Projects / Sagan / Releases

All releases of Sagan

  •  17 Jun 2014 14:37
Avatar

    Release Notes: Code is now formatted in the GNU "artistic" style. Multiple bugs were fixed. Sagan is much more efficient with memory. New "meta_content" and "meta_nocase" options were provided for multi-searching in a single rule. The "track_clients" processor was fixed and improved. Flowbit tracking 'by_src', 'by_dst', 'both', and 'none' were added for multiple line log support.

    •  30 Apr 2013 17:39
    Avatar

      Release Notes: This release is capable of utilizing all CPUs/cores. This means it can digest, parse, and analyze even higher number of events per/second. Introduction of "processors". Removal of the direct SQL output plugin; to write to a SQL database, use unified2 and Barnyard2. Introduction of port variables in rules. More normalization and parsing options. Sagan currently has over five thousand signatures/rules.

      •  13 Apr 2012 00:16
      Avatar

        Release Notes: This release support Snortsam, a firewall blocking agent for Snort. It can leverage Snortsam to block attacks based on log analysis and normalization. Snortsam currently supports Checkpoint Firewall-1, Cisco PIX/ASA, Cisco routers, Juniper/Netscreen, ipf/ipfw2 (FreeBSD), pf (OpenBSD), ipchains/iptables/ebtables (Linux), Watchguard, 8signs (Windows), and MS ISA Server (Windows). This release adds a new "after" rule option, a new DNS cache system (which shouldn't be used unless 100% necessary), Direct SQL write fixes, and various small bugfixes.

        Screenshot

        Project Spotlight

        episoder

        A tool to tell you about new episodes of your favourite TV shows.

        Screenshot

        Project Spotlight

        BalanceNG

        A modern software IP load balancer.