Suricata Release
The Open Information Security Foundation has released the beta version of their multi-threaded Intrusion Detection and Prevention engine known as Suricata. Along with the release of this new engine, they have released the HTP Library. This library is an HTTP normalizer and parser written by Ivan Ristic (mod_security). Thank you to all of the OISF members who worked night and day on this project!
Some new features of this engine include:
Multi-Threading
Automatic Protocol Detection (keywords like HTTP,TLS,FTP, and SMB)
Gzip Decompression (for HTTP compressed streams)
Standard Input Methods
Unified2 Compatibility
Flow Variables
HTTP Logging Module
Much much more!
I look forward to implementing this new engine in the RIT Honeynet project with our Snort box for comparisons. Again, anyone can download the new engine by visiting the OISF Website.