snort 2.8.6 New Additions
* HTTP Inspect now splits requests into 5 components -
Method, URI, Header (non-cookie), Cookies, Body.
Content and PCRE rule options can now search one or more of these buffers.
HTTP server-specific configurations to normalize the HTTP header and/or
cookies have been added.
Support gzip decompression across multiple packets.
* Added a Sensitive Data preprocessor, which performs detection of
Personally Identifiable Information (PII). A new rule option is available
to define new PII. See README.sensitive_data and the Snort Manual
for configuration details.
* Added a new pattern matcher and related configurations. The new pattern
matcher is optimized to use less memory and perform at AC speed.
Improvements
* Addressed problem to resolve output obfuscation affecting packets
when Snort is inline.
* Preprocessors with memcap settings can now be configured in a "disabled"
state. This allows you to configure that memcap globally, but only enable
the preprocessor in targeted configurations.
Downloads (~4,7 Mb)_
http://dl.snort.org/s...t-2.8.6.tar.gz