suricata-7.0

Major version repo - Suricata 7.0

Suricata IDS/IPS/NSM stable packages
https://suricata.io/
https://oisf.net/

Suricata is a high performance, open source network analysis and threat detection software used by most private and public organizations, and embedded by major vendors to protect their assets.

Open Source and owned by a community run non-profit foundation, the Open Information Security Foundation (OISF). Suricata is developed by the OISF, its supporting vendors and the community.

Full features list -
https://suricata.io/features/all-features/

This Engine supports:

- Multi-Threading - provides for extremely fast and flexible operation on multicore systems.
- Multi Tenancy - Per vlan/Per interface
- Uses Rust for most protocol detection/parsing
- TLS/SSL certificate matching/logging/extraction
- IEEE 802.1ad (QinQ) and IEEE 802.1Q (VLAN) support
- All JSON output/logging capability
- IDS runmode
- IPS runmode
- IDPS runmode
- NSM runmode

High performance packet acquisition modes:
- Netmap
- PF_RING
- AF_PACKET
- AF_XDP
- XDP
- DPDK
- Netfilter

Tunnel decoding:
- Teredo
- IP-IP
- IP6-IP4
- IP4-IP6
- GRE
- VXLAN
- Geneve

Protocol parsers:
Support for packet decoding of
IPv4, IPv6, TCP, UDP, SCTP, ICMPv4, ICMPv6, GRE
Ethernet, PPP, PPPoE, Raw, SLL, VLAN, QINQ, MPLS, ERSPAN, VXLAN, Geneve

App layer decoding of:
HTTP, HTTP2, SSL, TLS, SMB, DCERPC, SMTP, FTP, SSH, DNS, Modbus, ENIP/CIP, DNP3, NFS, NTP, DHCP, TFTP, KRB5, IKEv2, SIP, SNMP, RDP, RFB, MQTT, QUICv1, GQUIC, PostgreSQL, IKEv1, ESP, VN-Tag

- File Extraction HTTP/HTTP2/SMTP/FTP/NFS/SMB - over 4000 file types recognized and extracted from live traffic.
- File MD5/SHA1/SHA256 matching
- JA3/JA3S/HASSH
- Gzip Decompression
- Fast IP Matching
- Datasets matching
- Rustlang enabled protocol detection
- Lua scripting