[Snort-users] My Experience with the new Sourcefire VRT rules..

Martin Roesch roesch at ...1935...
Wed Mar 9 05:44:47 EST 2005


Understood, we're looking at it...

On Mar 9, 2005, at 2:58 AM, James Ashton wrote:

> From both the users and AND sourcefires end I thin this clause is off. 
> I have signed a lot of agreements an\bout software in the last 15 
> years but I have never signed one that let ANYONE look over my books 
> and records. This include *icrosoft EULAs.
>
>  Form someone who might be willing to buy a subscription, This is an 
> absolute deal killer. I can see how you can justify it from a control 
> point of view, and I personally believe that sourcefire is NOT even 
> dreaming about actually using this clause, but just having it there is 
> a danger to any company that signs this.
>
> James Ashton
>
>
> -----Original Message-----
> From: snort-users-admin at lists.sourceforge.net 
> [mailto:snort-users-admin at lists.sourceforge.net] On Behalf Of Martin 
> Roesch
> Sent: Tuesday, March 08, 2005 5:35 PM
> To: Arseneault, Thomas (HQP)
> Cc: Jose Maria Lopez Hernandez; snort-users at lists.sourceforge.net
> Subject: Re: [Snort-users] My Experience with the new Sourcefire VRT 
> rules..
>
> Just FYI, I talked to our lawyers about this and it's a standard
> provision in software license agreements.  Basically if you're not
> violating the use clause in the agreement, then you have absolutely
> nothing to be concerned with.  Stormtroopers wearing Snort masks are
> not
> going to randomly show up at your door and demand to see your books.
> In the unlikely event we suspect that someone is trying to distribute
> the VRT rules for a profit, this provision merely provides us some
> recourse to seek assurances that our suspicions are incorrect, or, as a
> last
> resort, perform an audit.  Audits are expensive and going around
> performing them without cause will certainly do us more harm then good.
>   And it goes without saying that we would comply and respect local law
> before attempting to do anything.
>
>       -Marty
>
> On Mar 8, 2005, at 3:06 PM, Arseneault, Thomas (HQP) wrote:
>
>> They do have a blurb in there concerning if local laws prevent fully
>> complying with the license terms so they did think of that. I'll leave
>> it up to the lawyers to determine how good/bad the clause is, but it
>> is there.
>>
>> Tom Arseneault
>> Security Engineer
>> Robert Half International
>>
>> -----Original Message-----
>> From: snort-users-admin at lists.sourceforge.net
>> [mailto:snort-users-admin at lists.sourceforge.net] On Behalf Of Jose
>> Maria Lopez Hernandez
>> Sent: Tuesday, March 08, 2005 12:00 PM
>> To: snort-users at lists.sourceforge.net
>> Subject: RE: [Snort-users] My Experience with the new Sourcefire VRT
>> rules..
>>
>> El mar, 08-03-2005 a las 13:32 -0500, Scott Morris escribió:
>>>
>>>     It is a new site so I'll give them slack there. However our
>>> corporate counsel had  apoplexy when he saw the license terms.
>>> Particularly the granting access to books, records and facilities.
>>>
>>> You will, from time to time and as requested by Sourcefire, provide
>>> assurances to Sourcefire that you are using the VRT Certified Rules
>>> consistent with a Permitted Use, and you grant Sourcefire access, at
>>> reasonable times and in a reasonable manner, to the VRT Certified
>>> Rules in your possession or control, and to your books, records and
>>> facilities to permit Sourcefire to verify appropriate use of the VRT
>>> Certified Rules and compliance with this Agreement.
>>
>> This is completely illegal. At least in my country, Spain. Sourcefire
>> should be aware that their license it's under the control of the
>> country laws they are selling their services to. I think this it's
>> going too fast. I agree with the new licensing terms, but this is an
>> error. I think Sourcefire should take a look at their licensing terms
>> or the license will not be legal in many countries.
>>
>> Regards.
>>
>> -- 
>>
>> Jose Maria Lopez Hernandez
>> Director Tecnico de bgSEC
>> jkerouac at ...12346...
>> bgSEC Seguridad y Consultoria de Sistemas Informaticos
>> http://www.bgsec.com ESPAÑA
>>
>> The only people for me are the mad ones -- the ones who are mad to
>> live, mad to talk, mad to be saved, desirous of everything at the same
>> time, the ones who never yawn or say a commonplace thing, but burn,
>> burn, burn like fabulous yellow Roman candles.
>>                 -- Jack Kerouac, "On the Road"
>>
>>
>>
>>
>> -------------------------------------------------------
>> SF email is sponsored by - The IT Product Guide Read honest & candid
>> reviews on hundreds of IT Products from real users.
>> Discover which products truly live up to the hype. Start reading now.
>> http://ads.osdn.com/?ad_ide95&alloc_id396&op=ick
>> _______________________________________________
>> Snort-users mailing list
>> Snort-users at lists.sourceforge.net
>> Go to this URL to change user options or unsubscribe:
>> https://lists.sourceforge.net/lists/listinfo/snort-users
>> Snort-users list archive:
>> http://www.geocrawler.com/redir-sf.php3?list=ort-users
>>
>>
>>
>>
>> -------------------------------------------------------
>> SF email is sponsored by - The IT Product Guide
>> Read honest & candid reviews on hundreds of IT Products from real
>> users.
>> Discover which products truly live up to the hype. Start reading now.
>> http://ads.osdn.com/?ad_ide95&alloc_id396&op=click
>> _______________________________________________
>> Snort-users mailing list
>> Snort-users at lists.sourceforge.net
>> Go to this URL to change user options or unsubscribe:
>> https://lists.sourceforge.net/lists/listinfo/snort-users
>> Snort-users list archive:
>> http://www.geocrawler.com/redir-sf.php3?list=snort-users
>>
>>
> -- 
> Martin Roesch - Founder/CTO, Sourcefire Inc. - +1-410-290-1616
> Sourcefire - Discover.  Determine.  Defend. - http://www.sourcefire.com
> Snort: Open Source Intrusion Detection and Prevention -
> http://www.snort.org
>
>
>
> -------------------------------------------------------
> SF email is sponsored by - The IT Product Guide
> Read honest & candid reviews on hundreds of IT Products from real 
> users.
> Discover which products truly live up to the hype. Start reading now.
> http://ads.osdn.com/?ad_ide95&alloc_id396&op=ick
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=ort-users
>
>
>
-- 
Martin Roesch - Founder/CTO, Sourcefire Inc. - +1-410-290-1616
Sourcefire - Discover.  Determine.  Defend. - http://www.sourcefire.com
Snort: Open Source Intrusion Detection and Prevention - 
http://www.snort.org





More information about the Snort-users mailing list