Cisco Talos Intelligence Blog

November 15, 2010 13:11

Inline Normalization with Snort 2.9.0

Snort 2.9.0 can take a more active role in securing your network in inline deployments by normalizing packets and streams to minimize the chance that Snort incorrectly models end systems. To accomplish this, a new preprocessor was added. You must configure with this option to bu

August 12, 2010 16:08

Snort 2.9 Essentials: The DAQ

The recently released Snort 2.9 Beta introduces the Data AcQuisition library (DAQ), for packet I/O. The DAQ replaces direct calls into packet capture libraries like PCAP with an abstraction layer that make it easy to add additional software or hardware packet capture implementati