Suricata 3.2RC1 ready for testing

Posted on | by inliniac

We’re happy to announce Suricata 3.2RC1. The biggest addition to this release is the DNP3 support. We don’t expect many changes after this release candidate, so please help us test it!

Get the release here:

https://www.openinfosecfoundation.org/download/suricata-3.2RC1.tar.gz

High level changes

  • Feature #1745: DNP3 protocol support.
  • Feature #1906: doc: install man page and ship pdf
  • Feature #1916: lua: add an SCPacketTimestamp function
  • Feature #1867: rule compatibility: flow:not_established not supported.
  • Bug #1525: Use pkg-config for libnetfilter_queue
  • Bug #1690: app-layer-proto negation issue
  • Bug #1909: libhtp 0.5.23
  • Bug #1914: file log always shows stored: no even if file is stored
  • Bug #1917: nfq: bypass SEGV
  • Bug #1919: filemd5: md5-list does not allow comments any more
  • Bug #1923: dns – back to back requests results in loss of response
  • Bug #1928: flow bypass leads to memory errors
  • Bug #1931: multi-tenancy fails to start
  • Bug #1932: make install-full does not install tls-events.rules
  • Bug #1935: Check redis reply in non pipeline mode
  • Bug #1936: Can’t set fast_pattern on tls_sni content

Special thanks

Nicolas Thill, Duarte Silva, Thomas Andrejak, Paulo Pacheco, Priit Laes, CoverityScan

Known issues & missing features

If you encounter issues, please let us know! As always, we are doing our best to make you aware of continuing development and items within the engine that are not yet complete or optimal. With this in mind, please notice the list we have included of known items we are working on.  See issues for an up to date list and to report new issues. See Known_issues for a discussion and time line for the major issues.

SuriCon 2.0

dcJoin us in Washington, D.C. November 9-11 for the 2nd Suricata User Conference. Agenda and speakers are now available, including keynote speakers Ron Gula and Liam Randall. Please see: http://suricon.net/

Training & Support

Need help installing, updating, validating, tuning and extending Suricata? We have a training session coming up at SuriCon: November 7 & 8 in Washington, D.C.: see http://suricata-ids.org/training/ Conference attendees get a 20% discount!

For support options also see http://suricata-ids.org/support/

About Suricata

Suricata is a high performance Network Threat Detection, IDS, IPS and Network Security Monitoring engine. Open Source and owned by a community run non-profit foundation, the Open Information Security Foundation (OISF). Suricata is developed by the OISF, its supporting vendors and the community.