[Snort-users] Professionalism

George D. Nincehelser george at ...2905...
Tue Nov 13 16:43:01 EST 2001


I've seen this happen a few times.

Some of us don't have the luxury of choosing co-workers or customers with
similar mindsets.  If a team member or customer finds something offensive
and complains, upper management takes note, regardless of how silly it may
seem to some.  Then someone finds themselves in an awkward position of
explaining why offensive material was in the workplace, or on a customer's
system.

I may advocate a particular open-source package, but I am often not the
implementor.  I can't guarantee that a particular installation was
sanitized.  If something of a questionable nature comes up, I'm the first
that gets called.  Technical issues are bad enough, but HR issues are
something that I'd rather not deal with.

Yes, I have seen VPs, often non-technical VPs, examining code for alleged HR
violations.

George

----- Original Message -----
From: "Jon Bentley" <jon at ...1741...>
To: "Joe Smith" <shadowm4n at ...131...>; <snort-users at lists.sourceforge.net>
Sent: Tuesday, November 13, 2001 4:52 PM
Subject: Re: [Snort-users] Professionalism


> Quick question:
>
> When's the last time one of your VP's went trolling through
> the code?
>
> ----- Original Message -----
> From: "Joe Smith" <shadowm4n at ...131...>
> To: <snort-users at lists.sourceforge.net>
> Sent: Tuesday, November 13, 2001 5:39 PM
> Subject: Re: [Snort-users] Professionalism
>
>
> > Nothing quite like stirring the hornet's nest...
> >
> > Based on many of the responses I've received, I get
> > the impression my point has been missed and/or I
> > didn't state it clearly enough.
> >
> > My agenda is simple: make open-source more commonplace
> > in the corporate environment.  It's the same goal that
> > many in the open source community share, because it's
> > the only way to displace the current OS/Application
> > monarch, Mr. Bill Gates.  Many in the corporate world
> > have a very negative opinion of open source precisely
> > because of what I stated earlier regarding the
> > unprofessional nature of open source.  They will claim
> > that the code is "untrustworthy".  This doesn't mean
> > it doesn't work (or can be configured to work).  It
> > doesn't mean that the programmers are untrustworthy.
> > Once again, it isn't the impropriety that's the
> > problem, it's the appearance of impropriety.  The
> > negative stigma will stay as long as this sort of
> > thing crops up.  Yes, I realize its idiotic for a VP
> > to disqualify a product only because of lubrication
> > references, but it does happen and it makes my job (ya
> > know, intrusion detection and all that fun stuff) that
> > much more difficult.
> >
> > Yes, its free.  Yes, the classification.config file
> > can be sed/grepped to do exactly what you want.  And
> > yes, its the best thing out there (its superior to
> > every IDS I've tested, commercial or non).  All I'm
> > asking is for snort to make an effort to present a
> > more professional appearance so that corporate
> > acceptance is the default, not the exception.
> >
> > Mike
> > --- Gordon Ewasiuk <gewasiuk at ...3392...> wrote:
> > > On Today, Phil Wood wrote:
> > >
> > > >Date: Tue, 13 Nov 2001 13:08:47 -0700
> > > >From: Phil Wood <cpw at ...440...>
> > > >To: Joe Smith <shadowm4n at ...131...>
> > > >Cc: snort-users at lists.sourceforge.net
> > > >Subject: Re: [Snort-users] Professionalism
> > > >
> > > >On Tue, Nov 13, 2001 at 09:54:31AM -0800, Joe Smith
> > > wrote:
> > > >> To the administrators of SNORT,
> > > >>
> > > >> An excerpt from "classification.config" from the
> > > most
> > > >> recent snort rules download.
> > > >
> > > >One thing that has not been over stated since the
> > > inception of
> > > >the "classification.config" file is the following:
> > > >
> > > >  As a snort administrator/installer you should
> > > edit classification.config
> > > >  to suit the policies of your organization.  At
> > > the same time, you should
> > > >  review the rules which you are including in your
> > > snort.conf file for
> > > >  appropriateness, and to verify their
> > > classification in relation to the
> > > >  changes you made to the classification.config
> > > file.  You should not use
> > > >  either the classification.config or rules out of
> > > the box.  To do so,
> > > >  is a dereliction of duty.
> > >
> > > Damn.  People get a commerical-grade IDS FOR FREE
> > > and are bitching about a
> > > simple pr0n rule?  Whoa.  WTF?  Hellooooo.  If you
> > > are that "offended" by
> > > SNORT, don't use it.  Go out and pay tens of
> > > thousands of dollars for
> > > some crap from McAfee, Cisco, or whoever.
> > >
> > > If not, and you enjoy the many, many features and
> > > benefits offered by
> > > SNORT, *FOR FREE*, then edit the rule and go about
> > > your business.
> > >
> > > -Gordo
> > >
> > > --------------------------------------------------
> > > Gordon Ewasiuk, Certifed Sun Fanatic,  Winstar VHC
> > > The REAL office number is here----->  703.893.4901
> > >
> > > Read the story about the #1 Unix Platform
> > > http://www.sun.com/software/cover/2001-1106
> > > -------------------------------------------------
> > >
> > >
> > > _______________________________________________
> > > Snort-users mailing list
> > > Snort-users at lists.sourceforge.net
> > > Go to this URL to change user options or
> > > unsubscribe:
> > >
> > https://lists.sourceforge.net/lists/listinfo/snort-users
> > > Snort-users list archive:
> > >
> > http://www.geocrawler.com/redir-sf.php3?list=snort-users
> >
> >
> > __________________________________________________
> > Do You Yahoo!?
> > Find the one for you at Yahoo! Personals
> > http://personals.yahoo.com
> >
> > _______________________________________________
> > Snort-users mailing list
> > Snort-users at lists.sourceforge.net
> > Go to this URL to change user options or unsubscribe:
> > https://lists.sourceforge.net/lists/listinfo/snort-users
> > Snort-users list archive:
> > http://www.geocrawler.com/redir-sf.php3?list=snort-users
> >
>
>
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users
>





More information about the Snort-users mailing list