[Snort-users] Sourcefire Tactics - New Licensing

Peter J Manis pmanis at ...5068...
Wed Mar 2 21:25:49 EST 2005


I agree.  This is sad.  Essentially, what is happening here is taking the 
open out of the opensource.  First the rules from Sourcefire, and now they 
are trying to take Bleeding Snort.  I understand if Sourcefire is upset 
about a few individuals using their rules, but what business do they have 
attempting to take Bleeding Snort under their control?  This is clearly a 
coorporation hoax to monopolize the development of Snort rules, first by 
licensing the Sourcefire rules, and now trying to get Bleeding Snort to 
abide by their licenses!  Next will be Snort itself!  The end result will be 
the destruction of Snort in the opensource community.  And I totally agree 
with the fact that if not for the opensource community Snort or Sourcefire 
would not be what it is today and to put any kind of a license on it is 
contradictory to its pricipal founding.  This is at least my opinion of the 
situation.

Peter

----- Original Message ----- 
From: "Michael Steele" <michaels at ...9077...>
To: "'Snort Users Postings'" <snort-users at lists.sourceforge.net>
Sent: Wednesday, March 02, 2005 7:05 PM
Subject: RE: [Snort-users] Demarc Certified Open Signatures


> Remember this one thing; If not for the dedication of pre-Sourcefire
> contributions from others, Snort would not be where it is today, and this
> goes for Sourcefire.
>
> This is only the beginning. Does it seem inconceivable that in the future
> Snort builds might be treated the same as the rules are. If it's OK to do
> this with the rules, then where does it stop...
>
> Kindest regards,
> Michael...
>
> WINSNORT.com Management Team Member
> -- 
> Pick up your FREE Windows or UNIX Snort installation guides
> mailto:support at ...9077...
> Website: http://www.winsnort.com
> Snort: Open Source Network IDS - http://www.snort.org
>
>
>> -----Original Message-----
>> From: snort-users-admin at lists.sourceforge.net [mailto:snort-users-
>> admin at lists.sourceforge.net] On Behalf Of Bob Konigsberg
>> Sent: Wednesday, March 02, 2005 2:31 PM
>> To: 'Bamm Visscher'; 'Demarc Security'
>> Cc: snort-users at lists.sourceforge.net
>> Subject: RE: [Snort-users] Demarc Certified Open Signatures
>>
>> I don't think that's the key point here.  This has already happened with
>> Nessus and Snort - that is, people are making money off of their open
>> source
>> work, and not giving credit OR cash back to the developers.
>>
>> It's kind of sad where a few folks spoil it, but both organizations are
>> trying hard to stick to their roots - while getting what's due them.
>>
>> Bob
>>
>> -----Original Message-----
>> From: snort-users-admin at lists.sourceforge.net
>> [mailto:snort-users-admin at lists.sourceforge.net] On Behalf Of Bamm
>> Visscher
>> Sent: Wednesday, March 02, 2005 2:19 PM
>> To: Demarc Security
>> Cc: snort-users at lists.sourceforge.net
>> Subject: Re: [Snort-users] Demarc Certified Open Signatures
>>
>> Shouldn't a reputable company, who is supposedly committed to the
>> opensource
>> community ensure that the copyright notices for the rules files stay
>> intact?
>>
>> Bammkkkk
>>
>> On Wed, 2 Mar 2005 10:09:11 -0800 (PST), Demarc Security
>> <snort_ml at ...2629...> wrote:
>> >
>> >
>> > Since our inception in 2001, Demarc has been committed to promoting
>> > secure Internet use by providing free versions of our products for 
>> > users
>> at home.
>> > We believe that because we use Open Source technology such as Linux
>> > and Snort, that we should give back to the security community as a
>> > whole.  We have continued to fulfill this commitment, most recently
>> > with the release of our Sentarus HomeAdmin Edition, which allows
>> > people to deploy some of our latest security technology in their home
>> lab
>> environments at no cost.
>> >
>> > In addition to our Sentarus and PureSecure products, our customers
>> > have also benefited from the expertise of our Threat Research Team
>> > which has, to date, been tasked with verifying rule stream updates and
>> > educating customers on the detailed workings of Snort technology. In
>> > light of some upcoming changes, we're now expanding our research team
>> > and formally announcing our new "Certified Open Signatures" program.
>> > Our Certified Open Signatures program, which will be universally
>> > available to the entire community, is founded on these two principles:
>> >
>> >     1)  Like the Snort program itself, the latest rule signatures 
>> > should
>> >         always be available for free because strong computer and 
>> > network
>> >         security are in everyone's best interests.
>> >
>> >     2)  The best way for a company to serve a community project is to
>> >         remain true to the original goals of that project and refrain
>> >         from charging for vital components that have always been
>> >         community-driven and free.
>> >
>> > We make this announcement now, as we have recently received notice
>> > from Sourcefire that, as of next week, early access to all future
>> > Snort signatures they create will be based on a subscription model.
>> >
>> > The Sourcefire license changes as they were presented to us are:
>> >
>> >     - All rule updates will be a minimum of five days older than those
>> >       Sourcefire sells to their customers, and you will be required to
>> >       register to receive them or to wait for the next major Snort
>> >       release.
>> >
>> >    -  To receive the latest rules any sooner, you will have to pay
>> >       Sourcefire a rule subscription fee.
>> >
>> > We sincerely respect the efforts of the Sourcefire Snort development
>> > group along with the numerous others who created the base technology
>> > and rulesets that have made Snort a household name in the security
>> > community.  However, one of the greatest benefits of using Snort is
>> > the community review process which will now be subject to an imposed
>> arbitrary delay.
>> >
>> > At Demarc, our commitment to the security community is simple:
>> >
>> >    -  Demarc will maintain http://snort.demarc.com/ as a community
>> portal
>> >       for Snort signatures and Snort-based technology.  (This site is
>> >       meant to augment and not replace snort.org or the snort-sigs
>> >       mailing list.)
>> >
>> >    -  Demarc will produce and revise rules, as well as collaborate with
>> >       active groups to bring together the best rules from all community
>> >       sources.  User sites such as Bleeding Snort have been at the
>> >       forefront of new signature development and we view these groups'
>> >       contributions as invaluable.  Our goal is to work with these
>> >       groups and to serve as the trusted source for certified,
>> >       production level rulesets.
>> >
>> >    -  Demarc's Threat Research Team will continue to provide the latest
>> >       cutting-edge and Demarc Certified rules, making them immediately
>> >       available for public download and contribution.
>> >
>> >    -  Demarc will not charge for the download, use, or modification of
>> >       rules hosted on this site.
>> >
>> > Our community portal at http://snort.demarc.com/ will continually
>> > evolve over the next several weeks to offer more features, including
>> > direct user interaction. Our community portal will also become the new
>> > home for the SPADE statistical packet anomaly detection project and
>> > SnortSnarf, two projects originally managed by SiliconDefense and
>> subsequently transferred to Demarc.
>> >
>> > We welcome your support on these projects through signature review and
>> > submissions, and, as with all community projects, your feedback is
>> > always welcome to help make it better.
>> >
>> > Sincerely,
>> >
>> > Ashlyn Reznik
>> > Demarc Threat Research Team
>> > Email: areznik at ...4451...
>> > http://www.demarc.com/products/
>> >
>>
>>
>> --
>> sguil - The Analyst Console for NSM
>> http://sguil.sf.net
>>
>>
>> -------------------------------------------------------
>> SF email is sponsored by - The IT Product Guide
>> Read honest & candid reviews on hundreds of IT Products from real users.
>> Discover which products truly live up to the hype. Start reading now.
>> http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click
>> _______________________________________________
>> Snort-users mailing list
>> Snort-users at lists.sourceforge.net
>> Go to this URL to change user options or unsubscribe:
>> https://lists.sourceforge.net/lists/listinfo/snort-users
>> Snort-users list archive:
>> http://www.geocrawler.com/redir-sf.php3?list=snort-users
>>
>>
>>
>>
>>
>> -------------------------------------------------------
>> SF email is sponsored by - The IT Product Guide
>> Read honest & candid reviews on hundreds of IT Products from real users.
>> Discover which products truly live up to the hype. Start reading now.
>> http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click
>> _______________________________________________
>> Snort-users mailing list
>> Snort-users at lists.sourceforge.net
>> Go to this URL to change user options or unsubscribe:
>> https://lists.sourceforge.net/lists/listinfo/snort-users
>> Snort-users list archive:
>> http://www.geocrawler.com/redir-sf.php3?list=snort-users
>
>
>
>
>
>
>
> -------------------------------------------------------
> SF email is sponsored by - The IT Product Guide
> Read honest & candid reviews on hundreds of IT Products from real users.
> Discover which products truly live up to the hype. Start reading now.
> http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users 





More information about the Snort-users mailing list