Dailydave: RE: Sourcefire Acquired by Check Point Software

[Frank Knobbe <frank () knobbe us>]

On Fri, 2005-10-07 at 21:52 -0400, Ron Gula wrote:
> How would charging people more money prevent them from not abiding by 
> the GPL or even Tenable's license agreements?
It seemed that some reports were citing financial motives. But the
agreement issues of course need to be addresses differently. Enforcement
may be another issue altogether.

> - Nessus 2 source is still available, GPLed and will be maintained.
Good news. Maintained as far as code updates or in regards to plugins?

> - Nessus 3 will be available shortly and be free
I missed that part (which c|Net quoted Renaud saying right in paragraph
one), sorry.

> We haven't had any support of this kind. I really feel there are very 
> capable programers out there who can contribute to Nessus, but to date 
> we haven't really gotten any. Even on the NASL vuln check side, a 
> majority of the plugins are Tenable.
That is indeed a shame because it is a great program. If I wouldn't be
spending so much time on the Snort side of things, I would like to help
out. But my ToDo pile keeps rising instead of getting smaller :(

> It sure does. Again, we're not trying to hide Nessus 2 code. We've just 
> made many improvements to the engine and don't want to expose these 
> algorithms.
I see. Now that I understand more about what's going on, it seems that
the reports I heard were laced with the usual sensationalism that
plagues the media these days. Sorry I barked :)

> I don't think we're turning our back at all. Giving away a product two 
> to five times faster than the current open source version makes most 
> people very happy.
>
> Rasing prices screws the average nessus user and puts recent 
> vulnerability checks out of the hands of people who can't afford it.
Agreed. I actually like your pricing and agreement terms very much. (Of
course I haven't read the new terms yet ;)  It goes to show that
commercial entities can very well live in a symbiotic relationship with
open source (despite that some folks think that "Open Source" is just a
marketing machine for corporate entities).

Perhaps the news just hit me wrong (my excuse is I got hit with a lot of
stuff this week), or perhaps the media colored the report in a different
light. I apologize if I ruffled your feathers.

Cheers,
Frank

PS: I'm ready for those licenses we discussed ;)

Attachment: signature.asc
Description: This is a digitally signed message part