Tuesday, April 01, 2008

Software News: Wireshark 1.0, Snort Alpha 3.0 Released

After ten years two widely popular network tools are finally getting makeovers.

After almost 10 years of work the Wireshark team has announced the release of Wireshark 1.0. Wireshark is a very handy, free packet sniffer. It is used for network troubleshooting, analysis and communications protocol development.

Visit the Wireshark download page to get Wireshark for free.

Snort 3.0 Alpha

Snort 3 is now in beta, to try out the new beta release visit the Snort 3 beta site.

Marty Roesch, who wrote the first version of the software nearly 10 years ago, has rewritten the software from top to bottom in the next-generation Snort 3.0 release, due in beta next month and early next year in its final release.

Snort is a free and open source Network Intrusion prevention system (NIPS) and network intrusion detection (NIDS) capable of performing packet logging and real-time traffic analysis on IP networks.

Snort performs protocol analysis, content searching/matching, and is commonly used to actively block or passively detect a variety of attacks and probes, such as buffer overflows, stealth port scans, web application attacks, SMB probes, and OS fingerprinting attempts, amongst other features.

Snort Security Platform (SnortSP) 3.0 Beta

We’re pleased to introduce our first beta release built on the new Snort 3.0 architecture. The Snort 3.0 architecture consists of two primary components: a software platform called the Snort Security Platform (SnortSP) 3.0, which is shipping in beta form in this release, and traffic analysis engine modules that plug into SnortSP. This beta test release contains one engine module which contains the Snort 2.8.2 detection engine implemented as a SnortSP engine module. SnortSP is an open-source platform for running packet-based network security applications. It provides many of the common functions required by programs that deal with packet processing such as configuration loading, event generation and traffic logging, data acquisition, protocol decoding and validation, flow management, and more.

Major features:

  • Shell-based user interface with embedded scripting language
  • Native IPv6, MPLS and GRE support
  • Native support for inline operation
  • More subsystem plugin types such as data acquisition modules, decoders and traffic analyzers
  • Multithreaded execution model - multiple analysis engines may operate simultaneously on the same traffic
  • Performance increases

The purpose of this beta release is to allow people to get exposure to the technology and to use the code in real-world environments - and as an opportunity to solicit feedback on the design and user experience of the new Snort code.

More Software News

Vlite releases 1.1.6 beta 2
Vlite is the very popular Windows Vista installation customizer, slipstreamer. It can be used for Vista SP1 integration and OS customizations.
Vista users can download Vlite here, for Windows Xp users we suggest Nlite

Adobe releases alpha of AIR for Linux
The alpha of the AIR runtime platform for Linux, and the alpha of the SDK for AIR for Linux, are available as separate links on this page. The public alpha of the Flex Builder 3 environment for Linux is available from this page.

No comments:

Post a Comment

All comments will be moderate for content, please be patient as your comment will appear as soon as it has been reviewed.

Thank you