[Snort-users] Snort getting RNA-like overhaul?

Sam sam at ...5202...
Mon May 24 08:06:11 EDT 2004


Wow, this sounds really promising.  I'm curious though, if they take snort
down this road, what will the market be for Sourcefire?  It seems like
they would want to keep this for their commercial product, imho.

-Sam


Keith W. McCammon said:
> [Apologies if this is too "general discussion" for anyone's
> taste--please respond off-list if you don't care to muddy everyone's
> inbox with replies.]
>
> I caught a headline on ZDNet this morning related to Marty's AusCERT
> seminar.  Bottom line: Marty made some mention of a potential overhaul
> of the Snort engine to support more RNA-like activities (basically
> taking Snort from the more traditional IDS space into the general
> policy-enforcement arena).
>
> The article:
> <http://www.zdnet.com.au/news/security/0,2000061744,39148508,00.htm>
>
> DC SUG post from this AM:
> <http://tinyurl.com/2v9xp>
>
> Anyway, I was just curious what type of attention this has been getting
> within the more active Snort development and planning circles.  I know
> it's been discussed within Sourcefire, as well as on this list (in a
> more general sense), but I wasn't sure if anything was on paper.  I know
> it's a lot of work, so I'm specifically curious how Snort's existing
> framework would map simultaneously to policy-based specs as well as the
> traditional rules and inspection engine.
>
> Again, more personal interest than anything else, so any comments,
> thoughts, detailed road map documentation welcome...
>
> Cheers
>
> Keith
>
>
> -------------------------------------------------------
> This SF.Net email is sponsored by: Oracle 10g
> Get certified on the hottest thing ever to hit the market... Oracle 10g.
> Take an Oracle 10g class now, and we'll give you the exam FREE.
> http://ads.osdn.com/?ad_id=3149&alloc_id=8166&op=click
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users
>





More information about the Snort-users mailing list