fixes for the base version of Snort except as indicated below:

Project = Snort++
Binary = snort
Version = 3.0.0-a4 build 235
Base = 2.9.8 build 383

Here are some key features of Snort++:

  • Support multiple packet processing threads
  • Use a shared configuration and attribute table
  • Use a simple, scriptable configuration
  • Make key components pluggable
  • Autodetect services for portless configuration
  • Support sticky buffers in rules
  • Autogenerate reference documentation
  • Provide better cross platform support
  • Facilitate component testing
  • Use a shared network map

Additional features on the roadmap include:

  • Use a shared network map
  • Support pipelining of packet processing
  • Support hardware offload and data plane integration
  • Support proxy mode
  • Windows support

Download && Install

Tags: Snort 3