[Snort-users] Snort 1.9 vs 2.0

Hervé Debar herve.debar at ...7137...
Fri Oct 11 10:23:07 EDT 2002


Martin Roesch wrote:
> No, let me explain.  Snort 1.9.0 was released last week.  The merge that 
> we did last night is the basis of the Snort 2.0 development branch, 
> basically Snort with several extensions that were developed at 
> Sourcefire to enable us to hit gigabit speeds.  The Sourcefire 
> extensions are open source and available under the GPL, just like the 
> rest of Snort.  The only difference is that we spent several hundred 
> thousand dollars on salaries, equipment and hard core research to bring 
> this update to you instead of having me try to write it in my spare 
> time. :)
> 
> The Snort 2.0-dev branch is the CVS HEAD now, the Sourcefire mods have 
> been released into the open source domain as part of our "ethical 
> contract" with the Open Source community to bring the best of commercial 
> development contributions (money, test equipment, people who get paid to 
> work on this stuff) with the best of the open source contributions (huge 
> QA team, tight feedback between developers and users, continuous 
> improvement of codebase).
> 
> I hope you guys will enjoy this monumental leap in performance that 
> we've just contributed and that we can all continue to have fun and  
> make Snort the best IDS possible!

So IIUC, snort-devel on snort.org is snort 2.0 on sourcefire, right ?

Am I right in assuming that the rule writing is also changing ?

Thanks,

Hervé
-- 
Hervé Debar                <mailto:herve.debar at ...7137...>
Tel: +33 (0)2 31 75 92 61               GSM: +33 (0)6 74 09 09 66
France Télécom R&D                      Fax: +33 (0)2 31 75 93 13
42 rue des Coutures  (-/-)  BP 6243  (-/-)   F-14066 Caen Cedex 4





More information about the Snort-users mailing list