Kampani ya Cisco mtundu womaliza wa beta wa njira yopewera kuukira yokonzedwanso , yomwe imadziwikanso kuti Snort ++ project, yomwe yakhala ikugwira ntchito pang'onopang'ono kuyambira 2005. Womasulidwayo akukonzekera kusindikizidwa kumapeto kwa chaka chino.
Munthambi yatsopano, lingaliro la mankhwala limaganiziridwanso kwathunthu ndipo zomangamanga zimakonzedwanso. Zina mwa madera omwe anagogomezera pokonzekera nthambi yatsopano, panali kuphweka kwa kukhazikitsa ndi kuyambitsa Snort, automation ya kasinthidwe, kuphweka kwa chinenero pomanga malamulo, kudziwikiratu kwa ndondomeko zonse, kupereka chipolopolo chowongolera kuchokera ku lamulo. mzere, kugwiritsa ntchito molimbika kwa multithreading ndi mwayi wogawana nawo ma processor osiyanasiyana kumasinthidwe amodzi.
Zotsatira zazikuluzikulu zotsatirazi zakhazikitsidwa:
- Kusintha kwapangidwa ku dongosolo latsopano lokonzekera lomwe limapereka mawu osavuta komanso amalola kugwiritsa ntchito malemba kuti apange zoikamo. LuaJIT imagwiritsidwa ntchito pokonza mafayilo osintha. Mapulagini ozikidwa pa LuaJIT amaperekedwa ndi kukhazikitsidwa kwa njira zina zowonjezera malamulo ndi ndondomeko yodula mitengo;
- Injini yodziwikiratu yakuukira yasinthidwa kukhala yamakono, malamulowo asinthidwa, ndipo kuthekera komanga ma buffers mu malamulo (zomata zomata) zawonjezedwa. Makina osakira a Hyperscan adagwiritsidwa ntchito, zomwe zidapangitsa kuti zitheke kugwiritsa ntchito njira zofulumira komanso zolondola zomwe zidayambika potengera mawu okhazikika m'malamulo;
- Onjezani mawonekedwe atsopano owunikira a HTTP omwe amaganizira za gawo la gawo ndipo amakhudza 99% ya zochitika zomwe zimathandizidwa ndi test suite. . Khodi yothandizira HTTP/2 ikukula;
- Ntchito yowunikira paketi yozama yasinthidwa kwambiri. Anawonjezera luso lokonza mapaketi amitundu yambiri, kulola kuphatikizika kwa ulusi wambiri nthawi imodzi yokhala ndi ma processor a paketi ndikupereka scalability yofananira kutengera kuchuluka kwa ma cores a CPU;
- Kusungirako kosinthika kofanana ndi matebulo amachitidwe akhazikitsidwa, omwe amagawidwa pakati pa magawo osiyanasiyana, omwe achepetsa kwambiri kukumbukira kukumbukira pochotsa kubwereza kwa chidziwitso;
- Njira yatsopano yodula mitengo pogwiritsa ntchito mawonekedwe a JSON ndikuphatikizidwa mosavuta ndi nsanja zakunja monga Elastic Stack;
- Kusintha kwa zomangamanga modular, kuthekera kukulitsa magwiridwe antchito kudzera pakulumikiza mapulagini ndikukhazikitsa ma subsystems ofunikira ngati mapulagini osinthika. Pakadali pano, mapulagini mazana angapo akhazikitsidwa kale a Snort 3, akuphatikiza magawo osiyanasiyana ogwiritsira ntchito, mwachitsanzo, kukulolani kuti muwonjezere ma codec anu, njira zowunikira, njira zodula mitengo, zochita ndi zosankha m'malamulo;
- Kuzindikira kodziwikiratu kwa mautumiki omwe akuyendetsa, kuchotseratu kufunikira kofotokozera pamanja madoko omwe akugwira ntchito.
Zosintha poyerekeza ndi mayeso omaliza, omwe adasindikizidwa mu 2018:
- Thandizo lowonjezera la mafayilo kuti liwongolere mwachangu zoikamo zokhudzana ndi kasinthidwe kokhazikika;
- Khodiyo imapereka mwayi wogwiritsa ntchito zomanga za C ++ zomwe zimatanthauzidwa muyeso ya C ++ 14 (kumanga kumafuna compiler yomwe imathandizira C ++ 14);
- Anawonjezera chowongolera chatsopano cha VXLAN;
- Kusaka bwino kwamitundu yazinthu pogwiritsa ntchito njira zosinthidwa za algorithm ΠΈ ;
- Dongosolo loyang'anira magalimoto a HTTP/2 latsala pang'ono kukonzekera;
- Kuyambitsa kumafulumizitsa pogwiritsa ntchito ulusi wambiri kuti mupange magulu a malamulo;
- Anawonjezera njira yatsopano yodula mitengo;
- Kuzindikirika bwino kwa zolakwika za Lua ndi kukhathamiritsa kwa whitelists;
- Zosintha zapangidwa kuti zilole kutsitsanso zoikamo pa ntchentche;
- Dongosolo lowunikira la RNA (Real-time Network Awareness) lawonjezedwa, kusonkhanitsa zambiri zokhudzana ndi zida, makamu, mapulogalamu ndi ntchito zomwe zikupezeka pa intaneti;
- Kuti muchepetse kasinthidwe, kugwiritsa ntchito snort_config.lua ndi SNORT_LUA_PATH kwathetsedwa.
Source: opennet.ru