Snort mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Professionalism

From: "Chris Eidem" <jceidem () dexma com>
Date: Wed, 14 Nov 2001 08:54:34 -0600
I guess this has more to do with the acceptance of OSS than with snort
in big picture.  I'm arguing for 'Joe Smith' and don't necessarily feel
this way, but I can see his point.

Users of OSS have a long and arduous uphill battle to just get someone
to listen to them talk about software that "you can have for free" and
"right off the Internet."  snort and its OSS compatriots are under
scrutiny here simply because, for the last X years, if you didn't buy
it, you couldn't use it.  So now in steps snort.  Or BSD, or Nessus or
whatever.

Imagine one side of a phone call: "Yes, it REALLY is free.  Yes, it
works on throwaway hardware.  No, we don't have to pay for it, I said
it's free.  Sure, here's the source code.  Yes, it's FREE.  I know that
it rated highly, that's why I showed you the article.  Sure, I can have
it running this afternoon.  I'll show you what it can do.  OK, bye."

You get it put together and have it running and go up to show it off
(and, rightly, you're quite proud of it), when someone asks how it works
and you give 'em the spiel about signatures and how they set off alarms.
What do the signatures look like...

Ooops.

If that gets spotted, you'll need lotion to soothe yer aching hinder
after the PHBs get done with you.

Sure, that's paranoid.  But aren't we in the paranoia business?

Here is a chance to shine.  You know, lick your palms and smooth your
hair (well, not in my case, anyway), but on a brand new shirt and show
it off.  Not just snort, but OSS.  Because we're a Microsoft shop here
(yeeesh) and I'm running it on OpenBSD.  Now I've two OSS platforms to
show off.  Later, I'll add more, but I have got to get them to trust me
the first time.

I'm not offended.  Hell, I showed my co-workers and we all laughed, so I
appreciate it and chances are no one will see the code, but man, if they
do, and they get mad you can kiss snort goodbye.  I hate to say it, but
there are companies with PC (Politically Correct) police in the HR dept.
that will *really* get bent out of shape.  Sad to say, but it's true.

I don't care what's in the classification.conf file.  Nobody will see it
really.  But if they do...

Chris



I totally agree.....a professional look and feel "out of the 
box" would
definitely help a product like this get more immediate 
acceptance in the
corporate world. If management gets a first impression that 
Snort or any
other open source software is being maintained by a bunch of 
people who
aren't serious due to little remarks like this (which you 
would never see in
the a commercial package), they will hesitate to bring it 
into a corporate
environment. I would love to see the open source world really 
take off and
overcome the Microsoft monster, and professionalism out of 
the box would be
a good place to start if the developers are serious about 
competing with the
commercial apps. Just my 2 cents.....



-----Original Message-----
From: Joe Smith [mailto:shadowm4n () yahoo com]
Sent: Tuesday, November 13, 2001 5:39 PM
To: snort-users () lists sourceforge net
Subject: Re: [Snort-users] Professionalism


Nothing quite like stirring the hornet's nest...

Based on many of the responses I've received, I get
the impression my point has been missed and/or I
didn't state it clearly enough.

My agenda is simple: make open-source more commonplace
in the corporate environment.  It's the same goal that
many in the open source community share, because it's
the only way to displace the current OS/Application
monarch, Mr. Bill Gates.  Many in the corporate world
have a very negative opinion of open source precisely
because of what I stated earlier regarding the
unprofessional nature of open source.  They will claim
that the code is "untrustworthy".  This doesn't mean
it doesn't work (or can be configured to work).  It
doesn't mean that the programmers are untrustworthy. 
Once again, it isn't the impropriety that's the
problem, it's the appearance of impropriety.  The
negative stigma will stay as long as this sort of
thing crops up.  Yes, I realize its idiotic for a VP
to disqualify a product only because of lubrication
references, but it does happen and it makes my job (ya
know, intrusion detection and all that fun stuff) that
much more difficult.

Yes, its free.  Yes, the classification.config file
can be sed/grepped to do exactly what you want.  And
yes, its the best thing out there (its superior to
every IDS I've tested, commercial or non).  All I'm
asking is for snort to make an effort to present a
more professional appearance so that corporate
acceptance is the default, not the exception.


_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: