[Snort-users] Licensing

Peter J Manis pmanis at ...5068...
Mon Mar 7 18:12:21 EST 2005

I think you misinterpreted Marty's email.  Sourcefire doesnt allow you to 
bundle VRT rules in a commercial product no matter if you have a 
subscription or not, at least thats what the license says.  You can bundle 
the bleeding snort and communtiy rules only, which are free anyway; no 
subscription needed.  I was gonna get a subscription to the VRT rules, but 
man, did you see the prices?  $200/month, $500/quarter, or $1800/year is 
pretty steep for an individual.  What hurts for firms that rely on snort but 
cant afford to pay for this subsciption (nonprofits or anybody) are the 
possible legal implications.  Technically, now if you are using snort and 
don't pay for the early updates and your machines get compromised and cause 
damage to someone else, you can technically by sued by the damaged party for 
not doing all you could have done to protect your machines (purchase the 
updates).  This will provide Sourcefire with a pretty nice income stream, if 
people actually purchase the subscriptions.  Realize that the subscirption 
has nothing to do with the license.  Whether or not you pay for the 
subscription, the license stands.  The reason for the subscription is for 
revenues, not to prohibit anyone from bundling the rules with their 
commercial product.


----- Original Message ----- 
From: "Matt Kettler" <mkettler at ...4108...>
To: "Rowland, Krisa W ERDC-ITL-MS Contractor" 
<Krisa.W.Rowland at ...3768...>; <snort-users at lists.sourceforge.net>
Sent: Monday, March 07, 2005 8:03 PM
Subject: Re: [Snort-users] Licensing

At 06:07 PM 3/7/2005, Rowland, Krisa W ERDC-ITL-MS Contractor wrote:
>Ok.  I know I haven't read all the hoopla and complaining about this new 
>licensing - but this means that if we want the VRT rules we have to pay? 
>Sorry for being slow.

Only if you want them as fast as the normal Sourcefire customers get them,
or if you want to rebundle them in a commercial product.

See Marty's post with Message ID:
45cfecfcfb7c474d58e180f5d9344bcd at ...1935...

AFAIK the VRT rules have always been available to SF customers before the
OSS side gets them. Fresher updates from VRT has been a selling point of SF
boxes for years. Now you can opt to subscribe to the faster updates for a
fee without having to buy a SF box.. Sounds good to me.

As for the rebundlers, well, I'd hate to compete with someone who's simply
sponging all my resources for free... They're also still free to use all
the snort code, even SF's contributions to the snort code, and the
community/bleeding rules in their commercial products.

I think they're being quite reasonable, as the changes only apply to the
VRT rules. I'm pleased they're willing to give us their VRT rules for free
at all.

Of course, if they ever did anything as unlikely as to try to subvert the
code, I'd show up on their doorstep to deliver a letter berating them for
the act, but I doubt Marty and co. will ever do such a thing. SF may not be
perfect people, but they seem to be Good People, and their continued
contributions to a free Snort are solid evidence of that.

SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
Snort-users mailing list
Snort-users at lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
Snort-users list archive:

More information about the Snort-users mailing list