[SPAM] - Re: [Snort-users] My Experience with the new Sourcefire VRT rules.. - Email found in subject
roesch at ...1935...
Tue Mar 8 14:10:02 EST 2005
Good suggestion on the one-time-fee download, we're talking it over
here at Sourcefire.
On Mar 8, 2005, at 3:20 PM, Marc Hering wrote:
> Thanks for the update Martin, I figured it was something like that,
> I did the Alt-I in Firefox and didn't see the encryption....
> I'll check back in in the next 24 hours.
> Also, does VRT plan to have a "one off" download plan,,,IE a company
> doesn't want to pay a yearly subscription, but if a MAJOR worm comes
> out they can pay a one time fee and get the updated rules?
> -----Original Message-----
> From: Martin Roesch [mailto:roesch at ...1935...]
> Sent: Tuesday, March 08, 2005 3:07 PM
> To: Marc Hering
> Cc: snort-users at lists.sourceforge.net
> Subject: [SPAM] - Re: [Snort-users] My Experience with the new
> Sourcefire VRT rules.. - Email found in subject
> Hi Marc,
> We're dealing with a few last minute issues on our end, things should
> be solid in the next 24 hours or so.
> The cert was made for sourcefire.com, not snort.org originally. We're
> waiting on our cert from Thawte and it should be up today. The site
> is encrypted even if the cert isn't "valid" for the domain, if you're
> in firefox you can hit <alt-i> to pull up site info and click on the
> Security tab to see if the site is cleartext or encrypted if you need
> to prove it to yourself. We wouldn't expect you to transmit info in
> the clear obviously.
> The subscription form has the rates in the first line of the form.
> It's $195/495/1795 per month/quarter/year respectively. You need a
> free registration to subscribe.
> We apologize for the rule lookup being inactive right now, we're
> working on it.
> On Mar 8, 2005, at 1:19 PM, Marc Hering wrote:
>> I know there has been a lot of debate over the new VRT Rules and
>> licensing methods from Sourcefire. I was staying on the sidelines due
>> to my relative newness to Snort in general, but now that I have had
>> some interaction with the new website I wanted to let everyone know my
>> experiences.. This is just what happened to me, and I am not trying
>> to start any flame wars...so if you agree with me then great, if you
>> don't agree with me then great!
>> Let me start out by saying that I personally don't have a problem with
>> what SF is doing, After all, if I didn't want to pay I can still get
>> the rules 5 days later for free or write my own. but since I need the
>> rules pretty fast (and I am not the best at writing rules..) I was ok
>> with paying the subscription fee. So I mosey on over to snort.org
>> and try to sign up.
>> Well, all I can say is that if you are like me and don't mind paying
>> the subscription, then GOOD LUCK!! Finding the pricing is damn near
>> impossible, and when you follow the link to even sign up, it tries to
>> take you to a secure site THAT HAS AN INVALID CERTIFICATE! (the cert
>> is valid, but it doesn't protect snort.ort it is for
>> sourcefire.com) then when I get to the signup page, firefox reports
>> that this site is not secure at all (even though it says https, there
>> is no encryption going on) Yean I'm gonna transmit info
>> plaintext..NOT! And still no mention of how much it costs until
>> after you create an account..... Oh and for all you ACID users out
>> there, I just found out that you can't do a rule lookup anymore even
>> if you are a subscriber ( In their defense, they DO say the rule
>> lookup function is forthcoming and I am sure some clever person will
>> write a patch eventually)
>> I completely understand why Sourcefire is changing the way the rules
>> are distributed, and I support them in it after all, they do deserve
>> to get paid for hard work, however if they are going to make a change
>> like this that affects the whole snort community, then I would request
>> that they at least make sure that everything works before they put it
>> </rant mode>
> Martin Roesch - Founder/CTO, Sourcefire Inc. - +1-410-290-1616
> Sourcefire - Discover. Determine. Defend. -
> Snort: Open Source Intrusion Detection and Prevention -
Martin Roesch - Founder/CTO, Sourcefire Inc. - +1-410-290-1616
Sourcefire - Discover. Determine. Defend. - http://www.sourcefire.com
Snort: Open Source Intrusion Detection and Prevention -
More information about the Snort-users