[Snort-users] Re: [Snort-devel] RFC: Forking Snort

james james at ...6234...
Wed Jul 3 17:12:09 EDT 2002

Ryan Russell wrote:
> On Tue, 2 Jul 2002, Jed Pickel wrote:
> > Few would disagree that Snort has successfully become a "killer app".
> > The challenge Snort now faces is how to avoid becoming a victim of its
> > own success. Apache is an example of open source code that has
> > successfully bridged the gap from killer app to significant piece of
> > Internet Infrastructure. This success can be attributed to governing and
> > regulating Apaches growth through a consortium.
> Is there any evidence that Apache's success is a result of there being a
> consortium?  I mean that seriously.. I don't know all that much about the
> project and how it is run.

Forking snort:

-1 :)

(apache members vote on new ideas/patches via email with -1, 0 +1)

The Apache group was formed because there were multiple programmers
with multiple patches and were desperate for an updated webserver.
They werent't thinking, "Let's strike a committee and build a
piece of Internet Infrastructure."

For a fork to succeed, there has to be code contribution by
programmer(s). Otherwise nobody will use the new fork.

I'm a working programmer. In general, when I look at code for
many security tools, plugins especially, I wince because it does suck.
A lot of the contributors are enthusiastic non-programmers, so
no big surprise there. (Hint: if you're gonna write a perl program,
enable use strict; and -w, or don't bother making it public.)

And as far as Sourcefire making money, more power to them.

I would worry more about the influence of Sourcefire investors if
Sourcefire doesn't make money, because investors in a down round
are way demanding. But hey, the code is still GPL.

Later, James.

More information about the Snort-users mailing list