8dd2d2ad1d
IMPORTANT: This version fixes remotely exploitable heap overflow in the stream4 preprocessor module. Advisory: http://www.coresecurity.com/common/showdoc.php?idx=313&idxseccion=10 Changes: 2.0.0: ====== - Enhanced high-performance detection engine - Stateful Pattern Matching - New detection keywords: byte_test & byte_jump - The Snort code base has undergone an external third party professional security audit funded by Sourcefire (http://www.sourcefire.com) - Many new and updated rules - snort.conf has been updated - Enhancements to self preservation mechanisms in stream4 and frag2 - State tracking fixes in stream4 - New HTTP flow analyzer - Enhanced protocol decoding (TCP options, 802.1q, etc) - Enhanced protocol anomaly detection (IP, TCP, UDP, ICMP, RPC, HTTP, etc) - Enhanced flexresp mode for real-time TCP session sniping - Better chroot()'ing - Tagging system updated - Several million bugs addressed.... - Updated FAQ (thanks to Erek Adams and Dragos Ruiu) Snort 2.0 can be downloaded at http://www.snort.org/dl/snort-2.0.0.tar.gz. Binary versions of the codebase will be built over the next several days and made available at here. 2.0.rc4: ======== - byte_jump/byte_test don't force relative content options - byte_jump/byte_test absolute offsets work - Better FIN handling in Stream4 2.0.rc3: ======== - A low memory usage detection method (enabled via "config detection: search-method lowmem") - Moved the default unix socket location to LOGDIR 2.0.rc2: ======== - syslog should work on win32 and unix - major tagging updates - new UDP decoding alerts - snort.conf updates 2.0.rc1: ======== - Higher performance (due to a new pattern matcher and rebuilt detection engine) - Better decoders - Enhanced stream reassembly and defragmentation - Tons of bug fixes - Updated rules - Updated snort.conf - New detection keywords (byte_test, byte_jump, distance, within) & stateful pattern matching - New HTTP flow analyzer - Enhanced anomaly detection (HTTP, RPC, TCP, IP, etc) - Better self preservation in stateful subsystems - Xrefs fixed - Flexresp works faster and more effectively - Better chroot()'ing - Fixed 802.1q decoding - Better async state handling - New alerting option: -A cmg!!
62 lines
1.9 KiB
Makefile
62 lines
1.9 KiB
Makefile
# $NetBSD: Makefile.common,v 1.8 2003/04/16 06:37:19 salo Exp $
|
|
#
|
|
|
|
DISTNAME= snort-2.0.0
|
|
CATEGORIES= net security
|
|
MASTER_SITES= http://www.snort.org/dl/ \
|
|
ftp://the.wiretapped.net/pub/security/network-intrusion-detection/snort/ \
|
|
ftp://gd.tuwien.ac.at/infosys/security/snort/dl/
|
|
|
|
MAINTAINER= salo@netbsd.org
|
|
HOMEPAGE= http://www.snort.org/
|
|
|
|
USE_PKGINSTALL= YES
|
|
GNU_CONFIGURE= YES
|
|
|
|
CONFIGURE_ARGS+= --with-libpcap-includes=${BUILDLINK_PREFIX.libpcap}/include
|
|
CONFIGURE_ARGS+= --with-libpcap-libraries=${BUILDLINK_PREFIX.libpcap}/lib
|
|
|
|
PKG_SYSCONFSUBDIR= snort
|
|
|
|
RCD_SCRIPTS= snort
|
|
|
|
SNORT_USER?= snort
|
|
SNORT_GROUP?= snort
|
|
PKG_GROUPS= ${SNORT_GROUP}
|
|
PKG_USERS= ${SNORT_USER}:${SNORT_GROUP}::Snort\\ user
|
|
FILES_SUBST+= SNORT_USER="${SNORT_USER}" SNORT_GROUP="${SNORT_GROUP}"
|
|
|
|
OWN_DIRS_PERMS= /var/log/snort ${SNORT_USER} ${SNORT_GROUP} 700
|
|
CONF_FILES= ${EGDIR}/snort.conf.default \
|
|
${PKG_SYSCONFDIR}/snort.conf
|
|
CONF_FILES+= ${EGDIR}/classification.config \
|
|
${PKG_SYSCONFDIR}/classification.config
|
|
CONF_FILES+= ${EGDIR}/reference.config \
|
|
${PKG_SYSCONFDIR}/reference.config
|
|
|
|
EGDIR= ${PREFIX}/share/examples/snort
|
|
|
|
post-configure:
|
|
@${SED} ${FILES_SUBST_SED} ${WRKSRC}/etc/snort.conf > \
|
|
${WRKDIR}/snort.conf.default
|
|
|
|
post-install:
|
|
${INSTALL_DATA_DIR} ${EGDIR}
|
|
${INSTALL_DATA} ${WRKSRC}/etc/classification.config \
|
|
${WRKSRC}/etc/reference.config \
|
|
${WRKDIR}/snort.conf.default ${EGDIR}/
|
|
${INSTALL_DATA_DIR} ${PREFIX}/share/doc/snort
|
|
cd ${WRKSRC}/doc ; \
|
|
for i in `${LS} | ${GREP} -v Makefile` ; do \
|
|
${INSTALL_DATA} $$i ${PREFIX}/share/doc/snort ; \
|
|
done
|
|
${INSTALL_DATA_DIR} ${PREFIX}/share/snort/rules
|
|
cd ${WRKSRC}/etc ; \
|
|
for i in *.map sid ; do \
|
|
${INSTALL_DATA} $$i ${PREFIX}/share/snort/rules ; \
|
|
done
|
|
cd ${WRKSRC}/rules ; \
|
|
for i in `${LS} | ${GREP} -v Makefile` ; do \
|
|
${INSTALL_DATA} $$i ${PREFIX}/share/snort/rules ; \
|
|
done
|
|
${INSTALL_MAN} ${WRKSRC}/snort.8 ${PREFIX}/man/man8
|