Suricata is an open source high performance Network IDS, IPS and Network Security Monitoring engine. Suricata is the OISF IDP engine, the open source Intrusion Detection and Prevention Engine. Suricata is developed by the OISF (Open Information Security Foundation), its supporting vendors and the community. This latest release Suricata 2.0.3 fixes a number of issues in the 2.0 series. Most importantly, this release addresses a number of IPv6 issues that can lead to evasion. Bugs discovered by Rafael Schaefer working with ERNW GmbH.
Suricata Features
- Network Intrusion Detection System (NIDS) engine
- Network Intrusion Prevention System (NIPS) engine
- Network Security Monitoring (NSM) engine
- Off line analysis of PCAP files
- Traffic recording using pcap logger
- Unix socket mode for automated PCAP file processing
- Advanced integration with Linux Netfilter firewalling
- Multi-Platform support which includes Linux, FreeBSD, OpenBSD, Mac OS X, Windows
- See official site. for full features details
Suricata 2.0.3 updates
- Fix potential crash in http parsing
- Fix ipv6 defrag issue
- Fix possible evasion in stream-tcp-reassemble.c
- Fix lowercase conversion table missing last value
- Fix compilation issue on CentOS 5 x64 with –enable-profiling
- Updated bundled libhtp to 0.5.15
Install Suricata 2.0.3
[box type=”info” icon=”info”]The PPA is yet to be updated to release 2.0.3 so you will still be able to install release 2.0.2 or you wait till 2.0.3 is updated in PPA[/box]