Marty,
Will the subscription service for VRT rules for end users also contain
some sort of support? I.e., if a rule is detecting false positives
will we (end users) have to figure it out, or will the Sourcefire team
do it?
Thanks,
Sam
On Wed, 2 Mar 2005 14:09:05 -0500, Martin Roesch <roesch@sourcefire.com> wrote:
Hi everyone,
Over the past four years, Sourcefire has contributed increasing
resources to advancing the Snort technology. That commitment has
resulted in advances such as gigabit performance capability, the
integration of the snort_inline technology the current and future
generations of IP defragmentation and TCP stream reassembly
functionality, protocol anomaly detectors and normalization, portscan
detection, the unified output subsystem, reams of documentation and two
complete code audits. In addition, we have built the Sourcefire
Vulnerability Research Team and dedicated significant resources to
improving the quality, accuracy and timeliness of Snort rules.
Recently, we have become increasing aware of companies who are
commercially redistributing rules written by the Sourcefire VRT without
contributing to the considerable resources required to develop high
quality rules in such a timely fashion.
In order to enable us to continue supporting the open source model and
dedicate these various resources to ensuring users have access to the
best possible detection capabilities, we will begin distributing new
"Sourcefire VRT Certified Rules" under a new license that restricts
commercial redistribution. For developers building open source
applications using Snort rules or Snort end users in general, the
change in the licensing policy has no effect. The changes in the
license apply specifically to organizations that are commercially
redistributing the rules for either a product or a service offering.
Moving forward we are also pleased to announce that we will be
increasing our involvement in not only the Snort technology but the
community as well. We will continue to dedicate our research,
development and QA resources to ensuring that Snort remains the de
facto standard in intrusion detection and prevention technology. To
start, beginning March 7th we will be offering a subscription for our
VRT Certified Rules that allows end users to receive new VRT Certified
Rule updates 5 days faster â the same time as our customers receive
them. In addition, we will be launching a new web site with features
such as users forums and community rule management. Over the next few
months we will be continuing to update the snort.org web site to
include new features and enhanced functionality such as updated
documentation, increased support for user groups, tutorials and easier
communication from the Sourcefire team.
If you have any questions or suggestions for how Sourcefire can better
support the Snort community please contact us at
snort-feedback@sourcefire.com or by emailing me directly.
-Marty
--
Martin Roesch - Founder/CTO, Sourcefire Inc. - +1-410-290-1616
Sourcefire - Discover. Determine. Defend.
roesch@sourcefire.com - http://www.sourcefire.com
Snort: Open Source Network IDS - http://www.snort.org
-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://ads.osdn.com/?ad_ide95&alloc_id�396&opclick
_______________________________________________
Snort-sigs mailing list
Snort-sigs@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/snort-sigs
-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://ads.osdn.com/?ad_ide95&alloc_id�396&opÌk
_______________________________________________
Snort-sigs mailing list
Snort-sigs@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/snort-sigs
