入侵检测系统，Snort 2.9.3.0 发布

   <p><a href="/misc/goto?guid=4958187683021858108" target="_blank">Snort </a>2.9.3.0 发布，改进内容包括：</p>    <p>1. Updates to the flowbit rule option, dcerpc2, and reputation preprocessors. <br /> 2. A new dynamic output plugin architecture API. <br /> 3. Various updates and improvements to http_inspect,<span class="truncate_more"> SMTP mempool allocations, and email attachment processing. <br /> 4. pflog v4 support has been added to packet decoders. <br /> 5. Logging of multiple unified2 alerts with reassembled packets has been fixed. <br /> 6. Compiler warning cleanup across multiple platforms. <br /> 7. All database output support has been removed<br /> </span></p>    <img title="Snort logo" alt="入侵检测系统，Snort 2.9.3.0 发布" src="https://simg.open-open.com/show/be49fa1599b125c9309a88789e41a02f.gif" width="90" height="90" />    <p></p>    <p><a href="/misc/goto?guid=4958187683021858108" target="_blank">Snort</a>是美国Sourcefire公司开发的发布在GPL v2下的IDS（Intrusion Detection System）软件</p>    <p><strong>Snort</strong>有 三种工作模式：嗅探器、数据包记录器、网络入侵检测系统模式。嗅探器模式仅仅是从网络上读取数据包并作为连续不断的流显示在终端上。数据包记录器模式把数 据包记录到硬盘上。网路入侵检测模式分析网络数据流以匹配用户定义的一些规则，并根据检测结果采取一定的动作。网络入侵检测系统模式是最复杂的，而且是可 配置的。</p>    <p><strong>Snort</strong>可以用来监测各种数据包如端口扫描等之外，还提供了以XML形式或数据库形式记录日志的各种插件。</p>    <p><br /> </p>