Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Snort-Users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[Snort-users] [ANNOUNCE] WinPcap 4.1 beta3 has been released

from [Gianluca Varenni] Network Security [Permanent Link]
Subject: [Snort-users] [ANNOUNCE] WinPcap 4.1 beta3 has been released
Date: Thu, 31 Jan 2008 10:13:36 -0800 
As of today, WinPcap 4.1 beta3 is available in the download section of
the WinPcap website, http://www.winpcap.org/install/ . 
  
This new software release includes a couple fixes to the BPF filter 
engine in the kernel, as well as several fixes and additions to the 
BPF compiler for filters on wireless traffic (802.11).
 
Full details can be found in the change log attached at the end of 
this message. 
  
Being a beta release, as usual, we encourage people to test it and 
report any anomaly or strange behavior to the WinPcap mailing lists. 

Gianluca Varenni
WinPcap Team



Changelog from WinPcap 4.1 beta2
================================

- (from libpcap) Make some arguments of some pcap functions const 
  pointers if that makes sense.
  
- (from libpcap) Add some additional checks to bpf_validate(), from 
  OpenBSD.
  
- (from libpcap) Use bpf_validate() in install_bpf_program(), so we 
  validate programs even when they're being processed by userland 
  filters.
  
- (from libpcap) Get rid of BPF_MAXINSNS - we don't have a limit on 
  program size in libpcap/WinPcap.
  
- (from libpcap) Support for the "addr1", "addr2", "addr3", and 
  "addr4" link-layer address filtering keywords for 802.11.
  
- (from libpcap) Support for filtering over 802.11 frame types with 
  the keywords "type" and "subtype".
  
- Bug fixing:
  + Fixed a bug when generating wireless filters in the form "link src
    host ...". The source address was not retrieved properly. 
  + Added some more logic in the installer to account for errors while
    installing the Network Monitor component (NetMon). If NetMon is 
    not available, we install a version of packet.dll that doesn't 
    depend on it. 
  + Fixed two bugs in the original OpenBSD filter validation code, one
    that caused it to reject all filters that used multiply 
    instructions, and another that caused it to reject all filters 
    that used divide instructions. 
  + Fixed a bug in the filter engine in the driver. When the packet to
    filter is split into two buffers, under some circumstances the 
    engine was not checking the right bytes in the packet. 



-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2008.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
_______________________________________________
Snort-users mailing list
Snort-users@lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • [Snort-users] [ANNOUNCE] WinPcap 4.1 beta3 has been released, Gianluca Varenni <=
Previous by Date:  Re: [Snort-users] More questions on Snort/barnyard, sudhakar govindavajhala
Next by Date:  [Snort-users] ArcSight CEF Output Plugin for Barnyard 0.2.0, Colin Grady
Previous by Thread:  [Snort-users] ipv6 header scan using snort, sahil aggrawal
Next by Thread:  [Snort-users] ArcSight CEF Output Plugin for Barnyard 0.2.0, Colin Grady
Indexes:  [Date] [Thread] [Top] [All Lists]