[Snort-users] Demarc Certified Open Signatures
bamm.visscher at ...11827...
Wed Mar 2 14:19:55 EST 2005
Shouldn't a reputable company, who is supposedly committed to the
opensource community ensure that the copyright notices for the rules
files stay intact?
On Wed, 2 Mar 2005 10:09:11 -0800 (PST), Demarc Security
<snort_ml at ...2629...> wrote:
> Since our inception in 2001, Demarc has been committed to promoting secure
> Internet use by providing free versions of our products for users at home.
> We believe that because we use Open Source technology such as Linux and Snort,
> that we should give back to the security community as a whole. We have
> continued to fulfill this commitment, most recently with the release of our
> Sentarus HomeAdmin Edition, which allows people to deploy some of our latest
> security technology in their home lab environments at no cost.
> In addition to our Sentarus and PureSecure products, our customers have also
> benefited from the expertise of our Threat Research Team which has, to date,
> been tasked with verifying rule stream updates and educating customers on the
> detailed workings of Snort technology. In light of some upcoming changes,
> we're now expanding our research team and formally announcing our new
> "Certified Open Signatures" program. Our Certified Open Signatures program,
> which will be universally available to the entire community, is founded on
> these two principles:
> 1) Like the Snort program itself, the latest rule signatures should
> always be available for free because strong computer and network
> security are in everyone's best interests.
> 2) The best way for a company to serve a community project is to
> remain true to the original goals of that project and refrain
> from charging for vital components that have always been
> community-driven and free.
> We make this announcement now, as we have recently received notice from
> Sourcefire that, as of next week, early access to all future Snort signatures
> they create will be based on a subscription model.
> The Sourcefire license changes as they were presented to us are:
> - All rule updates will be a minimum of five days older than those
> Sourcefire sells to their customers, and you will be required to
> register to receive them or to wait for the next major Snort
> - To receive the latest rules any sooner, you will have to pay
> Sourcefire a rule subscription fee.
> We sincerely respect the efforts of the Sourcefire Snort development group
> along with the numerous others who created the base technology and rulesets
> that have made Snort a household name in the security community. However, one
> of the greatest benefits of using Snort is the community review process which
> will now be subject to an imposed arbitrary delay.
> At Demarc, our commitment to the security community is simple:
> - Demarc will maintain http://snort.demarc.com/ as a community portal
> for Snort signatures and Snort-based technology. (This site is
> meant to augment and not replace snort.org or the snort-sigs
> mailing list.)
> - Demarc will produce and revise rules, as well as collaborate with
> active groups to bring together the best rules from all community
> sources. User sites such as Bleeding Snort have been at the
> forefront of new signature development and we view these groups'
> contributions as invaluable. Our goal is to work with these
> groups and to serve as the trusted source for certified,
> production level rulesets.
> - Demarc's Threat Research Team will continue to provide the latest
> cutting-edge and Demarc Certified rules, making them immediately
> available for public download and contribution.
> - Demarc will not charge for the download, use, or modification of
> rules hosted on this site.
> Our community portal at http://snort.demarc.com/ will continually evolve over
> the next several weeks to offer more features, including direct user
> interaction. Our community portal will also become the new home for the SPADE
> statistical packet anomaly detection project and SnortSnarf, two projects
> originally managed by SiliconDefense and subsequently transferred to Demarc.
> We welcome your support on these projects through signature review and
> submissions, and, as with all community projects, your feedback is always
> welcome to help make it better.
> Ashlyn Reznik
> Demarc Threat Research Team
> Email: areznik at ...4451...
sguil - The Analyst Console for NSM
More information about the Snort-users