Snort mailing list archives
Re: rules downloads and
From: Matt Kettler <mkettler () evi-inc com>
Date: Tue, 19 Sep 2006 13:47:58 -0400
SN ORT wrote:
Oh well, since you know Marty so well, you're like close friends now, maybe you can explain why people now have to pay for the latest sigs?
Erm, you only have to pay to get the latest signatures that SourceFire developed internally. All the community-developed rules are not delayed, nor for pay. Also previously these SourceFire signatures were not available on a early basis to normal snort users at all, only users of the commercial sourcefire boxes could get them early. Snort users had to wait. This is the way been. SF made no secrets about it, and I do recall it being mentioned several times on the list that they updated their commercial subscribers first, then made their releases to the snort userbase later. This is all long before the for-pay option existed. So while this looks like SF is taking something away to gain a profit, they're really offering something they never offered before. It's a way for the free product users to step up to the same level of rule updates as the commercial product, but with reduced cost (and none of the other commercial product features like RNA). Personally, I like it, and think it's a good way for SF to get money to continue to feed their rule research team.
I'm not faulting people for trying to make a buck, I'm just saying it's a bit foolish to rely soley on a free product to protect your network and expect it to remain free and last forever. Open source is a Godsend, but let's be realistic: another reason to make a great open-source product is to build confidence, reputation, and then start making the big $$$$$! This is a natural progression of things, and sooner or later programmers have to make money.
While there's some truth in what you say, there's also a lot of fallacy in it. Many free products do have a lot of potential to last forever. These are mostly tools where the developer needs the tool help them in their normal for-pay job. Tools like tcpdump/Ethreal will probably always have developers contributing to it for free, because many developers working on other network technologies rely on it, and often find/fix bugs in it as a side-effect of doing other for-pay work. Now I'd agree, snort may not fall into this, but it's a pure fallacy to think this can't ever happen to any software tool. It can, and does. ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys -- and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Re: Snort-users Digest, Vol 4, Issue 26 SN ORT (Sep 19)
- Re: Snort-users Digest, Vol 4, Issue 26 Paul Schmehl (Sep 19)
- Re: rules downloads and Matt Kettler (Sep 19)