Free Network Intrusion Detection & Prevention System for Windows PC

Snort

Snort 2.9.8.0

  -  3.61 MB  -  Open Source
  • Latest Version

    Snort 3.5.2.0

  • Operating System

    Windows XP / Vista / Windows 7 / Windows 8 / Windows 10

  • User Rating

    Click to vote
  • Author / Product

    Cisco Systems, Inc. / External Link

  • Filename

    Snort_2_9_8_0_Installer.exe

  • MD5 Checksum

    86e246ac4e5376e8e9722f8cbf62b5a6

Sometimes latest versions of the software can cause issues when installed on older devices or devices running an older version of the operating system.

Software makers usually fix these issues but it can take them some time. What you can do in the meantime is to download and install an older version of Snort 2.9.8.0.


For those interested in downloading the most recent release of Snort or reading our review, simply click here.


All old versions distributed on our website are completely virus-free and available for download at no cost.


We would love to hear from you

If you have any questions or ideas that you want to share with us - head over to our Contact page and let us know. We value your feedback!

What's new in this version:

New:
- SMBv2/SMBv3 support for file inspection
- Port override for metadata service in IPS rules
- AppID Lua detector performance profiling
- Perfmon dumps stats at fixed intervals from absolute time
- New preprocessor alert (120:18) to detect SSH tunneling over HTT
- New config option |disable_replace| to disable replace rule option
- New Stream configuration |log_asymmetric_traffic| to control logging to syslog
- New shell script in tools to create simple Lua detectors for AppID

Improvements:
- sfip_t refactored to use struct in6_addr for all ip addresses
- Post-detection callback for preprocessors
- AppID support for multiple server/client detectors evaluating on same flow
- AppID API for DNS packets
- Memory optimizations throughout
- Support sending UDP active responses
- Fix perfmon tracking of pruned packets
- Stability improvements for AppID
- Stability improvements for Stream6 preprocessor
- Added improved support to block malware in FTP preprocessor
- Added support to differentiate between active and passive FTP connections
- Improvements done in Stream6 preprocessor to avoid having duplicate packets  in the DAQ retry queue
- Resolved an issue where reputation config incorrectly displayed 'blacklist' in priority field even though 'whitelist' option was configured
- Added support for multiple expected sessions created per packe
- Active response now supports MPL