Snort 2.0 released

An anonymous coward writes: “Snort 2.0 has been reengineered to use a new HTTP Protocol Flow Analyzer and Detection Engine. The Flow Analyzer optimizes data flow by reducing unnecessary data inspections while the Detection Engine uses a fast set-based rule selection methodology and a high performance multi-pattern search engine. The multi-pattern search engine uses a two-stage architecture to inspect data and find rule matches. The first stage of the multi-pattern search engine is a high-speed set-based inspection engine, which quickly identifies potential rule matches based on content and ports. The second stage is an enhanced rule processing engine, which provides additional functionality for in-depth validation of potential rule matches. Together, these enhancements greatly improve the performance and efficiency of Snort and help to reduce false alarms.”

RELATED ARTICLESMORE FROM AUTHOR

Maintainer Confidential: Challenges and Opportunities One Year On

Bridging Design and Runtime Gaps: AsyncAPI in Event-Driven Architecture

Implementing OpenTelemetry Natively in an Event Broker

Innovation as a Catalyst in Telecommunications

Linux 6.8 Brings More Sound Hardware Support For Intel & AMD, Including The Steam Deck

RELATED ARTICLES MORE FROM AUTHOR