Free Network Intrusion Detection & Prevention System for Windows PC

Snort

Snort 2.9.11.1

  -  3.09 MB  -  Open Source
  • Latest Version

    Snort 3.6.0.0

  • Operating System

    Windows XP / Vista / Windows 7 / Windows 8 / Windows 10

  • User Rating

    Click to vote
  • Author / Product

    Cisco Systems, Inc. / External Link

  • Filename

    Snort_2_9_11_1_Installer.exe

  • MD5 Checksum

    15d0c743cda5386e71298871c1f9dd50

Sometimes latest versions of the software can cause issues when installed on older devices or devices running an older version of the operating system.

Software makers usually fix these issues but it can take them some time. What you can do in the meantime is to download and install an older version of Snort 2.9.11.1.


For those interested in downloading the most recent release of Snort or reading our review, simply click here.


All old versions distributed on our website are completely virus-free and available for download at no cost.


We would love to hear from you

If you have any questions or ideas that you want to share with us - head over to our Contact page and let us know. We value your feedback!

What's new in this version:

New:
- Added support to block portscan. In addition to tracking the scanning packets, action(drop/sdrop/reject) will be taken for all the packets, which means snort will block the packet and generate logs
- Added support to re-evaluate reputation after reputation update for all flows except those that have already been blacklisted

Improvements:
- Fixed issue to detect RTP upto two SSRC switches in each traffic direction
- Fixed issues related to HTTP POST header flushing, calling file processing directly if it is not a multipart header and changes to avoid expensive copy of segment data by not splitting them when flushing headers
- Fixed issue of triggering protocol sweep alert when there are multiple destinations from single source ip protocol scan
- Added changes to fix IP portscan for protocol other than ICMP and fixed issue of bad fragment size event not being generated for oversized packets
- Added changes to use raw data in case of PDF and SWF files during file processing for SHA calculation and Malware Cloud Lookup
- Fixed issue of correct session matching for TCP SYN packets without window scale option so that FTP data channels match the same rule as FTP control channels
- Fixed issue of applying new configuration in file inspection after snort reload