[Snort-sigs] Re:Did anyone else notice...?

counter.spy at ...52... counter.spy at ...52...
Mon Jun 17 00:27:03 EDT 2002


I have a completely different question regarding trons:
Snort is an opensource IDS. What about the sigs?
Aren't they under GPL as well? What about reusing data formats 
of opensource systems for commercial use.
Shouldn't all derived software and all software that uses parts
of an opensource software, be it sourcecode or dataformats,
have to become opensource, too?

I am just curious, I don't want to set the dogs on, even if I
don't like the way ISS praises the TRONS feature.
A SR who visited us had a grin on his face which was meant to look 
clever when he told us:
"Not that snort is a competitor we would fear, matter-of-factly we
are actually profiting on snort."

Another thing is that since TRONS is officially out, the link to the TRONS
FAQ on robertgrahams site has vanished. However still seems to be active, I
was able to find
it in google. Strange, isn't it. Even more since the FAQ was much more
down-to-earth than the sales song and dance. The CTO himself told that the
TRONS
feature compares
poorly to snort, provides by no means a full integration of snortrules into
BlackICE and
would be easily evaded by fragroute and other tools.
Since TRONS is out officially I have read no new facts 'bout this feature.
Anybody knowing facts about the current TRONS?

Curious,
Detmar


>Message: 3
>Subject: Re: [Snort-sigs] Did anyone else notice...?
>To: Jim Becher <jim at ...632...>
>Date: Fri, 14 Jun 2002 18:15:21 -0400 (EDT)
>CC: snort-sigs at lists.sourceforge.net
>From: Michael Scheidell <scheidell at ...249...>
>
>Interesting.. they bash snort, and a year later say 'we are better because
>we can use snort sigs'..
>
>'http://bvlive01.iss.net/issEn/delivery/prdetail.jsp?type=&oid=19302'
>
>Standard User Defined Signatures . In addition to its advanced analysis
>engine,... now has the ability to import most of
>the published rules from Snort, an open-source intrusion detection system.
>Users can now take advantage of Internet Security Systems. X-Press
>Updates. and publicly posted open-source rules. This new feature also
>enables companies to leverage their experience with unsupported
>network-based intrusion detection systems and upgrade to a commercially
>available, fully supported family of protection products without new
>training for signature updates. 
>




-- 
GMX - Die Kommunikationsplattform im Internet.
http://www.gmx.net



-- 
GMX - Die Kommunikationsplattform im Internet.
http://www.gmx.net



-- 
GMX - Die Kommunikationsplattform im Internet.
http://www.gmx.net





More information about the Snort-sigs mailing list