[Snort-sigs] Belated New Years Gushing

Matt Jonkman matt at ...2436...
Fri Jan 14 19:33:12 EST 2005

We've all had an interesting year with the Bleeding Snort Project, and a 
hectic New Years season. So these thoughts are late but no less sincere.

I know I speak for all of the volunteer admins of the Bleeding Snort 
Project when I say that we're honored to be the group that so many of 
you trust to maintain these rules, and the place where you feel 
confident in submitting your rules and ideas. The rulesets we have all 
put together are very useful and incredibly innovative. The collective 
intelligence of everyone in this community is what Bleeding Snort 
reflects, thank you for your contribution. We've gone from a couple 
hundred hits a day last April to over 20k downloads of the rules every 
day from about 83 countries.I think we have over 250 individuals that 
have submitted rules directly, and countless other tweakers and idea 
pitchers.  The fact that this many folks and organizations trust and 
participate in these rulesets is awe inspiring, we value your trust.

As an MSSP myself I've answered the question a number of times in 
presentations and speaking engagements, "Aren't you afraid your 
competition will use the rules you're helping to put together to compete 
with you?"  I answer the same way every time; My firm laid out just a 
couple of ideas we'd been using ourselves and a website, but we've 
gotten back 1000 times what we put in, and even had the rules that we 
put out improved, if we've helped our competition they've repaid that 
many times over with help of their own.

Security has to be a collective effort, that's the only way it works 
well. There's no doubt that the project has benefited my firm, and many 
other MSSP's around the world, as well as a large number of companies 
protecting themselves and government agencies around the world 
protecting us all. It's like trying to explain why people spend their 
free time to build open source software. It benefits them in so many 
ways, too many to explain. You just have to be part of it to get it.

So to summarize, I'd like to thank you all for what you've submitted to 
the Bleeding Snort project over the last 10 months, for the constructive 
criticism, for the new ideas, and for your support. Please keep it 
coming and we'll all enjoy the benefits. Every little tidbit you 
contribute is repaid 1000 times over. This project is definitely here 
for the long term, hopefully long after all of us have moved on.

The Bleeding Snort Admins

BTW, looking at the web stats for the site: Browser stats are 
interesting. We have about 40% mozilla/firefox, 25% IE, and about 20% 
Wget. We definitely have a majority of security folks hitting the site. :)

More information about the Snort-sigs mailing list