Snort is a network intrusion detection and prevention system. It is the most widely deployed technology of its kind in the world. It performs detection using a variety of methods including rules-based detection, anomaly detection, and heuristic analysis of network traffic. Its rules language is open source and available to the public as well.
License: GNU General Public License (GPL)
Changes:
A problem was fixed with the target based/attribute table and false positives for rules that don't have service metadata. The target based/attribute table's compatability with older versions of bison was fixed and it no longer exits when exceeding the configured limit on attribute table reload. Stream5 was updated to better handle out-of-sequence server responses that contain data when not doing server-side reassembly. Configurable limits were added on the amount of data queued for a single connection.
More...