Hi,
In usual tardy style, I am happy to inform you that firestorm 0.4.3 has
been released.
This release packs a whole host of bugfixes. The other main changes are
in the alerting subsystem. You can now log to tcpdump files ('dump'
module) and the ascii logs can now live outside the main firestorm
logfile. You will be pleased to hear that output modules can now be
configured differently depending on which module generated the alert.
(eg: stateful ip fragmentation attacks can be logged as ascii, while
alerts generated by the TCP signature engine can be logged to a tcpdump
file, while all other alerts log to both).
Grab it from:
http://www.scaramanga.co.uk/firestorm/download.html
I am also happy to inform you that the tcpstream module is making
progress. Firestorm 0.4.4 will at the very least have TCP stateful
inspection, and if you are lucky, it will also have stream reassembly.
That is of course unless some other compelling reason to do a new
release comes up between now and then.
TTFN
--
// Gianni Tedesco <gianni@xxxxxxxxxx>
8646BE7D: 870E A2C9 8F60 3A3C 91B5 7669 8646 BE7D
Attachment:
signature.asc
Description: This is a digitally signed message part