[Oisf-users] Suricata 3.0 is out!

Yasha Zislin coolyasha at hotmail.com
Thu Jan 28 12:10:30 UTC 2016


Can somebody advise on how to compile with this grouping? and what is it exactly?
Thanks.

> Date: Wed, 27 Jan 2016 22:49:57 +0100
> From: petermanev at gmail.com
> To: gfaulkner.nsm at gmail.com
> CC: oisf-users at lists.openinfosecfoundation.org
> Subject: Re: [Oisf-users] Suricata 3.0 is out!
> 
> On Wed, Jan 27, 2016 at 9:37 PM, Gary Faulkner <gfaulkner.nsm at gmail.com> wrote:
> > Thanks for the replies folks, that is what I was hoping to know.
> >
> >
> > On 1/27/16 1:45 PM, Erich Lerch wrote:
> >>
> >> I have dev-detect-grouping-v174 running on one system.
> >> Seems to be as stable as 3.0RC3 (didn't run 3.0final yet), I had no
> >> problems so far. And performance is better, yes. Start-up time is
> >> spectacularly better with big custom detect groups.
> >>
> 
> I have only seen positive performance from dev-detect-grouping-v174 as well.
> 
> 
> >> Cheers,
> >> erich
> >>
> >>
> >>
> >> On 27.01.2016 19:14, Gary Faulkner wrote:
> >>>
> >>> I did take a look at Redmine, but I didn't see obvious answers to a
> >>> couple questions. Did the stuff from the dev-grouping code branch make
> >>> it into this release? The discussion about the grouping code looked very
> >>> promising for performance, so if it didn't make it's way in, is there an
> >>> ETA, or is there a dev branch that is fairly well synced up with release
> >>> at this point or that folks have tried and feel is worth giving a go in
> >>> production? Also is PF_RING ZC now supported and working correctly? I
> >>> recall seeing that NTOP had interacted with the Suricata team at one
> >>> point to resolve an issue there, but don't see anything about it in the
> >>> release notes.
> >>>
> >>> Regards,
> >>> Gary
> >>>
> >>> On 1/27/16 8:14 AM, Victor Julien wrote:
> >>>>
> >>>> We're proud to announce Suricata 3.0. This is a major new release
> >>>> improving Suricata on many fronts.
> >>>>
> >>>> *Download*
> >>>> http://www.openinfosecfoundation.org/download/suricata-3.0.tar.gz
> >>>>
> >>>>
> >>>> *Features and Improvements*
> >>>>
> >>>> - improved detection options, including multi-tenancy and xbits
> >>>> - performance and scalability much improved
> >>>> - much improved accuracy and robustness
> >>>> - Lua scripting capabilities expanded significantly
> >>>> - many output improvements, including much more JSON
> >>>> - NETMAP capture method support, especially interesting to FreeBSD users
> >>>> - SMTP inspection and file extraction
> >>>>
> >>>> For a full list of features added, please see:
> >>>> https://redmine.openinfosecfoundation.org/versions/80
> >>>>
> >>>>
> >>>> *Upgrading*
> >>>>
> >>>> Upgrades from 2.0 to 3.0 should be mostly seamless. Here are some notes:
> >>>>
> >>>>
> >>>> https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Upgrading_Suricata_20_to_Suricata_30
> >>>>
> >>>>
> >>>>
> >>>> *Special thanks*
> >>>>
> >>>> We'd like to thank the following people and corporations for their
> >>>> contributions and feedback:
> >>>>
> >>>>    FireEye, ProtectWise, ANSSI, Emerging Threats /
> >>>>    Proofpoint, Stamus Networks, Ntop, AFL project, CoverityScan
> >>>>
> >>>>    Aaron Campbell, Aleksey Katargin, Alessandro Guido,
> >>>>    Alexander Gozman, Alexandre Macabies, Alfredo Cardigliano,
> >>>>    Andreas Moe, Anoop Saldanha, Antti Tönkyrä, Bill Meeks,
> >>>>    Darien Huss, David Abarbanel, David Cannings, David Diallo,
> >>>>    David Maciejak, Duarte Silva, Eduardo Arada, Giuseppe Longo,
> >>>>    Greg Siemon, Hayder Sinan, Helmut Schaa, Jason Ish,
> >>>>    Jeff Barber, Ken Steele, lessyv, Mark Webb-Johnson,
> >>>>    Mats Klepsland, Matt Carothers, Michael Rash, Nick Jones,
> >>>>    Pierre Chifflier, Ray Ruvinskiy, Samiux A, Schnaffon,
> >>>>    Stephen Donnelly, sxhlinux, Tom DeCanio, Torgeir Natvig,
> >>>>    Travis Green, Zachary Rasmor
> >>>>
> >>>>
> >>>> *About Suricata*
> >>>>
> >>>> Suricata is a high performance Network IDS, IPS and Network Security
> >>>> Monitoring engine. Open Source and owned by a community run non-profit
> >>>> foundation, the Open Information Security Foundation (OISF). Suricata is
> >>>> developed by the OISF, its supporting vendors and the community.
> >>>>
> >>>> November 9-11 we'll be in Washington, DC, for our 2nd Suricata User
> >>>> Conference: http://oisfevents.net
> >>>>
> >>>> If you need help installing, updating, validating and tuning Suricata we
> >>>> have a training program. Please see http://suricata-ids.org/training/
> >>>>
> >>>> For support options also see http://suricata-ids.org/support/
> >>>>
> >>> _______________________________________________
> >>> Suricata IDS Users mailing list: oisf-users at openinfosecfoundation.org
> >>> Site: http://suricata-ids.org | Support: http://suricata-ids.org/support/
> >>> List: https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
> >>> Suricata User Conference November 9-11 in Washington, DC:
> >>> http://oisfevents.net
> >>
> >> _______________________________________________
> >> Suricata IDS Users mailing list: oisf-users at openinfosecfoundation.org
> >> Site: http://suricata-ids.org | Support: http://suricata-ids.org/support/
> >> List: https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
> >> Suricata User Conference November 9-11 in Washington, DC:
> >> http://oisfevents.net
> >
> >
> > _______________________________________________
> > Suricata IDS Users mailing list: oisf-users at openinfosecfoundation.org
> > Site: http://suricata-ids.org | Support: http://suricata-ids.org/support/
> > List: https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
> > Suricata User Conference November 9-11 in Washington, DC:
> > http://oisfevents.net
> 
> 
> 
> -- 
> Regards,
> Peter Manev
> _______________________________________________
> Suricata IDS Users mailing list: oisf-users at openinfosecfoundation.org
> Site: http://suricata-ids.org | Support: http://suricata-ids.org/support/
> List: https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
> Suricata User Conference November 9-11 in Washington, DC: http://oisfevents.net
 		 	   		  
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20160128/f9469375/attachment-0002.html>


More information about the Oisf-users mailing list