[Snort-users] Sourcefire Licensing and Bleeding Snort
matt at ...12231...
Fri Mar 4 05:12:35 EST 2005
I wasn't getting email from sourceforge today for some reason, not in a
timely manner at least. I didn't intend to be silent for this
discussion, but Frank expressed my thoughts well, thanks. I'd just like
to add a few thoughts.
All of the admins at Bleeding Snort (which I just realized our initials
are BS, hmm) are flattered that the community is concerned that we stay
as we are. We must be doing it right enough to be doing good. I like that.
What I see as a major threat to a productive outcome regarding the SF
license changes and any possible upcoming cooperative relationship
between "BS" and SF is the rumor mill. I'm committed to keeping the
process transparent to keep everyone in the loop. But jumping to
conclusions and assuming the worst will make that difficult. Devils'
advocate is a position we do need filled, but we need to keep it to the
facts and reality. :)
What we're doing and considering is a consortium that BS and SF and
likely anyone else with something to contribute can join. The premise
would be I hope exactly what BS is now. We may formalize the technical
resources a bit, and maybe move to a Stable and Unstable ruleset kind of
system, but the process will be the same, and continue to move at the
We're talking about it. SF and I pretty much approached eachother with
the same idea at the same time after the licensing changes crept out. SF
is committed to re-engaging (my word) with the snort community, and are
making significant resources available to do so alongside the part of
their efforts that will be subscription based. It looks like they've
struck a fair mix in that regard if it works out as intended.
We're only talking about it. I am very optimistic, but if it isn't right
then we'll not do it. As I mentioned on the site, if we can't work out a
charter for a consortium that maintains BS as it is and allows it to
continue to evolve, then we'll just part ways and remain friends with
SF, and work together as we can. I'm certain the SF guys will respect that.
But if it comes down to it and things get ugly and we start slinging mud
between SF and BS, BS can stand on it's own legal ground and has no
legal threat to fear from SF. We're licensed properly, are using
everything properly, and are giving credit where it's due. There's no
threat implied by SF, and none to be inferred. There are no hostile
takeover ideas that we are fending off, etc. This is a completely
voluntary discussion for mutual benefit.
We have a number of goals to work out in that consortium, one that will
alleviate some fears is that SF the corporation does not get a say in
how BS works, or how it runs. Individual SF employees may have a say as
admins, but no admins would have any greater say in decisions than any
others. It should continue to be governed by committee and popular
opinion. That's worked well to now, and I think will work well in the
future, if we keep the popular opinion based on the facts.
As you all know, if we do something to piss off the users of bleeding
snort, they'll move on to other things and BS will suffocate and die. So
you ultimately have the final say in how we operate by participating in
the project or not, as well as by voicing your concerns now.
But as I mentioned, we do need the devil's advocates, and I'm sure
there'll be a line for the job. :) Speak up, let us know what concerns
you and we'll make sure to address it. But if at the end of the day it
doesn't look good to do something, well then we won't. BS will do just
fine on the track it's on. But I truly believe that SF has the best
intentions for contributing, and will be an invaluable partner to keep
us growing and maturing. Who better to help write sigs than the guys
that wrote the language?
> On Thu, 2005-03-03 at 00:24 -0500, Peter J Manis wrote:
>>I agree. This is sad. Essentially, what is happening here is taking the
>>open out of the opensource.
> Whoooaaa.... hold your horsie... Who says what? You're falling for the
> fear Michael (probably unintentionally) spread, are you? Snort will
> remain open source. So do the Community rules. So do the Bleeding rules.
> No one said anything about Snort going away.
>> First the rules from Sourcefire, and now they
>>are trying to take Bleeding Snort.
> uhm... they are not "taking Bleeding Snort". What we're doing is finding
> a way to combine efforts to give you better rules.
>> I understand if Sourcefire is upset
>>about a few individuals using their rules, but what business do they have
>>attempting to take Bleeding Snort under their control?
> *sigh* They are not.
> You're not working for a company affected by the license change by any
> chance, are you?
> Please, there is no reason for concern. Let's not spread FUD like ...
> well, let's not go there.
Matthew Jonkman, CISSP
Senior Security Engineer
765-429-0398 Direct Anytime
866-679-5177 24x7 NOC
NOTICE: The information contained in this email is confidential
and intended solely for the intended recipient. Any use,
distribution, transmittal or retransmittal of information
contained in this email by persons who are not intended
recipients may be a violation of law and is strictly prohibited.
If you are not the intended recipient, please contact the sender
and delete all copies.
More information about the Snort-users