[Snort-users] RE: Installing SNORT 1.8.3 on win2k server

Andrew R. Baker andrewb at ...950...
Wed Mar 13 13:58:50 EST 2002

Stuart Staniford wrote:

 > Firstly, I'd like to say that I appreciate tremendously the years of
 > volunteer effort you have put into Snort in the past.  No-one would
 > question the massive contribution you have made in starting and
 > sustaining Snort, and the Snort community.  You were public spirited
 > in the extreme.  We at Silicon Defense are deeply grateful for what
 > you pioneered.

Appreciate his effort?  Obviously you fail to understand that Marty *is*
Snort.  The way you state things you make it appear that he just created
the original code and has just sat back and let the rest of the
community improve and expand it.  Nothing could be further from the
truth.  Marty is the backbone of the Snort developer's community.  While
he has accepted other people as core developers and has delegated
certain tasks such as maintaining the rules set and the official
documentation, he is still very much in charge.  He is responsible for
most of the major design work and writes much of the new code himself.
You should be deeply grateful not only for what he pioneered, but also
for the continued contributions that he makes to the project.

 > For a number of years now, we have been glad to help and support you
 > and other members of the community by releasing free software to help
 > use Snort, producing components for Snort, working on algorithmic
 > improvements to make it faster, and helping users with their queries
 > on the list.  Our company has been built around Snort from when it was
 > tiny, and it continues to be so today.  In working with an Open Source
 > product, we recognize our obligation to try to be of benefit to the
 > community, and to contribute to it as best we can given the
 > circumstances we find ourselves in.  We intend to continue to offer
 > help to the community in the same ways we have done in the past.

While I do agree that in the past Silicon Defense has contributed free
software and enhancements to the snort community, it appears that this
has all but ceased since the announcement of a commercial snort
offering.  Thus, i question that you still wish to benefit the snort
users community in this way.

As the primary developer for the Barnyard project, I was intrigued when
your engineers openly claimed to be using Barnyard on your sensors.
Especially since I have never received any feedback from anyone at
Silicon Defense about the project.  However, I was shocked when told
that your sensors are using a highly modified version of Barnyard.
Since barnyard WAS released under the GPL, at least up to beta4, it is
legal for you redistribute a modified version to your customers as long
as it is still covered under the GPL.  However, to do this and to not
provide any feedback at all into the Snort user community, whether as
bug reports or patches, tells me that your concern for the well being of
the Snort community has all but withered and died.  Since your engineers
have admitted to this activity with one of the Snort related projects,
is it possible you are doing the same thing with Snort itself?  Is this 
how Silicon Defense is going to continue to "help the community"?  By 
creating private modifications to the open source code and only 
distributing them to paying customers?

For those people that are following Barnyard developements and have
noticed that, since the beta4 release available on the web site,
Barnyard's License is "under review".  This is the primary cause.  While
I want Barnyard to remain free for everyone (including corporate
entities that wish to redistribute it), the fact that the GPL allows for
commercial redistribution *without* the requirement of giving back to
the community has prompted me to select another license that adds this
requirement.  This will prevent any company, Sourcefire included, from
distributing a modified version without giving back the changes to the
Snort community.


More information about the Snort-users mailing list