[SPAM] - Re: [Snort-users] My Experience with the new Sourcefire VRT rules.. - Email found in subject

Martin Roesch roesch at ...1935...
Tue Mar 8 14:10:02 EST 2005


Hi Marc,

Good suggestion on the one-time-fee download, we're talking it over 
here at Sourcefire.

      -Marty

On Mar 8, 2005, at 3:20 PM, Marc Hering wrote:

> Thanks for the update Martin,   I figured it was something like that,  
> I did the Alt-I in Firefox and didn't see the encryption....
>
> I'll check back in in the next 24 hours.
>
> Thanks!
>
>
> Also, does VRT plan to have a "one off" download plan,,,IE a company 
> doesn't want to pay a yearly subscription, but if a MAJOR worm comes 
> out they can pay a one time fee and get the updated rules?
>
> Thanks
>
> -----Original Message-----
> From: Martin Roesch [mailto:roesch at ...1935...]
> Sent: Tuesday, March 08, 2005 3:07 PM
> To: Marc Hering
> Cc: snort-users at lists.sourceforge.net
> Subject: [SPAM] - Re: [Snort-users] My Experience with the new 
> Sourcefire VRT rules.. - Email found in subject
>
> Hi Marc,
>
> We're dealing with a few last minute issues on our end, things should 
> be solid in the next 24 hours or so.
>
> The cert was made for sourcefire.com, not snort.org originally.  We're 
> waiting on our cert from Thawte and it should be up today.  The site 
> is encrypted even if the cert isn't "valid" for the domain, if you're 
> in firefox you can hit <alt-i> to pull up site info and click on the 
> Security tab to see if the site is cleartext or encrypted if you need 
> to prove it to yourself.  We wouldn't expect you to transmit info in 
> the clear obviously.
>
> The subscription form has the rates in the first line of the form.
> It's $195/495/1795 per month/quarter/year respectively.  You need a 
> free registration to subscribe.
>
> We apologize for the rule lookup being inactive right now, we're 
> working on it.
>
>       -Marty
>
> On Mar 8, 2005, at 1:19 PM, Marc Hering wrote:
>
>>  
>> Well,
>>  I know there has been a lot of debate over the new VRT Rules and
>> licensing methods from Sourcefire.  I was staying on the sidelines due
>> to my relative newness to Snort in general, but now that I have had
>> some interaction with the new website I wanted to let everyone know my
>> experiences..  This is just what happened to me, and I am not trying
>> to start any flame wars...so if you agree with me then great, if you
>> don't agree with me then great!
>>  
>> Let me start out by saying that I personally don't have a problem with
>> what SF is doing,  After all, if I didn't want to pay I can still get
>> the rules 5 days later for free or write my own.  but since I need the
>> rules pretty fast (and I am not the best at writing rules..) I was ok
>> with paying the subscription fee.   So I mosey on over to snort.org
>> and try to sign up.
>>   
>> Well, all I can say is that if you are like me and don't mind paying
>> the subscription, then GOOD LUCK!!  Finding the pricing is damn near
>> impossible, and when you follow the link to even sign up, it tries to
>> take you to a secure site THAT HAS AN INVALID CERTIFICATE! (the cert
>> is valid, but it doesn't protect snort.ort  it is for
>> sourcefire.com)   then when I get to the signup page, firefox reports
>> that this site is not secure at all (even though it says https, there
>> is no encryption going on) Yean I'm gonna transmit info
>> plaintext..NOT!   And still no mention of how much it costs until
>> after you create an account.....  Oh and for all you ACID users out
>> there, I just found out that you can't do a rule lookup anymore even
>> if you are a subscriber ( In their defense, they DO say the rule
>> lookup function is forthcoming and I am sure some clever person will
>> write a patch eventually)
>>  
>> I completely understand why Sourcefire is changing the way the rules
>> are distributed, and I support them in it after all, they do deserve
>> to get paid for hard work, however if they are going to make a change
>> like this that affects the whole snort community, then I would request
>> that they at least make sure that everything works before they put it
>> live!
>> Thanks!
>>  
>> </rant mode>
>>
> --
> Martin Roesch - Founder/CTO, Sourcefire Inc. - +1-410-290-1616 
> Sourcefire - Discover.  Determine.  Defend. - 
> http://www.sourcefire.com
> Snort: Open Source Intrusion Detection and Prevention - 
> http://www.snort.org
>
>
-- 
Martin Roesch - Founder/CTO, Sourcefire Inc. - +1-410-290-1616
Sourcefire - Discover.  Determine.  Defend. - http://www.sourcefire.com
Snort: Open Source Intrusion Detection and Prevention - 
http://www.snort.org





More information about the Snort-users mailing list