Snort mailing list archives

Re: Professionalism

From: "George D. Nincehelser" <george () ccitriad net>
Date: Tue, 13 Nov 2001 19:16:51 -0600

I've seen this happen a few times.

Some of us don't have the luxury of choosing co-workers or customers with
similar mindsets.  If a team member or customer finds something offensive
and complains, upper management takes note, regardless of how silly it may
seem to some.  Then someone finds themselves in an awkward position of
explaining why offensive material was in the workplace, or on a customer's
system.

I may advocate a particular open-source package, but I am often not the
implementor.  I can't guarantee that a particular installation was
sanitized.  If something of a questionable nature comes up, I'm the first
that gets called.  Technical issues are bad enough, but HR issues are
something that I'd rather not deal with.

Yes, I have seen VPs, often non-technical VPs, examining code for alleged HR
violations.

George

----- Original Message -----
From: "Jon Bentley" <jon () ascendanttech com>
To: "Joe Smith" <shadowm4n () yahoo com>; <snort-users () lists sourceforge net>
Sent: Tuesday, November 13, 2001 4:52 PM
Subject: Re: [Snort-users] Professionalism

Quick question:

When's the last time one of your VP's went trolling through
the code?

----- Original Message -----
From: "Joe Smith" <shadowm4n () yahoo com>
To: <snort-users () lists sourceforge net>
Sent: Tuesday, November 13, 2001 5:39 PM
Subject: Re: [Snort-users] Professionalism

Nothing quite like stirring the hornet's nest...

Based on many of the responses I've received, I get
the impression my point has been missed and/or I
didn't state it clearly enough.

My agenda is simple: make open-source more commonplace
in the corporate environment.  It's the same goal that
many in the open source community share, because it's
the only way to displace the current OS/Application
monarch, Mr. Bill Gates.  Many in the corporate world
have a very negative opinion of open source precisely
because of what I stated earlier regarding the
unprofessional nature of open source.  They will claim
that the code is "untrustworthy".  This doesn't mean
it doesn't work (or can be configured to work).  It
doesn't mean that the programmers are untrustworthy.
Once again, it isn't the impropriety that's the
problem, it's the appearance of impropriety.  The
negative stigma will stay as long as this sort of
thing crops up.  Yes, I realize its idiotic for a VP
to disqualify a product only because of lubrication
references, but it does happen and it makes my job (ya
know, intrusion detection and all that fun stuff) that
much more difficult.

Yes, its free.  Yes, the classification.config file
can be sed/grepped to do exactly what you want.  And
yes, its the best thing out there (its superior to
every IDS I've tested, commercial or non).  All I'm
asking is for snort to make an effort to present a
more professional appearance so that corporate
acceptance is the default, not the exception.

Mike
--- Gordon Ewasiuk <gewasiuk () gnmc net> wrote:

On Today, Phil Wood wrote:

Date: Tue, 13 Nov 2001 13:08:47 -0700
From: Phil Wood <cpw () lanl gov>
To: Joe Smith <shadowm4n () yahoo com>
Cc: snort-users () lists sourceforge net
Subject: Re: [Snort-users] Professionalism

On Tue, Nov 13, 2001 at 09:54:31AM -0800, Joe Smith

wrote:

To the administrators of SNORT,

An excerpt from "classification.config" from the

most

recent snort rules download.


One thing that has not been over stated since the

inception of

the "classification.config" file is the following:

 As a snort administrator/installer you should

edit classification.config

 to suit the policies of your organization.  At

the same time, you should

 review the rules which you are including in your

snort.conf file for

 appropriateness, and to verify their

classification in relation to the

 changes you made to the classification.config

file.  You should not use

 either the classification.config or rules out of

the box.  To do so,

 is a dereliction of duty.


Damn.  People get a commerical-grade IDS FOR FREE
and are bitching about a
simple pr0n rule?  Whoa.  WTF?  Hellooooo.  If you
are that "offended" by
SNORT, don't use it.  Go out and pay tens of
thousands of dollars for
some crap from McAfee, Cisco, or whoever.

If not, and you enjoy the many, many features and
benefits offered by
SNORT, *FOR FREE*, then edit the rule and go about
your business.

-Gordo

--------------------------------------------------
Gordon Ewasiuk, Certifed Sun Fanatic,  Winstar VHC
The REAL office number is here----->  703.893.4901

Read the story about the #1 Unix Platform
http://www.sun.com/software/cover/2001-1106
-------------------------------------------------


_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or
unsubscribe:

https://lists.sourceforge.net/lists/listinfo/snort-users

Snort-users list archive:

http://www.geocrawler.com/redir-sf.php3?list=snort-users


__________________________________________________
Do You Yahoo!?
Find the one for you at Yahoo! Personals
http://personals.yahoo.com

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users



_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users



_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Current thread:

Professionalism Joe Smith (Nov 13)
- Re: Professionalism Ralf Hildebrandt (Nov 13)
  - Re: Professionalism Guillaume (Nov 14)
- Re: Professionalism Brian (Nov 13)
- Re: Professionalism Erek Adams (Nov 13)
- Re: Professionalism Phil Wood (Nov 13)
  - Re: Professionalism Gordon Ewasiuk (Nov 13)
    - Re: Professionalism Joe Smith (Nov 13)
    - Re: Professionalism Jon Bentley (Nov 13)
    - Re: Professionalism George D. Nincehelser (Nov 13)
    - Re: Professionalism olliecat (Nov 13)
    - Re: Professionalism Ralf Hildebrandt (Nov 13)
    - Re: Professionalism Ralf Hildebrandt (Nov 13)
    - Re: Professionalism Joe Smith (Nov 14)
- RE: Professionalism Paul D. Shaffer (Nov 13)
- RE: Professionalism Christopher C. Northrop (Nov 14)
- Re: Professionalism Edwin Eefting (Nov 15)
- <Possible follow-ups>
- RE: Professionalism David Kurtz (Nov 13)
- RE: Professionalism Petriz, Pablo (Nov 13)
  - Re: RE: Professionalism Mark Price (Nov 13)

(Thread continues...)