[Oisf-users] Please help us test Suricata 5.0.0-rc1
Victor Julien
vjulien at oisf.net
Tue Sep 24 14:31:09 UTC 2019
We are looking for testers for a new development release in the Suricata
5 series: Suricata 5.0.0-rc1. Please help us test so we can release the
final on October 15th.
Curious about whats new? Here are the highlights:
RDP, SNMP, FTP and SIP
Three new protocol parsers and loggers, both community contributions.
Zach Kelley created a Rust RDP parser, while Giuseppe Longo created SIP
support. Rust master Pierre Chifflier contributed SNMP support. Since
RDP and SIP were merged late in our development cycle they are disabled
by default in the configuration. For FTP we have added a EVE logging
facility.
JA3S
After contributing JA3 support in Suricata 4.1, Mats Klepsland has been
working on JA3S support. JA3S is now available to the rule language and
in the TLS logging output.
eBPF/XDP
Eric Leblond has been working hard to getting hardware offload support
working for eBPF. On Netronome cards the eBPF based flow bypass can now
be offloaded to the NIC.
Datasets
Still experimental at this time, the initial work to support datasets is
part of this release. It allows matching on large amounts of data. It is
controlled from the rule language and will work with any 'sticky
buffer'.
https://suricata.readthedocs.io/en/suricata-5.0.0-rc1/rules/datasets.html
HTTP evader
We've been working hard to cover the final set of HTTP evader cases.
This work has mostly gone into the bundled libhtp 0.5.31.
More 5.0 changes
Please see the beta1 announcement for many more changes in the upcoming
5.0 release:
https://suricata-ids.org/2019/04/30/call-for-testing-announcing-suricata-5-0-0-beta1/
For a complete list of closed tickets in 5.0.0-rc1, please see
https://redmine.openinfosecfoundation.org/versions/128
Release schedule
This release has been delayed quite a bit. We had originally hoped to
have it ready for you in July. This means that to get the final out
before Suricon next month we have quite an aggressive schedule. We want
to release the final no later than October 15th. We can use all the help
we can get with testing and polishing to meet that goal. Thanks in advance!
Download from:
https://www.openinfosecfoundation.org/downloads/suricata-5.0.0-rc1.tar.gz
--
Victor Julien
Suricata Lead Developer
suricata-ids.org
More information about the Oisf-users
mailing list