Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Snort-Users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Snort-users] rules downloads and

from [Matt Kettler] Network Security [Permanent Link]
Subject: Re: [Snort-users] rules downloads and
Date: Tue, 19 Sep 2006 13:47:58 -0400 
SN ORT wrote:


Oh well, since you know Marty so well, you're like
close friends now, maybe you can explain why people
now have to pay for the latest sigs?


Erm, you only have to pay to get the latest signatures that SourceFire developed
internally. All the community-developed rules are not delayed, nor for pay.

Also previously these SourceFire signatures were not available on a early basis
to normal snort users at all, only users of the commercial sourcefire boxes
could get them early. Snort users had to wait. This is the way been. SF made no
secrets about it, and I do recall it being mentioned several times on the list
that they updated their commercial subscribers first, then made their releases
to the snort userbase later. This is all long before the for-pay option existed.

So while this looks like SF is taking something away to gain a profit, they're
really offering something they never offered before. It's a way for the free
product users to step up to the same level of rule updates as the commercial
product, but with reduced cost (and none of the other commercial product
features like RNA).

Personally, I like it, and think it's a good way for SF to get money to continue
to feed their rule research team.


I'm not faulting people for
trying to make a buck, I'm just saying it's a bit
foolish to rely soley on a free product to protect
your network and expect it to remain free and last
forever.

Open source is a Godsend, but let's be realistic:
another reason to make a great open-source product is
to build confidence, reputation, and then start making
the big $$$$$! This is a natural progression of
things, and sooner or later programmers have to make
money.


While there's some truth in what you say, there's also a lot of fallacy in it.
Many free products do have a lot of potential to last forever. These are mostly
tools where the developer needs the tool help them in their normal for-pay job.

Tools like tcpdump/Ethreal will probably always have developers contributing to
it for free, because many developers working on other network technologies rely
on it, and often find/fix bugs in it as a side-effect of doing other for-pay 
work.

Now I'd agree, snort may not fall into this, but it's a pure fallacy to think
this can't ever happen to any software tool. It can, and does.


-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys -- and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________
Snort-users mailing list
Snort-users@lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Snort-users] Snort-users Digest, Vol 4, Issue 26, Paul Schmehl
Next by Date:  [Snort-users] log errors, David Lantz
Previous by Thread:  Re: [Snort-users] Snort-users Digest, Vol 4, Issue 26, Paul Schmehl
Next by Thread:  [Snort-users] Oops!, SN ORT
Indexes:  [Date] [Thread] [Top] [All Lists]