[Oisf-devel] Suricata 3.2beta1 is available for testing

Victor Julien victor at inliniac.net
Mon Oct 3 14:28:04 UTC 2016


We're happy to announce Suricata 3.2beta1. The plan is to release a
release candidate within a few weeks, so please help us test this release!

This release includes a large detection engine rewrite that should make
it much easier to extend Suricata with new keywords.

We've also converted the user guide to sphinx. Lots of work still to be
done, but for a preview check http://suricata.readthedocs.io/en/latest/

Get the release here:
https://www.openinfosecfoundation.org/download/suricata-3.2beta1.tar.gz

*High level changes*

Feature #509: add SHA1 and SHA256 checksum support for files
Feature #1231: ssl_state negation support
Feature #1345: disable NIC offloading by default
Feature #1373: Allow different reassembly depth for filestore rules
Feature #1495: EtherNet/IP and CIP support
Feature #1583: tls: validity fields (notBefore and notAfter)
Feature #1657: Per application layer stats
Feature #1896: Reimplement tls.subject and tls.isserdn
Feature #1903: tls: tls_cert_valid and tls_cert_expired keywords
Feature #1907: http_request_line and http_response_line

*Special thanks*

Stamus Networks, NorCert, Solana Networks, CoverityScan

Mats Klepsland, Giuseppe Longo, Duarte Silva, Tom Decanio, Kevin Wong


*Known issues & missing features*

In a beta release like this things may not be as polished yet. So please
handle with care. That said, if you encounter issues, please let us
know! As always, we are doing our best to make you aware of continuing
development and items within the engine that are not yet complete or
optimal.  With this in mind, please notice the list we have included of
known items we are working on.

See http://redmine.openinfosecfoundation.org/projects/suricata/issues
for an up to date list and to report new issues. See
http://redmine.openinfosecfoundation.org/projects/suricata/wiki/Known_issues
for a discussion and time line for the major issues.


*SuriCon 2.0*

Join us in Washington, D.C. November 9-11 for the 2nd Suricata User
Conference. http://suricon.net/


*Training & Support*

Need help installing, updating, validating and tuning Suricata? We have
a training session coming up just before SuriCon: November 7 & 8 in
Washington, D.C.: see http://suricata-ids.org/training/ Conference
attendees get a 20% discount!

For support options also see http://suricata-ids.org/support/


*About Suricata*

Suricata is a high performance Network Threat Detection, IDS, IPS and
Network Security Monitoring engine. Open Source and owned by a community
run non-profit foundation, the Open Information Security Foundation
(OISF). Suricata is developed by the OISF, its supporting vendors and
the community.
-- 
---------------------------------------------
Victor Julien
http://www.inliniac.net/
PGP: http://www.inliniac.net/victorjulien.asc
---------------------------------------------



More information about the Oisf-devel mailing list