[Snort-users] v2.8.4 incorrect logging to MySQL

Paul Schmehl pschmehl_lists at ...14358...
Tue Apr 14 17:20:38 EDT 2009

Trust me, I've read the conspiracy theories.  But I also know Marty personally, 
and frankly, you're wrong.  The changes to the licensing of signatures was done 
to prevent third party apps from using the rules without compensating 
Sourcefire, a perfectly reasonable thing to do.  After all, those third party 
apps (and appliances) and making money off Marty's (and all his many talented 
employees') work.  The least they can do is pay Marty for making what's under 
their hood much better than it otherwise would be.

Marty has said that snort will always be open source.  I believe him.

--On Tuesday, April 14, 2009 15:36:29 -0500 Loyal A Moses <loyalmoses at ...3027...> 

> As I just said in an earlier mailing list response, it is open source
> until version 3.
> This is my original line of comments on the NEW direction Sourcefire
> was taking.
> http://archives.neohapsis.com/archives/snort/2007-07/0047.html
> The product itself is not at all the debate. Snort as a product is
> great, and I believe that Marty has done an excellent job developing
> the majority of what is quite obviously the worlds most widely used
> intrusion detection system.
> The argument on direction is one of open source vs. commercially
> owned. We've seen this a dozen or more times over.
> A little story...
> Jack is an open source buff who believes in free software for the
> world, so he builds and releases it GPL or equivalent. Then one day,
> he needs to feed his family from his open source fame, but doesn't
> have the rights to the software as he wants, because it was released
> open source and there are hundreds of contributors to the success of
> the application. So a simple little plan is hatched to slowly and ever
> so slightly change the licensing and take ownership of contributions
> and limit the use of these components, then create an all new version
> X that apparently is 100% written from the ground up with absolutely
> zero contributed code. Hmmmm...
> If you don't quite understand the little story, do read some of the
> older snort mailing list entries to get a feel for how every signature
> contributed or otherwise is now licensed by Sourcefire.
> As I said, they are going to do what they are going to do.

Paul Schmehl, Senior Infosec Analyst
As if it wasn't already obvious, my opinions
are my own and not those of my employer.
Check the headers before clicking on Reply.

More information about the Snort-users mailing list