Articles about Snort


Cisco, Snort scramble to plug malware hole

A URL sanitisation bug has Cisco pushing a patch for its Firepower system software. As the advisory for CVE-2016-1345 explains, the software doesn't properly validate fields in HTTP headers. A crafted HTTP request can bypass malicious file detection, or could block policies configured on the system. Sysadmins can check …
Snort 3 logo

Cisco to release flying pig – Snort 3.0

Cisco's going to release a flying pig. The porcine in question is Snort 3.0, a new version of Sourcefire's well-regarded intrusion protection system. Snort's mascot is a pig and Sourcefire has, over the years, had a lot of fun with toy pigs and calendars picturing its pig in provocative poses. That silliness is, happily, …
Simon Sharwood, 12 Dec 2014

Nothing to sniff at: Cisco finishes $2.8bn gobble of Snort'ing guy's Sourcefire

Intrusion prevention's a hot topic in the world of security, as reflected in the $2.8bn price tag Cisco has paid to complete the acquisition of network security specialists Sourcefire. The purchase - which was announced in July - is the largest security firm purchase since Intel's $7.7bn acquisition of McAfee in 2010. And it's …
Iain Thomson, 9 Oct 2013

Cisco coughs $2.7bn for Sourcefire

Cisco has dug deep and found $2.7bn for intrusion prevention security player Sourcefire. Sourcefire started out in intrusion detection/intrusion prevention but expanded over the years to add next-generation firewall and advanced malware protection wares to its portfolio. Cisco reckons the acquisition will accelerate the …
John Leyden, 23 Jul 2013
The Register breaking news

Snort team aim to scent malformed email attachments

Interview The developers behind Snort, the open source intrusion detection system, are pushing ahead with a project to develop a system for detecting malformed documents in a bid to provide early warnings about targeted attacks. Razorback is designed to complement traditional anti-virus products by providing a warning about maliciously …
John Leyden, 19 May 2011
The Register breaking news

Battle joined for future of open source IPS

Analysis The battle to develop the next generation of open source intrusion prevention systems (IPS) technology is intensifying between incumbent Snort and a US government-backed project, the Open Information Security Foundation (OISF). Disagreements over technical issues such as the relative importance of developing IPS systems that …
John Leyden, 27 Jul 2010

Third Brigade annexes open source intrusion detection tech

OSSEC, the open source host-based intrusion detection project, has been snapped up by Third Brigade, a commercial firm in the same information security sub-market. Terms of the deal, announced on Tuesday, were undisclosed. Daniel Cid, creator and primary developer for OSSEC, has become the principal researcher at Third Brigade …
John Leyden, 20 Jun 2008
fingers pointing at man

Network security vulns keep sysadmins busy

Sysadmins can look forward to clocking some overtime this week after Cisco warned of flaws in how its core operating system handles malformed Secure Sockets Layer (SSL) traffic. Several types of SSL messages (such as ClientHello and ChangeCipherSpec), when malformed, can crash vulnerable appliances running IOS, which are …
John Leyden, 23 May 2007
The Register breaking news

Sourcefire eyes acquisitions

Security vendor Sourcefire, which went public last month, said tougher corporate governance regulations are making it more difficult and more expensive to float. Sourcefire represents a rare example of a security firm staging an IPO, a feat only a handful of firms have succeeded in doing in the last five years. A more frequent …
John Leyden, 26 Apr 2007

GigaStor to hunt zero-day breaches

CeBIT Your intrusion detection system (IDS) may have just downloaded a new security rule, but you have no way of knowing if your network has already been hit by the exploit in a zero-day attack, says Network Instruments. The company claims the latest update of its GigaStor network traffic recorder could help you find out, however, …
Bryan Betts, 14 Mar 2007

Snort bug is nothing to sniff at

Snort and Sourcefire users are urged to update their intrusion detection software following the discovery of a potentially serious security vulnerability. A stack-based buffer overflow security bug in the preprocessor handling DCE/RPC traffic means hackers could inject hostile code onto systems running the popular open source …
John Leyden, 20 Feb 2007

Create a news alert about Snort, or find more stories about Snort.

Biting the hand that feeds IT © 1998–2018