da Masu haɓaka Cisco sun saki fasalin beta na ƙarshe tsarin rigakafin kutse "Soki 3" wacce an sake sake shi kwata-kwata, Tunda don wannan sabon sigar masu haɓakawa sunyi aiki akan batun samfurin gaba ɗaya kuma an sake tsara gine-gine.
Daga cikin yankunan da aka jaddada Yayin shirye-shiryen sabon sigar, da Saukake saitin da kaddamarwa na aikace-aikacen, da sarrafa kansa aiki, Saukakakken yare harshe na ginin, da atomatik gano duk ladabi, samar da kwasfa don gudanar da layin umarni, yin amfani da multithreading tare da samun haɗin haɗin masu kulawa daban daban don daidaitawa ɗaya.
Game da Shasha
Ga waɗanda ba su san Snort ba, ya kamata ku sani cewa eWannan tsarin gano kutse ne na hanyar sadarwa, kyauta kuma kyauta. Yana bayar da ikon adana rajistan ayyukan a cikin fayilolin rubutu da cikin bayanan bayanai bude, kamar MySQL. Yana aiwatar da gano hari da injin binciken tashar jiragen ruwa wanda ke ba da damar yin rijista, faɗakarwa da amsawa ga duk wani abin da ya gabata.
Yayin shigarwa, yana ba da daruruwan filtata ko dokoki don bayan gida, DDoS, yatsa, FTP, hare-haren yanar gizo, CGI, Nmap, da sauransu.
Zai iya aiki azaman sandar turare da fakiti. Lokacin da fakiti yayi daidai da samfurin da aka kafa a cikin dokokin daidaitawa, yana da shigarwa. Wannan shine yadda zaku san lokacin, inda da kuma yadda harin ya faru.
Snort yana da rumbun adana bayanai na hare-hare wanda koyaushe ake sabunta su ta hanyar intanet. Masu amfani za su iya ƙirƙirar sa hannu bisa halaye na sabbin hare-hare na hanyar sadarwa kuma su miƙa su zuwa jerin aika saƙo na sa hannun Snort, wannan ɗabi'ar al'umma da rabawa ya sanya Snort ɗayan mashahuran zamani, ingantattun IDS na tushen hanyar sadarwa. robust
Snort 3 abubuwan beta na ƙarshe
A cikin wannan beta na ƙarshe, Snort ya gabatar da canji zuwa sabon tsarin daidaitawa wanda yana ba da daidaitaccen haruffa kuma yana ba da damar amfani da rubutun don ƙirar tsari mai ƙarfi. Ana amfani da LuaJIT don aiwatar da fayilolin sanyi. Ana ba da plugins na tushen LuaJIT tare da aiwatar da ƙarin zaɓuɓɓuka don dokoki da tsarin rajista;
Injin da zai gano hare-hare an sabunta shi, an sabunta dokoki, An kara ikon ɗaure buffers a cikin ƙa'idodi (tsayayyen buffers). Injin bincike na Hyperscan ya ƙunsa, ba ka damar amfani da sauri da kuma daidaitattun sifofin da aka haifar dangane da maganganun yau da kullun a cikin dokokin ka;
An ƙara sabon yanayin shigarwa don HTTP, la'akari da yanayin zaman da kuma rufe 99% na yanayin da goyan bayan gwajin gwajin HTTP Evader ke tallafawa. Ana kirkirar lambar don tallafawa HTTP / 2.
Aikin zurfin dubawa fakiti ya karu sosai. An kara ikon sarrafa fakiti mai yawa, wanda ke ba da damar aiwatar da zaren dayawa tare tare da masu kula da fakiti da kuma samar da sikeli na layi daya gwargwadon lambar CPU.
An aiwatar da ma'ajiyar kayan sanyi da teburin sifa, wanda aka raba shi a cikin tsarin tsarin daban-daban, wanda ya ba da damar rage yawan amfani da ƙwaƙwalwar ajiya ta hanyar kawar da kwafin bayanai;
Bugu da kari, a nSabon tsarin shiga abubuwan da ke amfani da tsarin JSON kuma cikin sauƙi yana haɗawa tare da dandamali na waje kamar Elastic Stack.
Har ila yau an haskaka miƙa mulki zuwa tsarin gine-gine na zamani, ikon fadada aiki ta hanyar hada-hada da aiwatar da mahimmin tsari a tsarin maye gurbinsu.
A halin yanzu, Snort 3 ya riga ya aiwatar da ɗari-ɗari plugins waɗanda ke rufe fannoni daban-daban na aikace-aikace, misali, ba ku damar ƙara kododinku na kanku, hanyoyin shiga ciki, hanyoyin rajista, ayyuka da zaɓuɓɓuka a cikin ƙa'idodin, ban da gano atomatik. ayyuka masu gudana, kawar da buƙata don tantance takamaiman tashar jiragen ruwa na cibiyar sadarwa masu aiki.
Finalmente idan kanaso ka kara sani game dashi ko gwada wannan beta, zaku iya bincika cikakkun bayanai a cikin bin hanyar haɗi.