Snort mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Demarc Certified Open Signatures

From: Wayne Jackson <wayne.jackson () sourcefire com>
Date: Thu, 03 Mar 2005 12:41:31 -0500
Eric,

I haven't yet weighed in, as of yet, but see your observations as the
perfect opportunity to do so.

First, as an investor, board member, and proud part of the management team
here at Sourcefire I can absolutely assure you that Marty has always been,
and will remain, the heart and soul of this company. Trust me, Marty still
has the reigns when it comes to all things relating to Snort.

Second, our decision to modify the license for new, Sourcefire-created Snort
rules was based on principles of fundamental fairness. It is a simple fact
that there are dozens of companies that use the intellectual property that
we contribute to the Snort community while contributing little, if anything,
back to us or the community in return. Further, some of these companies
routinely abuse our copyrights, remove banners from source code, withhold
derivative works, hide trademark notices, etc., all of which is completely
outside the letter and spirit of the GPL and should not be tolerated by
anyone.

Don't like venture capital? Remember that Snort wasn't even a stateful
inspection technology before Marty started Sourcefire. And to your comment
regarding Sourcefire's hosting and maintaining Snort.org, we simply say
"you're welcome".

And finally, as Marty observed in an earlier post, Sourcefire will continue
to innovate and deliver meaningful improvements to those who value Snort -
even you. You will also notice huge improvements to Snort.org, most of which
are oriented specifically to the kind of community building and open
idea-sharing that you seem to think we would find threatening.

We have gone WAY above and beyond, in my humble opinion, protecting the
Snort user community and that should be even more evident as the new site
goes live Monday. This will also be reinforced with every continuing
contribution that Sourcefire makes in the years to come.

Good luck with your endeavors.

Regards,

     Wayne Jackson, CEO
     Sourcefire



From: "Eric Hines" <eric.hines () appliedwatch com>
Date: March 3, 2005 10:48:07 AM EST
To: <spamtrap () winsnort com>, "'Snort Users Postings'"
<snort-users () lists sourceforge net>
Subject: RE: [Snort-users] Demarc Certified Open Signatures

Michael, I Agree. This is only the beginning. Three or so years ago a
good
friend, Jed Pickel posted to this list when Martin announced the
creation of
Sourcefire. He called it and said stuff like this would happen and was
flamed for it. I think he deserves accolades for standing up and saying
something because he ended up being right after all.

This is only the beginning, indeed. I think its naïve to think that
Roesche
has any more control over there at Sourcefire as to what happens with
the
Snort project, which is under the control of copyrights and trademarks
by
Sourcefire, Inc. He has brought in so much VC money that I'd be
surprised if
he is a majority shareholder anymore at that company -- its near
impossible.
The fate of the Snort project is in the hands and control of the Board
of
Directors at Sourcefire and it's VC's -- not snort.org. Hell, its even
hosted by Sourcefire.

[snort.org]

      NS1.SOURCEFIRE.COM      12.4.213.2    
    NS2.SOURCEFIRE.COM  199.107.65.180


IMHO this is a very poor move by Sourcefire. I've spoken to a lot of
organizations about this over the past week (as we received a letter
from
Sourcefire announcing this way before this announcement) who laughed
at the
very thought of paying for Signatures simply so they can get it when
they
are immediately released. Wait 5 days and you get those signatures. If
they
actually get ANY organizations who are willing to pay for this
subscription,
the number of companies willing to pay for it will be far exceeded by
the
number of people they've upset. Do the math Sourcefire.

They've done nothing except give themselves a black eye.

My look in to the future: Projects like the Bleeding Edge will pop up
all
over the place offering a safe haven for Snort rule creation and
distribution. The beautiful thing about Snort signatures is anyone can
make
them. When a new 0day exploit or worm comes out, their will be a race
between all these projects as to who can get the best signature out
and who
can do it the fastest. If you get enough people together, more rules
can be
developed and can be developed much faster than Sourcefire.

I also see other open source IDS projects starting, IDS' like
Firestorm,
Prelude, etc. that use the Snort signature syntax we're already all
familiar
with.



Best Regards,


Eric Hines, GCIA, CISSP
CEO, President, Chairman
Applied Watch Technologies, LLC
1134 N. Main St.
Algonquin, IL 60102
Tel: (877) 262-7593 x327
Fax: (877) 262-7593
Web: http://www.appliedwatch.com






-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://ads.osdn.com/?ad_ide95&alloc_id396&op=click
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: