Snort can be used to monitor a variety of data such as packet than port scanning, also provides various logging plug-in database format or XML format. 2.9.15 reads as follows:
New features:
- Add a new debugger for print test, file handling, etc.
- In the file preprocessor, plus added support for detecting new Korean file format and .alg of .egg
- In the file preprocessor, plus add a new RAR file type detection support
Improvements and fixes:
- The TEID values are zero if the GTP v1 and v2 packets, to fix the problem of generating ALERT
- When the file policy does not exist, repair whitelist ftp session data
- Adding debug log during HTTP reload
- Add rules in the verification process to check SID
- Fixed an issue HTTP handle non-HTTP traffic on port 443
Release Notes:
https://blog.snort.org/2019/10/snort-29150-has-been-released.html