Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Snort-Signatures
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[Snort-sigs] Upcoming changes for Bleeding Snort

from [Matt Jonkman] Network Security [Permanent Link]
Subject: [Snort-sigs] Upcoming changes for Bleeding Snort
Date: Fri, 11 Mar 2005 17:19:31 -0500
Bleeding Snort and Sourcefire have been working together over the last week with input from other Snort research community members. We're excited to announce that Sourcefire and Bleeding Snort will be forming a consortium called OSSRC Open Source Snort Rules Consortium.

The OSSRC will be a group that any company or organization will be welcome to join. The members will share research on new threats and rules to handle those threats, with the goal of creating a unified community-based ruleset. Each member may post these rules wherever they choose, distribute them to their clients or customers, or use them in their own subscription services according to the provisions in the GPL. The goals of the group are still forming, but initially will be to:

1. Maintain a fast moving and GPL-licensed Snort ruleset
2. Avoid rule duplication amongst community rulesets, both in terms of content and SIDs
3. Improve and enforce quality standards for rules (documentation, etc.)
4. Possibly move to a Stable and Unstable rule 'vetting' process

More details will come shortly, but the gist is that all of the companies and organizations that want to contribute resources and efforts to the open source community may do so in a single framework, but still bring that information back to their own projects. We will avoid duplication, SID conflicts, and gaps in rulesets.

All of the contributing members of the OSSRC will have an equal say in direction and operation. Sourcefire is finalizing the draft of a formal charter, which will be available to all for review soon. This will outline a board of directors and officers that will be modeled after other open source projects. No one company or organization will have any controlling interest in the OSSRC, nor will there be any chance of the content channeled through the OSSRC becoming anything but free under the GPL.

As for Bleeding Snort's future, we intend to stay as we are, continue the work we're doing, same bat time, same bat channel. We will coordinate our research and projects and new rules through the OSSRC once it's functional. At that point, we will get a SID from the OSSRC before posting a rule, while taking efforts to ensure we aren't duplicating something coming out from another source.

Bleeding Snort will stay in the same place, we will maintain the same projects (and anything new that needs a home), and we will continue to work as we have since our inception. We will continue to be independent as we have always been. We will continue to be a place you can get your rules and answers to your questions.

Thanks to everyone for your patience while we've all been responding to the licensing and other changes in the Snort world. We asked that you reserve judgment until all the facts had shaken out, and you've done that. We thank you for trusting us.

This is going to be a very positive organization for the open source security community. I think it will provide some needed formal guidance, and a structure that larger entities can sink resources into, knowing that those resources will be used in the most efficient manner possible in support of the public good. I hope that eventually we can expand the OSSRC framework to include other security-related projects, so that an even larger community can benefit from pooling the expertise and support of all of its members.

We welcome every interested organization to join the OSSRC. Please email myself or either Jennifer Steffens (jennifer.steffens@sourcefire.com) at Sourcefire if you're interested in being an initial member. There are no financial obligations: you are only being asked to contribute to the work of the group and share in the information being collected.

--
--------------------------------------------
Matthew Jonkman, CISSP
Senior Security Engineer
Infotex
765-429-0398 Direct Anytime
765-448-6847 Office
866-679-5177 24x7 NOC
my.infotex.com
www.offsitefilter.com
www.bleedingsnort.com
--------------------------------------------


NOTICE: The information contained in this email is confidential
and intended solely for the intended recipient. Any use,
distribution, transmittal or retransmittal of information
contained in this email by persons who are not intended
recipients may be a violation of law and is strictly prohibited.
If you are not the intended recipient, please contact the sender
and delete all copies.


-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click
_______________________________________________
Snort-sigs mailing list
Snort-sigs@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/snort-sigs

[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • [Snort-sigs] Upcoming changes for Bleeding Snort, Matt Jonkman <=
Previous by Date:  [Snort-sigs] Bleedingsnort.com Daily Update, bleeding
Next by Date:  [Snort-sigs] Unsubscribe, Hazel, Scott A.
Previous by Thread:  [Snort-sigs] FP in 1233 and 2435: possible general prob. w. content checks for filename?, James Affeld
Next by Thread:  [Snort-sigs] Unsubscribe, Hazel, Scott A.
Indexes:  [Date] [Thread] [Top] [All Lists]