Software Update: Suricata 2.0.3

Version 2.0.3 of Suricata has been released. Suricata is an open source network intrusion detection system (IDS), intrusion prevention system (IPS), and network security monitoring engine. It can be used to monitor network traffic and alert a system administrator if anything suspicious is detected. Development is overseen by the Open Information Security Foundation, with support from the community and various manufacturers. The main change in version 2.0 is Eve, a fully op json based logging system. Eve can, among other things, with log stash are used to display information graphically again at to give. The changelog for this release looks like this:

Suricata 2.0.3 Available!

The OISF development team is proud to announce Suricata 2.0.3. This release fixes a number of issues in the 2.0 series. Most importantly, this release addresses a number of IPv6 issues that can lead to evasion.

changes

• Bug #1236: fix potential crash in http parsing
• Bug #1244: ipv6 defrag issue
• Bug #1238: Possible evasion in stream-tcp-reassemble.c
• Bug #1221: lower case conversion table missing last value
• Support #1207: Cannot compile on CentOS 5 x64 with –enable-profiling
• Updated bundled libhtp to 0.5.15

Logstash Kibana fed with information from Suricata with json output.