Cisco Company ΠΎ ΡΠΎΡΠΌΠΈΡΠΎΠ²Π°Π½ΠΈΠΈ ΠΊΠ°Π½Π΄ΠΈΠ΄Π°ΡΠ° Π² ΡΠ΅Π»ΠΈΠ·Ρ ΠΏΠΎΠ»Π½ΠΎΡΡΡΡ ΠΏΠ΅ΡΠ΅ΡΠ°Π±ΠΎΡΠ°Π½Π½ΠΎΠΉ ΡΠΈΡΡΠ΅ΠΌΡ ΠΏΡΠ΅Π΄ΠΎΡΠ²ΡΠ°ΡΠ΅Π½ΠΈΡ Π°ΡΠ°ΠΊ , ΡΠ°ΠΊΠΆΠ΅ ΠΈΠ·Π²Π΅ΡΡΠ½ΠΎΠΉ ΠΊΠ°ΠΊ ΠΏΡΠΎΠ΅ΠΊΡ Snort++, ΡΠ°Π±ΠΎΡΠ° Π½Π°Π΄ ΠΊΠΎΡΠΎΡΡΠΌ Ρ ΠΏΠ΅ΡΠ΅ΡΡΠ²Π°ΠΌΠΈ Π²Π΅Π΄ΡΡΡΡ Π΅ΡΡ Ρ 2005 Π³ΠΎΠ΄Π°. Π‘ΡΠ°Π±ΠΈΠ»ΡΠ½ΡΠΉ ΡΠ΅Π»ΠΈΠ· ΠΏΠ»Π°Π½ΠΈΡΡΠ΅ΡΡΡ ΠΎΠΏΡΠ±Π»ΠΈΠΊΠΎΠ²Π°ΡΡ Π² ΡΠ΅ΡΠ΅Π½ΠΈΠ΅ ΠΌΠ΅ΡΡΡΠ°.
Π Π²Π΅ΡΠΊΠ΅ Snort 3 ΠΏΠΎΠ»Π½ΠΎΡΡΡΡ ΠΏΠ΅ΡΠ΅ΠΎΡΠΌΡΡΠ»Π΅Π½Π° ΠΊΠΎΠ½ΡΠ΅ΠΏΡΠΈΡ ΠΏΡΠΎΠ΄ΡΠΊΡΠ° ΠΈ ΠΏΠ΅ΡΠ΅ΡΠ°Π±ΠΎΡΠ°Π½Π° Π°ΡΡ ΠΈΡΠ΅ΠΊΡΡΡΠ°. Π‘ΡΠ΅Π΄ΠΈ ΠΊΠ»ΡΡΠ΅Π²ΡΡ Π½Π°ΠΏΡΠ°Π²Π»Π΅Π½ΠΈΠΉ ΡΠ°Π·Π²ΠΈΡΠΈΡ Snort 3: ΡΠΏΡΠΎΡΠ΅Π½ΠΈΠ΅ Π½Π°ΡΡΡΠΎΠΉΠΊΠΈ ΠΈ Π·Π°ΠΏΡΡΠΊΠ° Snort, Π°Π²ΡΠΎΠΌΠ°ΡΠΈΠ·Π°ΡΠΈΡ ΠΊΠΎΠ½ΡΠΈΠ³ΡΡΠΈΡΠΎΠ²Π°Π½ΠΈΡ, ΡΠΏΡΠΎΡΠ΅Π½ΠΈΡ ΡΠ·ΡΠΊΠ° ΠΏΠΎΡΡΡΠΎΠ΅Π½ΠΈΡ ΠΏΡΠ°Π²ΠΈΠ», Π°Π²ΡΠΎΠΌΠ°ΡΠΈΡΠ΅ΡΠΊΠΎΠ΅ ΠΎΠΏΡΠ΅Π΄Π΅Π»Π΅Π½ΠΈΠ΅ Π²ΡΠ΅Ρ ΠΏΡΠΎΡΠΎΠΊΠΎΠ»ΠΎΠ², ΠΏΡΠ΅Π΄ΠΎΡΡΠ°Π²Π»Π΅Π½ΠΈΡ ΠΎΠ±ΠΎΠ»ΠΎΡΠΊΠΈ Π΄Π»Ρ ΡΠΏΡΠ°Π²Π»Π΅Π½ΠΈΡ ΠΈΠ· ΠΊΠΎΠΌΠ°Π½Π΄Π½ΠΎΠΉ ΡΡΡΠΎΠΊΠΈ, Π°ΠΊΡΠΈΠ²Π½ΠΎΠ΅ ΠΏΡΠΈΠΌΠ΅Π½Π΅Π½ΠΈΠ΅ ΠΌΠ½ΠΎΠ³ΠΎΠΏΠΎΡΠΎΡΠ½ΠΎΡΡΠΈ Ρ ΡΠΎΠ²ΠΌΠ΅ΡΡΠ½ΡΠΌ Π΄ΠΎΡΡΡΠΏΠΎΠΌ ΡΠ°Π·Π½ΡΡ ΠΎΠ±ΡΠ°Π±ΠΎΡΡΠΈΠΊΠΎΠ² ΠΊ Π΅Π΄ΠΈΠ½ΠΎΠΉ ΠΊΠΎΠ½ΡΠΈΠ³ΡΡΠ°ΡΠΈΠΈ.
Innovationes sequentes significantes effectae sunt:
- Transitus factus est ad novam systema conformationem quae syntaxin simpliciorem praebet et usum scriptorum ad occasus dynamice generandos concedit. LuaJIT ad limam configurationis processus adhibetur. Plugins in LuaJIT fundatae sunt ad exsequendum optiones additionales ad regulas et ad systema logiandum;
- Impetus deprehensionis machinae modernistae sunt, regulae renovatae sunt, et facultas ligandi buffers in regulis (buffis glutinosis) adiectis est. Inquisitionis hyperscan adhibita est, quae effecit ut exempla celerius et accuratius urguerentur secundum regulas expressiones regulares;
- Addidit novus introspectionem modus pro HTTP qui rationem sessionis status capit ac tegit XCIX% condicionum, quae a test comitentur. . ΠΠΎΠ±Π°Π²Π»Π΅Π½Π° ΡΠΈΡΡΠ΅ΠΌΠ° ΠΈΠ½ΡΠΏΠ΅ΠΊΡΠΈΡΠΎΠ²Π°Π½ΠΈΡ ΡΡΠ°ΡΠΈΠΊΠ° HTTP/2;
- Modus inspectionis in profundo fasciculo faciendo signanter emendatus est. Facultatem ad multi-filam fasciculi processui addidit, simultaneum permittens exsecutionem plurium stamina cum processoribus fasciculis et scalabilitatis lineari providens secundum numerum nucleorum CPU;
- Communis tabulae configurationis repositionis et attributorum effectae sunt, quae inter diversas subsystematum communes sunt, quae memoriam consummationis signanter minuerunt, duplicatione notitiarum eliminandae;
- Novus eventus systematis colligationis utens JSON format et facile cum suggestis externis sicut elasticis Stack integratur;
- Transitus ad architecturae modularis, facultas ad munus augendi per plugins connectens et subsystema clavem exsequendam in forma restaurabilium plugins. In statu iam complura centum plugina impleta sunt Snort 3, varias applicationis areas operientes, exempli gratia, permittentes addere tuos codecs, modos introspectionem, modos colligandi, actiones et optiones in regulis;
- Automatic deprehensio muneris currendi, eliminando necessitatem manualem ad portum retis activum specificandum.
- ΠΠΎΠ±Π°Π²Π»Π΅Π½Π° ΠΏΠΎΠ΄Π΄Π΅ΡΠΆΠΊΠ° ΡΠ°ΠΉΠ»ΠΎΠ² Π΄Π»Ρ Π±ΡΡΡΡΠΎΠ³ΠΎ ΠΏΠ΅ΡΠ΅ΠΎΠΏΡΠ΅Π΄Π΅Π»Π΅Π½ΠΈΡ Π½Π°ΡΡΡΠΎΠ΅ΠΊ, ΠΎΡΠ½ΠΎΡΠΈΡΠ΅Π»ΡΠ½ΠΎ ΠΊΠΎΠ½ΡΠΈΠ³ΡΡΠ°ΡΠΈΠΈ ΠΏΠΎ ΡΠΌΠΎΠ»ΡΠ°Π½ΠΈΡ. ΠΠ»Ρ ΡΠΏΡΠΎΡΠ΅Π½ΠΈΡ Π½Π°ΡΡΡΠΎΠΉΠΊΠΈ ΠΏΡΠ΅ΠΊΡΠ°ΡΠ΅Π½ΠΎ ΠΈΡΠΏΠΎΠ»ΡΠ·ΠΎΠ²Π°Π½ΠΈΠ΅ snort_config.lua ΠΈ SNORT_LUA_PATH.
ΠΠΎΠ±Π°Π²Π»Π΅Π½Π° ΠΏΠΎΠ΄Π΄Π΅ΡΠΆΠΊΠ° ΠΏΠ΅ΡΠ΅Π·Π°Π³ΡΡΠ·ΠΊΠΈ Π½Π°ΡΡΡΠΎΠ΅ΠΊ Π½Π° Π»Π΅ΡΡ; - Codex facultatem praebet utendi C++ constructus in vexillo C++14 definito (aedificare requirit compilator qui C++14 sustinet);
- tracto VXLAN novam addidit;
- Improved search for content types by content using updated alternative algorithm implementations ΠΈ ;
- Satus acceleratur pluribus sequelis utendo ad regulas componendas;
- Novam machinam colligationem adiecit;
- ΠΠΎΠ±Π°Π²Π»Π΅Π½Π° ΡΠΈΡΡΠ΅ΠΌΠ° ΠΈΠ½ΡΠΏΠ΅ΠΊΡΠΈΡΠΎΠ²Π°Π½ΠΈΡ RNA (Real-time Network Awareness), ΡΠΎΠ±ΠΈΡΠ°ΡΡΠ°Ρ ΡΠ²Π΅Π΄Π΅Π½ΠΈΡ ΠΎ Π΄ΠΎΡΡΡΠΏΠ½ΡΡ Π² ΡΠ΅ΡΠΈ ΡΠ΅ΡΡΡΡΠ°Ρ , Ρ ΠΎΡΡΠ°Ρ , ΠΏΡΠΈΠ»ΠΎΠΆΠ΅Π½ΠΈΡΡ ΠΈ ΡΠ΅ΡΠ²ΠΈΡΠ°Ρ .
Source: opennet.ru