[Snort-users] Re: [Snort-sigs] Rules licensing changes

Sam Evans wintrmte at ...11827...
Wed Mar 2 11:55:07 EST 2005


Will the subscription service for VRT rules for end users also contain
some sort of support?  I.e., if a rule is detecting false positives
will we (end users) have to figure it out, or will the Sourcefire team
do it?


On Wed, 2 Mar 2005 14:09:05 -0500, Martin Roesch <roesch at ...1935...> wrote:
> Hi everyone,
> Over the past four years, Sourcefire has contributed increasing
> resources to advancing the Snort technology. That commitment has
> resulted in advances such as gigabit performance capability, the
> integration of the snort_inline technology the current and future
> generations of IP defragmentation and TCP stream reassembly
> functionality, protocol anomaly detectors and normalization, portscan
> detection, the unified output subsystem, reams of documentation and two
> complete code audits. In addition, we have built the Sourcefire
> Vulnerability Research Team and dedicated significant resources to
> improving the quality, accuracy and timeliness of Snort rules.
> Recently, we have become increasing aware of companies who are
> commercially redistributing rules written by the Sourcefire VRT without
> contributing to the considerable resources required to develop high
> quality rules in such a timely fashion.
> In order to enable us to continue supporting the open source model and
> dedicate these various resources to ensuring users have access to the
> best possible detection capabilities, we will begin distributing new
> "Sourcefire VRT Certified Rules" under a new license that restricts
> commercial redistribution. For developers building open source
> applications using Snort rules or Snort end users in general, the
> change in the licensing policy has no effect. The changes in the
> license apply specifically to organizations that are commercially
> redistributing the rules for either a product or a service offering.
> Moving forward we are also pleased to announce that we will be
> increasing our involvement in not only the Snort technology but the
> community as well. We will continue to dedicate our research,
> development and QA resources to ensuring that Snort remains the de
> facto standard in intrusion detection and prevention technology. To
> start, beginning March 7th we will be offering a subscription for our
> VRT Certified Rules that allows end users to receive new VRT Certified
> Rule updates 5 days faster – the same time as our customers receive
> them. In addition, we will be launching a new web site with features
> such as users forums and community rule management. Over the next few
> months we will be continuing to update the snort.org web site to
> include new features and enhanced functionality such as updated
> documentation, increased support for user groups, tutorials and easier
> communication from the Sourcefire team.
> If you have any questions or suggestions for how Sourcefire can better
> support the Snort community please contact us at
> snort-feedback at ...1935... or by emailing me directly.
>      -Marty
> --
> Martin Roesch - Founder/CTO, Sourcefire Inc. - +1-410-290-1616
> Sourcefire - Discover.  Determine.  Defend.
> roesch at ...1935... - http://www.sourcefire.com
> Snort: Open Source Network IDS - http://www.snort.org
> -------------------------------------------------------
> SF email is sponsored by - The IT Product Guide
> Read honest & candid reviews on hundreds of IT Products from real users.
> Discover which products truly live up to the hype. Start reading now.
> http://ads.osdn.com/?ad_ide95&alloc_id396&opclick
> _______________________________________________
> Snort-sigs mailing list
> Snort-sigs at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/snort-sigs

More information about the Snort-users mailing list