[Snort-users] Open Source Snort Rules Consortium (OSSRC)

Martin Roesch roesch at ...1935...
Mon Mar 14 08:22:53 EST 2005


Sourcefire and Bleeding Snort have been working together over the last 
week with input from other Snort community members. We're excited to 
announce that Sourcefire and Bleeding Snort will be forming a 
consortium called OSSRC Open Source Snort Rules Consortium.

The OSSRC will be a group that any company or organization will be 
welcome to join. The members will share research on new threats and 
rules to handle those threats, with the goal of creating a unified 
community-based ruleset. Each member may post these rules wherever they 
choose, distribute them to their clients or customers, or use them in 
their own subscription services according to the provisions in the GPL. 
The goals of the group are still forming, but initially will be to:

1. Maintain a fast moving and GPL-licensed Snort ruleset
2. Avoid rule duplication amongst community rulesets, both in terms of 
content and SIDs
3. Improve and enforce quality standards for rules (documentation, etc.)
4. Possibly move to a Stable and Unstable rule 'vetting' process

More details will come shortly, but the gist is that all of the 
companies and organizations that want to contribute resources and 
efforts to the open source community may do so in a single framework, 
but still bring that information back to their own projects. We will 
avoid duplication, SID conflicts, and gaps in rulesets.

All of the contributing members of the OSSRC will have an equal say in 
direction and operation. We are finalizing the draft of a formal 
charter, which will be available to all for review soon. This will 
outline a board of directors and officers that will be modeled after 
other open source projects. No one company or organization will have 
any controlling interest in the OSSRC, nor will there be any chance of 
the content channeled through the OSSRC becoming anything but free 
under the GPL.

This is something we have been considering for quite some time and are 
excited to finally have the opportunity to move forward and continue to 
increase our support of the Open Source Snort community. We welcome 
every interested organization to join the OSSRC. Please email either 
Jennifer Steffens (jennifer.steffens at ...1935...) or Matt Jonkman at 
Bleeding Snort if you're interested in being an initial member. There 
are no financial obligations: you are only being asked to contribute to 
the work of the group and share in the information being collected.

     -Marty

-- 
Martin Roesch - Founder/CTO, Sourcefire Inc. - +1-410-290-1616
Sourcefire - Discover.  Determine.  Defend. - http://www.sourcefire.com
Snort: Open Source Intrusion Detection and Prevention - 
http://www.snort.org





More information about the Snort-users mailing list