[Oisf-users] Please help us test Suricata 5.0.0-rc1

Peter Manev petermanev at gmail.com
Tue Sep 24 18:13:34 UTC 2019



> On 24 Sep 2019, at 19:54, Tiago Faria <tiago.faria.backups at gmail.com> wrote:
> 
> Hi Victor,
> 
> Safe to assume that Peter’s daily build PPA[0] is also in scope for testing right? 
> 
> Just makes it easier to keep with latest changes. 
> 

Sorry to intervene -
Yes - you are more than welcome to test the daily builds and feedback ! In general they always stay current with the gitmaster though - aka they don’t follow the stable or beta releases but rather daily Suricata git master pkg builds.

I will be updating our beta/rc repo separately soon as well.

Thank you 


> Thank you. 
> 
> [0] - 
> https://launchpad.net/~oisf/+archive/ubuntu/suricata-daily
> 
>> On Tue, 24 Sep 2019 at 15:31, Victor Julien <vjulien at oisf.net> wrote:
>> We are looking for testers for a new development release in the Suricata
>> 5 series: Suricata 5.0.0-rc1. Please help us test so we can release the
>> final on October 15th.
>> 
>> Curious about whats new? Here are the highlights:
>> 
>> 
>> RDP, SNMP, FTP and SIP
>> 
>> Three new protocol parsers and loggers, both community contributions.
>> Zach Kelley created a Rust RDP parser, while Giuseppe Longo created SIP
>> support. Rust master Pierre Chifflier contributed SNMP support. Since
>> RDP and SIP were merged late in our development cycle they are disabled
>> by default in the configuration. For FTP we have added a EVE logging
>> facility.
>> 
>> JA3S
>> 
>> After contributing JA3 support in Suricata 4.1, Mats Klepsland has been
>> working on JA3S support. JA3S is now available to the rule language and
>> in the TLS logging output.
>> 
>> 
>> eBPF/XDP
>> 
>> Eric Leblond has been working hard to getting hardware offload support
>> working for eBPF. On Netronome cards the eBPF based flow bypass can now
>> be offloaded to the NIC.
>> 
>> 
>> Datasets
>> 
>> Still experimental at this time, the initial work to support datasets is
>> part of this release. It allows matching on large amounts of data. It is
>> controlled from the rule language and will work with any 'sticky
>> buffer'.
>> https://suricata.readthedocs.io/en/suricata-5.0.0-rc1/rules/datasets.html
>> 
>> 
>> HTTP evader
>> 
>> We've been working hard to cover the final set of HTTP evader cases.
>> This work has mostly gone into the bundled libhtp 0.5.31.
>> 
>> 
>> More 5.0 changes
>> 
>> Please see the beta1 announcement for many more changes in the upcoming
>> 5.0 release:
>> https://suricata-ids.org/2019/04/30/call-for-testing-announcing-suricata-5-0-0-beta1/
>> 
>> For a complete list of closed tickets in 5.0.0-rc1, please see
>> https://redmine.openinfosecfoundation.org/versions/128
>> 
>> 
>> Release schedule
>> 
>> This release has been delayed quite a bit. We had originally hoped to
>> have it ready for you in July. This means that to get the final out
>> before Suricon next month we have quite an aggressive schedule. We want
>> to release the final no later than October 15th. We can use all the help
>> we can get with testing and polishing to meet that goal. Thanks in advance!
>> 
>> Download from:
>> https://www.openinfosecfoundation.org/downloads/suricata-5.0.0-rc1.tar.gz
>> 
>> -- 
>> Victor Julien
>> Suricata Lead Developer
>> suricata-ids.org
>> _______________________________________________
>> Suricata IDS Users mailing list: oisf-users at openinfosecfoundation.org
>> Site: http://suricata-ids.org | Support: http://suricata-ids.org/support/
>> List: https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
>> 
>> Conference: https://suricon.net
>> Trainings: https://suricata-ids.org/training/
> _______________________________________________
> Suricata IDS Users mailing list: oisf-users at openinfosecfoundation.org
> Site: http://suricata-ids.org | Support: http://suricata-ids.org/support/
> List: https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
> 
> Conference: https://suricon.net
> Trainings: https://suricata-ids.org/training/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20190924/cbfb7b2b/attachment-0001.html>


More information about the Oisf-users mailing list