Snort mailing list archives
Re: re: Professionalism
From: Martin Roesch <roesch () sourcefire com>
Date: Sat, 17 Nov 2001 19:54:32 -0500
It's always nice to go on the road for a few days because I can almost always be sure that the [expletive deleted] will hit the fan in one way or another when I'm travelling and can't respond in an effective manner. I'll start off by posing a question: MS Excel has a functioning *flight simulator* embedded into it as an easter egg, does anyone take it less seriously as a business application because of that? The vast majority of Snort was written by me between the hours of 10PM and 3AM over the course of the past three years. Up until recently, I've done this in my spare time exlusively. The contributers to the project are almost exclusively volunteers, also giving their best in their spare time. Given all that, it's pretty amazing that this software works at all without even mentioning that Snort is widely considered to be one of the top intrusion detection technologies available. What's even more amazing is that when compared with the top 10 commercial NIDS available, Snort was bested only by 2 products from companies with market caps in excess of $1B, beating all the dedicated security companies in the review (I'm talking about the Network Computing review here, it's been linked in some of the other replies). If you'll take a second and grep for the "top 7 words you can't say on TV" in the source, you will see there are a number of not entirely professional comments and messages contained within. It's widely been said that "the one language that all programmers know is profanity", and there's no exception in Snort. When I'm coding some up some tricky concept or piece of code and it's not going well (or for whatever other reason) I have been known to slip colorful language into comments or error messages. These things happen at 2AM, they're inevitable. This code/system is free (and Free). People who don't like the way the code is written have a number of other NIDS options both free (Prelude, Firestorm, Pakemon, Shoki, etc) and commercial, and also have the option of running sed(1) to search and replace all the "crap"s and "fuck"s to "doody"s and "darn"s. Ditto with the classification system. The entire rule, classification and configuration default set that comes with Snort is merely an example of suggested configurations and signatures so that you can have something to work with when you *customize* Snort for your site, especially in "professional" grade installations. I'll make no excuses for the people who maintain Snort along side with me, we thought that the classification was funny and we put it in. The development and maintenance team for Snort gives away some of their best ideas *for free* as a matter of principle, and in the words of Jack Nicholson "I have neither the time nor the inclination to explain myself to a man who rises and sleeps under the blanket of the very freedom that I provide and then questions the manner in which I provide it." That's a little overheated, but you get the gist. Some people may think that it's unprofessional, but I've had no complaints from the US Government or military, major e-commerce sites, gigantic banks, semiconductor manufacturers, telecommunications carriers, network security companies and managed security services providers (among others) that use and support Snort for their operations or as services, and if it's good enough for them then I'm ok with it. Snort's acceptance doesn't suffer one iota as far as I'm concerned (and if it actually reduces the support load from blue blood companies that are more worried about appearances than substance, so much the better). The legitemacy and professionalism of Snort and the open source development model is borne out by it's user base. 'Nuff said. -Marty -- Martin Roesch - President, Sourcefire Inc. - (410)552-6999 roesch () sourcefire com - http://www.sourcefire.com Snort: Open Source Network IDS - http://www.snort.org _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Re: Re[2]: snort database diagrams?, (continued)
- Re: Re[2]: snort database diagrams? Guillaume (Nov 14)
- Re: Re[2]: snort database diagrams? Roberto Suarez Soto (Nov 15)
- RE: Professionalism Robert D. Hughes (Nov 14)
- re: Professionalism Joe Pampel (Nov 14)
- RE: Professionalism Chris Eidem (Nov 14)
- RE: re: Professionalism Steve Halligan (Nov 14)
- RE: Professionalism Mike Shaw (Nov 14)
- RE: Professionalism Joshua Wright (Nov 15)
- RE: re: Professionalism Scott Pham (Nov 15)
- RE: re: Professionalism James Fowler (Nov 15)
- Re: re: Professionalism Martin Roesch (Nov 17)
- Re: re: Professionalism Mark Rowlands (Nov 18)
- Re: re: Professionalism Jeff Nathan (Nov 19)
- Message not available
- Re: re: Professionalism Jeff Nathan (Nov 20)
- RE: re: Professionalism James Fowler (Nov 15)
- RE: re: Professionalism Wayne T Work (Nov 18)