[Oisf-devel] Suricata 0.8.1 Released!

Matt Jonkman jonkman at jonkmans.com
Fri Feb 19 18:33:19 UTC 2010

We're proud to announce that a new version of the Suricata engine is
available for download! There are some major changes and significant
improvements, we ask that you give this a run and continue giving us
feedback and patches!


The 0.8.1 release brings the following new features:

- the engine will now detect the number of cpu's/core's and setup the
engine to use them fully
- libhtp is now included in the source
- experimental CUDA support for NVIDIA GPU accelerated pattern matching
- initial support for Win32 (using mingw) was added
- FreeBSD/Mac OS X IPFW inline support was added
- many options in the configuration file for performance tuning
- VLAN decoding support was added
- Prelude output support

Major issues fixed & improvements made:

- threading issues in the unified1 and unified2 logging modules
- major stream engine issues were solved
- uricontent, urilen inspection is now done against the libhtp parsed uri
- ip only signature detection fixes in inline mode
- add the /P (request body) option to the pcre keyword
- many SMB, SMB2 and DCERPC improvements
- logging is more configurable
- pcap and pfring modes support for bpf was added
- many bugs were fixed, cleanups were made

Known issues:

- Some signatures fail to load because of missing keywords or keyword
- We have identified some serious performance issues with certain
signatures and traffic combinations
- Although we improved big endian support, there are still some issues
- CUDA code is expected to work only on 32bit and probably doesn't speed
things up yet as we will need further redesign to fully benefit

Matthew Jonkman
Emerging Threats
Open Information Security Foundation (OISF)
Phone 765-429-0398
Fax 312-264-0205

PGP: http://www.jonkmans.com/mattjonkman.asc

More information about the Oisf-devel mailing list