CVS log for snort/doc/README.sfportscan

 (logo)

Help
(back) Up to [cvs] / snort / doc

Request diff between arbitrary revisions

Default branch: MAIN
Bookmark a link to: HEAD / (download)
Revision 1.7 / (view) - annotate - [select for diffs] , Mon Nov 12 23:02:47 2007 UTC (12 months, 1 week ago) by twease
Branch: MAIN
CVS Tags: SNORT_v2_8_3_1, SNORT_v2_8_3-RC1, SNORT_v2_8_3-BETA, SNORT_v2_8_3, SNORT_v2_8_2_2, SNORT_v2_8_2_1, SNORT_v2_8_2-RC, SNORT_v2_8_2-BETA, SNORT_v2_8_2, SNORT_v2_8_1-RC, SNORT_v2_8_1-BETA, SNORT_v2_8_1, SNORT_2_8_3, SNORT_2_8_2, SNORT_2_8_1, SNORT_1_9, SNORT_1_8, HEAD
Changes since 1.6: +42 -2 lines
Diff to previous 1.6 
* Documentation updates.
Revision 1.5.2.1 / (view) - annotate - [select for diffs] , Fri May 12 17:16:06 2006 UTC (2 years, 6 months ago) by ssturges
Branch: SNORT_2_6
CVS Tags: SNORT_v2_6_0_2, SNORT_v2_6_0_1, SNORT_v2_6_0
Changes since 1.5: +11 -5 lines
Diff to previous 1.5 to next main 1.6 
* Proofreading updates.
Revision 1.6 / (view) - annotate - [select for diffs] , Fri May 12 17:16:04 2006 UTC (2 years, 6 months ago) by ssturges
Branch: MAIN
CVS Tags: SNORT_v2_8_0_2, SNORT_v2_8_0_1, SNORT_v2_8_0-RC1, SNORT_v2_8_0-BETA, SNORT_v2_8_0, SNORT_v2_7_0-BETA2, SNORT_v2_7_0-BETA1, SNORT_v2_7_0, SNORT_v2_6_1_5, SNORT_v2_6_1_4, SNORT_v2_6_1_3, SNORT_v2_6_1_2, SNORT_v2_6_1_1, SNORT_v2_6_1-RC1, SNORT_v2_6_1-BETA2, SNORT_v2_6_1-BETA, SNORT_v2_6_1, SNORT_2_8_0, SNORT_2_7_0, SNORT_2_6_1
Changes since 1.5: +11 -5 lines
Diff to previous 1.5 
* Proofreading updates.
Revision 1.5 / (view) - annotate - [select for diffs] , Thu Jan 19 16:50:54 2006 UTC (2 years, 10 months ago) by ssturges
Branch: MAIN
CVS Tags: SNORT_v2_6_0-RC2, SNORT_v2_6_0-RC1
Branch point for: SNORT_2_6
Changes since 1.4: +7 -1 lines
Diff to previous 1.4 
* Added ACK scan detection and false positive prevention with
  sessions picked up midstream and dropped packets.
Revision 1.4 / (view) - annotate - [select for diffs] , Tue Aug 30 17:27:38 2005 UTC (3 years, 2 months ago) by ssturges
Branch: MAIN
Changes since 1.3: +1 -1 lines
Diff to previous 1.3 
* Update frag3 with fix for Solaris policy & update README
* Fix docs & code comments for sfportscan ip proto config
* Fix broken -T option to verify rules as it used to
* Prelude startup patch
Revision 1.1.2.1.2.2 / (view) - annotate - [select for diffs] , Tue Aug 30 17:27:35 2005 UTC (3 years, 2 months ago) by ssturges
CVS Tags: SNORT_v2_4_5, SNORT_v2_4_3, SNORT_v2_4_2, SNORT_v2_4_1
Changes since 1.1.2.1.2.1: +1 -1 lines
Diff to previous 1.1.2.1.2.1 to branch point 1.1.2.1 to next main 1.2 
* Update frag3 with fix for Solaris policy & update README
* Fix docs & code comments for sfportscan ip proto config
* Fix broken -T option to verify rules as it used to
* Prelude startup patch
Revision 1.3 / (view) - annotate - [select for diffs] , Fri Mar 18 19:48:14 2005 UTC (3 years, 8 months ago) by jhewlett
Branch: MAIN
Changes since 1.2: +5 -0 lines
Diff to previous 1.2 
* Updates/Fixes to Frag3 IP reassembler (thanks ssturges):
  1) Push first fragmented UDP packet through, but do not inspect
  other fragmented packets (until rebuilt).
  2) Printing of Configuration Info
  3) Code readability
* Removal of comment parsing code added for 2.3.1.
* Added support for detection of Lookback & Same src/dest attacks in
  the packet decoder. This obsoletes sids 527, 528. Thanks Marc
  Norton for the feature.
* Added FTP Bounce detection Plugin. Thanks Steve Sturges.
* Increased Flowbits hash table size. Thanks Marc Norton.
* Performance improvement in pattern matcher from Marc Norton.
* Eliminate duplicate alerts on Rebuilt Streams/IP reassembled packets.
* Patch from Andy Mullican and Steve Sturges.
* Added handling of midstream sessions in portscan preprocessors.
  Thanks Andy Mullican.
* Stream4 fixes - Handle PAWS, NULL TCP Flags in established session,
  limit overlaps in established session, update ACK when server sends
  RST. Performance changes for cleaning up session cache. Thanks
  Steve Sturges and Andy Mullican for the patches.
* Added uri_tab_delimiter option to HttpInspect. Patch from Andy
  Mullican.
* Updates to PerfMon to handle multiple CPUs properly. Thanks Steve Sturges.
* Fixed telnet decoder bug when ignoring Sub-negotiation end command.
  Thanks Steve Sturges.
Revision 1.1.2.1.2.1 / (view) - annotate - [select for diffs] , Wed Mar 16 21:52:16 2005 UTC (3 years, 8 months ago) by jhewlett
CVS Tags: SNORT_v2_4_0
Changes since 1.1.2.1: +5 -0 lines
Diff to previous 1.1.2.1 
* Snort 2.4 CVS branch, build 1.
* Added support for detection of Lookback & Same src/dest attacks in
  the packet decoder. This obsoletes sids 527, 528. Thanks Marc
  Norton for the feature.
* Added global ignore ports feature. Thanks Andy Mullican for the feature. Usage:
* Provide ability for 3rd party code to take action when Snort
  indicates a packet should be dropped. Thanks Marc Norton.
* Added FTP Bounce detection Plugin. Thanks Steve Sturges for this feature.
* Performance improvement in pattern matcher from Marc Norton.
* Eliminate duplicate alerts on rebuilt streams/IP reassembled packets.
  Thanks Andy Mullican and Steve Sturges.
* Added better determination of direction for Back Orifice packets.
  Thanks Andy Mullican.
* Added handling of midstream sessions in portscan preprocessors.
  Thanks Andy Mullican.
* Stream4 fixes - Handle PAWS, NULL TCP Flags in established session,
  limit overlaps in established session, update ACK when server sends
  RST. Performance changes for cleaning up session cache. Thanks
  Steve Sturges and Andy Mullican for the patches.
* Added uri_tab_delimiter option to HttpInspect. Thanks Andy
  Mullican.
* Added categories (wire, ip defrag, tcp rebuilt, app layer) to
  PerfMon.  Also added atexitonly option to dump stats for entire life
  of snort. Thanks Steve Sturges.
* Fixed telnet decoder bug when ignoring Sub-negotiation end command.
  Thanks Steve Sturges.
Revision 1.1.2.1 / (view) - annotate - [select for diffs] , Tue Oct 5 18:55:18 2004 UTC (4 years, 1 month ago) by jhewlett
Branch: SNORT_2_3
CVS Tags: STABLE, SNORT_v2_3_3, SNORT_v2_3_2, SNORT_v2_3_1, SNORT_v2_3_0-RC2, SNORT_v2_3_0-RC1, SNORT_v2_3_0
Changes since 1.1: +6 -4 lines
Diff to previous 1.1 to next main 1.2 
* Fix bug in preprocessor error statement that referenced freed
  memory.  Thanks to Dennis George for submitting fix.
* Fix TCP/IP options print bug that was found by Marcin Zgorecki.
* Move portscan initialization into preprocessors, not plugins.
* Inspect invalid TCP initiators that stream4 doesn't track for portscans.
  Log open ports on TCP portsweeps when we can.  Thanks to #snort and
  SGUIL guys for their comments and feedback.  Also, thanks to David
  Lowless for his portscan testing in the UK.
Revision 1.2 / (view) - annotate - [select for diffs] , Mon Oct 4 20:28:08 2004 UTC (4 years, 1 month ago) by jhewlett
Branch: MAIN
Changes since 1.1: +6 -4 lines
Diff to previous 1.1 
* Adding Marty's frag3 preprocessor
* sfPortscan doc update
Revision 1.1 / (view) - annotate - [select for diffs] , Mon Sep 13 17:44:49 2004 UTC (4 years, 2 months ago) by jhewlett
Branch: MAIN
Branch point for: SNORT_2_3 
* sync 2.3 code
This form allows you to request diffs between any two revisions of a file. You may select a symbolic revision name using the selection box or you may type in a numeric name using the type-in text box.

Diffs between and
Type of Diff should be a
View only Branch:
Sort log by:
snort-team@sourcefire.com