[Snort-users] Professionalism

olliecat olliecat at ...1409...
Tue Nov 13 18:34:05 EST 2001

In my experience, the overwhelming reason for disqualifying open source
software has been the lack of a support contract.  If you can't pay to
get somebody on the phone 24x7 then its not a professional grade piece
of software.  That is changing, slowly however.

Typically, before it ever gets to the support question, the software has
already been given the once over by a technician comfortable with the
technology it represents, and its evaluation.  By the time a senior
level person is notified the technician has already customized the
configuration for installation during testing, and likely removed any
'unprofessional' content.  I would expect this kind of procedure to be
fairly common practice.  While it may happen, I just can't see somebody
in the managerial ranks having or taking the time to look through a
configuration file.

Personally, if I was using software that was 'given' to me, especially
the caliber of this and other open source products, knowing the effort
somebody else put into making it happen, I could probably look the other
way when it came to somebody's humour.  One thing that open source might
also be teaching us is how to lighten up and not take things too
seriously :)

Joe Smith wrote:
> Nothing quite like stirring the hornet's nest...
> Based on many of the responses I've received, I get
> the impression my point has been missed and/or I
> didn't state it clearly enough.
> My agenda is simple: make open-source more commonplace
> in the corporate environment.  It's the same goal that
> many in the open source community share, because it's
> the only way to displace the current OS/Application
> monarch, Mr. Bill Gates.  Many in the corporate world
> have a very negative opinion of open source precisely
> because of what I stated earlier regarding the
> unprofessional nature of open source.  They will claim
> that the code is "untrustworthy".  This doesn't mean
> it doesn't work (or can be configured to work).  It
> doesn't mean that the programmers are untrustworthy.
> Once again, it isn't the impropriety that's the
> problem, it's the appearance of impropriety.  The
> negative stigma will stay as long as this sort of
> thing crops up.  Yes, I realize its idiotic for a VP
> to disqualify a product only because of lubrication
> references, but it does happen and it makes my job (ya
> know, intrusion detection and all that fun stuff) that
> much more difficult.
> Yes, its free.  Yes, the classification.config file
> can be sed/grepped to do exactly what you want.  And
> yes, its the best thing out there (its superior to
> every IDS I've tested, commercial or non).  All I'm
> asking is for snort to make an effort to present a
> more professional appearance so that corporate
> acceptance is the default, not the exception.

More information about the Snort-users mailing list