Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: [SPAM] - Re: My Experience with the new Sourcefire VRT rules.. - Email found in subject

From: Martin Roesch <roesch () sourcefire com>
Date: Tue, 8 Mar 2005 17:10:28 -0500
Hi Marc,
Good suggestion on the one-time-fee download, we're talking it over here at Sourcefire. 

     -Marty

On Mar 8, 2005, at 3:20 PM, Marc Hering wrote:
Thanks for the update Martin, I figured it was something like that, I did the Alt-I in Firefox and didn't see the encryption.... 

I'll check back in in the next 24 hours.

Thanks!
Also, does VRT plan to have a "one off" download plan,,,IE a company doesn't want to pay a yearly subscription, but if a MAJOR worm comes out they can pay a one time fee and get the updated rules? 

Thanks

-----Original Message-----
From: Martin Roesch [mailto:roesch () sourcefire com]
Sent: Tuesday, March 08, 2005 3:07 PM
To: Marc Hering
Cc: snort-users () lists sourceforge net
Subject: [SPAM] - Re: [Snort-users] My Experience with the new Sourcefire VRT rules.. - Email found in subject 

Hi Marc,
We're dealing with a few last minute issues on our end, things should be solid in the next 24 hours or so.
The cert was made for sourcefire.com, not snort.org originally. We're waiting on our cert from Thawte and it should be up today. The site is encrypted even if the cert isn't "valid" for the domain, if you're in firefox you can hit <alt-i> to pull up site info and click on the Security tab to see if the site is cleartext or encrypted if you need to prove it to yourself. We wouldn't expect you to transmit info in the clear obviously. 

The subscription form has the rates in the first line of the form.
It's $195/495/1795 per month/quarter/year respectively. You need a free registration to subscribe.
We apologize for the rule lookup being inactive right now, we're working on it. 

      -Marty

On Mar 8, 2005, at 1:19 PM, Marc Hering wrote:


 
Well,
 I know there has been a lot of debate over the new VRT Rules and
licensing methods from Sourcefire.  I was staying on the sidelines due
to my relative newness to Snort in general, but now that I have had
some interaction with the new website I wanted to let everyone know my
experiences..  This is just what happened to me, and I am not trying
to start any flame wars...so if you agree with me then great, if you
don't agree with me then great!
 
Let me start out by saying that I personally don't have a problem with
what SF is doing,  After all, if I didn't want to pay I can still get
the rules 5 days later for free or write my own.  but since I need the
rules pretty fast (and I am not the best at writing rules..) I was ok
with paying the subscription fee.   So I mosey on over to snort.org
and try to sign up.
  
Well, all I can say is that if you are like me and don't mind paying
the subscription, then GOOD LUCK!!  Finding the pricing is damn near
impossible, and when you follow the link to even sign up, it tries to
take you to a secure site THAT HAS AN INVALID CERTIFICATE! (the cert
is valid, but it doesn't protect snort.ort  it is for
sourcefire.com)   then when I get to the signup page, firefox reports
that this site is not secure at all (even though it says https, there
is no encryption going on) Yean I'm gonna transmit info
plaintext..NOT!   And still no mention of how much it costs until
after you create an account.....  Oh and for all you ACID users out
there, I just found out that you can't do a rule lookup anymore even
if you are a subscriber ( In their defense, they DO say the rule
lookup function is forthcoming and I am sure some clever person will
write a patch eventually)
 
I completely understand why Sourcefire is changing the way the rules
are distributed, and I support them in it after all, they do deserve
to get paid for hard work, however if they are going to make a change
like this that affects the whole snort community, then I would request
that they at least make sure that everything works before they put it
live!
Thanks!
 
</rant mode>


--
Martin Roesch - Founder/CTO, Sourcefire Inc. - +1-410-290-1616 Sourcefire - Discover. Determine. Defend. - http://www.sourcefire.com Snort: Open Source Intrusion Detection and Prevention - http://www.snort.org 



--
Martin Roesch - Founder/CTO, Sourcefire Inc. - +1-410-290-1616
Sourcefire - Discover.  Determine.  Defend. - http://www.sourcefire.com
Snort: Open Source Intrusion Detection and Prevention - http://www.snort.org 



-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://ads.osdn.com/?ad_ide95&alloc_id396&op=click
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: