Peter J Manis
pmanis at ...5068...
Mon Mar 7 18:12:21 EST 2005
I think you misinterpreted Marty's email. Sourcefire doesnt allow you to
bundle VRT rules in a commercial product no matter if you have a
subscription or not, at least thats what the license says. You can bundle
the bleeding snort and communtiy rules only, which are free anyway; no
subscription needed. I was gonna get a subscription to the VRT rules, but
man, did you see the prices? $200/month, $500/quarter, or $1800/year is
pretty steep for an individual. What hurts for firms that rely on snort but
cant afford to pay for this subsciption (nonprofits or anybody) are the
possible legal implications. Technically, now if you are using snort and
don't pay for the early updates and your machines get compromised and cause
damage to someone else, you can technically by sued by the damaged party for
not doing all you could have done to protect your machines (purchase the
updates). This will provide Sourcefire with a pretty nice income stream, if
people actually purchase the subscriptions. Realize that the subscirption
has nothing to do with the license. Whether or not you pay for the
subscription, the license stands. The reason for the subscription is for
revenues, not to prohibit anyone from bundling the rules with their
----- Original Message -----
From: "Matt Kettler" <mkettler at ...4108...>
To: "Rowland, Krisa W ERDC-ITL-MS Contractor"
<Krisa.W.Rowland at ...3768...>; <snort-users at lists.sourceforge.net>
Sent: Monday, March 07, 2005 8:03 PM
Subject: Re: [Snort-users] Licensing
At 06:07 PM 3/7/2005, Rowland, Krisa W ERDC-ITL-MS Contractor wrote:
>Ok. I know I haven't read all the hoopla and complaining about this new
>licensing - but this means that if we want the VRT rules we have to pay?
>Sorry for being slow.
Only if you want them as fast as the normal Sourcefire customers get them,
or if you want to rebundle them in a commercial product.
See Marty's post with Message ID:
45cfecfcfb7c474d58e180f5d9344bcd at ...1935...
AFAIK the VRT rules have always been available to SF customers before the
OSS side gets them. Fresher updates from VRT has been a selling point of SF
boxes for years. Now you can opt to subscribe to the faster updates for a
fee without having to buy a SF box.. Sounds good to me.
As for the rebundlers, well, I'd hate to compete with someone who's simply
sponging all my resources for free... They're also still free to use all
the snort code, even SF's contributions to the snort code, and the
community/bleeding rules in their commercial products.
I think they're being quite reasonable, as the changes only apply to the
VRT rules. I'm pleased they're willing to give us their VRT rules for free
Of course, if they ever did anything as unlikely as to try to subvert the
code, I'd show up on their doorstep to deliver a letter berating them for
the act, but I doubt Marty and co. will ever do such a thing. SF may not be
perfect people, but they seem to be Good People, and their continued
contributions to a free Snort are solid evidence of that.
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
Snort-users mailing list
Snort-users at lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
Snort-users list archive:
More information about the Snort-users