[Snort-users] License change clarification
This is a discussion on [Snort-users] License change clarification within the Snort forums, part of the System Security and Security Related category; I feel it is important to clarify a few issues regarding an email that=20= everyone received earlier today. In ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
03-03-2005
|
|||
|
|||
[Snort-users] License change clarification
I feel it is important to clarify a few issues regarding an email that=20=
everyone received earlier today. In that note, there were certain=20 misrepresentations about an upcoming change in the way Snort rules will=20= be distributed that I would like to clarify. First and foremost: Sourcefire has always been, and will always remain,=20= fully committed to the open source development model of Snort. We=20 remain true to the goals of the Snort project and have contributed=20 numerous enhancements to the technology and we will continue to do so. =20= For example, we just recently added a new portscan detector and a new=20 IP defragmenter that is utterly cutting edge in terms of its=20 capabilities to the project. In addition, the Sourcefire Vulnerability=20= Research Team has dedicated the time and expertise to cleaning up the=20 Snort ruleset, reducing false positives and providing enhanced=20 documentation for all rules. This commitment is not changing. The changes in the way that Snort rules will be distributed revolve=20 around the licensing and distribution of new Sourcefire VRT rules. We=20= dedicate literally millions of dollars a year to staffing the VRT and=20 providing the necessary research feeds and testing equipment to ensure=20= Sourcefire customers and Snort users have the best possible threat=20 coverage. To give you some idea of the effort involved, every time a=20 rule is added to the official Snort rule set we run the entire rule set=20= through a regression test, over 6.8 *million* discrete tests are done=20 across up to 15 test machines to verify the integrity and validity of=20 the rule sets, a process that takes upwards of 4 hours. We also=20 develop custom proof of concept exploits in house against sometimes=20 sparse vulnerability announcements to be able to produce rules prior to=20= exploits becoming generally available in the wild so that our users are=20= prepared. Look at the rules that we developed to detect Sasser for one=20= example of the benefits that that has brought to the user community. =20 That's the level of dedication we have to the integrity and advancement=20= of Snort's rule set to ensure that Snort operates properly and=20 efficiently when new rules are released. With these changes to Snort's rules licensing, Snort users will have=20 the ability to receive these rules in the same timely fashion as=20 Sourcefire customers =AD for a nominal fee to help defray the numerous=20= expenses associated with this type of research and well within the=20 reach of all but the most modest of commercial entities. Additionally,=20= the rules language remains open and accessible to the user community,=20 you are free to continue to contribute to the Snort project as a=20 community member or use your own rules as you see fit. Snort remains, and always will be, free. While we have tried to be=20 upfront with Snort Integrators about these changes and provide them as=20= much lead-time to prepare for the VRT Rules as possible, I'm am=20 disappointed, however, that some people have resorted to sending out=20 disinformation to this mailing list. Finally, in light of the significant investment we make in research and=20= development, Sourcefire intends to take whatever steps are necessary to=20= enforce and protect our intellectual property. We have every reason=20 to believe that the Snort community will continue to abide by the terms=20= of the GPL and will continue to honor our copyrights on the rules. -Marty --=20 Martin Roesch - Founder/CTO, Sourcefire Inc. - +1-410-290-1616 Sourcefire - Discover. Determine. Defend. roesch@sourcefire.com - http://www.sourcefire.com Snort: Open Source Network IDS - http://www.snort.org ------------------------------------------------------- SF email is sponsored by - The IT Product Guide Read honest & candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click _______________________________________________ Snort-users mailing list Snort-users@lists.sourceforge.net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/...fo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.p...st=snort-users 
|
Linear Mode
