[Oisf-users] Suricata 3.0 is out!

Gary Faulkner gfaulkner.nsm at gmail.com
Wed Jan 27 18:14:58 UTC 2016

I did take a look at Redmine, but I didn't see obvious answers to a 
couple questions. Did the stuff from the dev-grouping code branch make 
it into this release? The discussion about the grouping code looked very 
promising for performance, so if it didn't make it's way in, is there an 
ETA, or is there a dev branch that is fairly well synced up with release 
at this point or that folks have tried and feel is worth giving a go in 
production? Also is PF_RING ZC now supported and working correctly? I 
recall seeing that NTOP had interacted with the Suricata team at one 
point to resolve an issue there, but don't see anything about it in the 
release notes.


On 1/27/16 8:14 AM, Victor Julien wrote:
> We're proud to announce Suricata 3.0. This is a major new release
> improving Suricata on many fronts.
> *Download*
> http://www.openinfosecfoundation.org/download/suricata-3.0.tar.gz
> *Features and Improvements*
> - improved detection options, including multi-tenancy and xbits
> - performance and scalability much improved
> - much improved accuracy and robustness
> - Lua scripting capabilities expanded significantly
> - many output improvements, including much more JSON
> - NETMAP capture method support, especially interesting to FreeBSD users
> - SMTP inspection and file extraction
> For a full list of features added, please see:
> https://redmine.openinfosecfoundation.org/versions/80
> *Upgrading*
> Upgrades from 2.0 to 3.0 should be mostly seamless. Here are some notes:
> https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Upgrading_Suricata_20_to_Suricata_30
> *Special thanks*
> We'd like to thank the following people and corporations for their
> contributions and feedback:
>   FireEye, ProtectWise, ANSSI, Emerging Threats /
>   Proofpoint, Stamus Networks, Ntop, AFL project, CoverityScan
>   Aaron Campbell, Aleksey Katargin, Alessandro Guido,
>   Alexander Gozman, Alexandre Macabies, Alfredo Cardigliano,
>   Andreas Moe, Anoop Saldanha, Antti Tönkyrä, Bill Meeks,
>   Darien Huss, David Abarbanel, David Cannings, David Diallo,
>   David Maciejak, Duarte Silva, Eduardo Arada, Giuseppe Longo,
>   Greg Siemon, Hayder Sinan, Helmut Schaa, Jason Ish,
>   Jeff Barber, Ken Steele, lessyv, Mark Webb-Johnson,
>   Mats Klepsland, Matt Carothers, Michael Rash, Nick Jones,
>   Pierre Chifflier, Ray Ruvinskiy, Samiux A, Schnaffon,
>   Stephen Donnelly, sxhlinux, Tom DeCanio, Torgeir Natvig,
>   Travis Green, Zachary Rasmor
> *About Suricata*
> Suricata is a high performance Network IDS, IPS and Network Security
> Monitoring engine. Open Source and owned by a community run non-profit
> foundation, the Open Information Security Foundation (OISF). Suricata is
> developed by the OISF, its supporting vendors and the community.
> November 9-11 we'll be in Washington, DC, for our 2nd Suricata User
> Conference: http://oisfevents.net
> If you need help installing, updating, validating and tuning Suricata we
> have a training program. Please see http://suricata-ids.org/training/
> For support options also see http://suricata-ids.org/support/

More information about the Oisf-users mailing list