Snort mailing list archives
Re: [Emerging-Sigs] GPL rules - who maintains them? Nobody?
From: Martin Roesch <roesch () sourcefire com>
Date: Sat, 19 Mar 2011 22:05:17 -0400
On Sat, Mar 19, 2011 at 9:32 PM, evilghost () packetmail net <evilghost () packetmail net> wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 03/19/11 19:40, Martin Roesch wrote:The people who designed it did so as a response to how ineffectual classic AV models have become. It is a "clean sheet" approach to solving the problem and we did the acquisition after we saw just how powerful the approach is.I think we're all in agreement with this one since the AV model is a false hope (I know, painful words since you own Clam).
Clam is great at what it does and is still driven by its original open source team, I think the ability to write your own sigs is very useful in general. Immunet 3.0 integrates the ClamAV technology so that you can get the best of both worlds, custom sigs + the ClamAV team's coverage (when you want a more traditional AV) in addition to the collective detection model that Immunet brings to bear.
I'm jaded and biased after years of the AV vendors milking a subscription model based on signature-driven/hash-driven detection which does little to combat the threat. I'll give this one a whirl, though I'm also weary of "in the cloud" since the marketing droids like to sling this buzzword to the same magnitude I like to ingurgitate alcohol.
Cloud is the word people use to describe it so that's what we're stuck with. I think being able to offer more comprehensive client-side attack detection/prevention is a worthwhile goal and that's what this technology is designed to do. Hopefully it'll be something you like! Marty -- Martin Roesch - Founder/CTO, Sourcefire Inc. - +1-410-290-1616 Sourcefire - Security for the Real World - http://www.sourcefire.com Snort: Open Source IDP - http://www.snort.org ------------------------------------------------------------------------------ Colocation vs. Managed Hosting A question and answer guide to determining the best fit for your organization - today and in the future. http://p.sf.net/sfu/internap-sfd2d _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Re: [Emerging-Sigs] GPL rules - who maintains them? Nobody?, (continued)
- Re: [Emerging-Sigs] GPL rules - who maintains them? Nobody? Jason Brvenik (Mar 19)
- Re: [Emerging-Sigs] GPL rules - who maintains them? Nobody? Matthew Jonkman (Mar 19)
- Re: [Emerging-Sigs] GPL rules - who maintains them? Nobody? Jason Brvenik (Mar 19)
- Re: [Emerging-Sigs] GPL rules - who maintains them? Nobody? evilghost () packetmail net (Mar 19)
- Re: [Emerging-Sigs] GPL rules - who maintains them? Nobody? Jason Brvenik (Mar 19)
- Message not available
- Message not available
- Message not available
- Re: [Emerging-Sigs] GPL rules - who maintains them? Nobody? Martin Holste (Mar 20)
- Re: [Emerging-Sigs] GPL rules - who maintains them? Nobody? Matthew Jonkman (Mar 21)
- Re: [Emerging-Sigs] GPL rules - who maintains them? Nobody? evilghost () packetmail net (Mar 19)
- Re: [Emerging-Sigs] GPL rules - who maintains them? Nobody? Martin Roesch (Mar 19)
- Re: [Emerging-Sigs] GPL rules - who maintains them? Nobody? evilghost () packetmail net (Mar 19)
- Re: [Emerging-Sigs] GPL rules - who maintains them? Nobody? Martin Roesch (Mar 19)
- Re: [Emerging-Sigs] GPL rules - who maintains them? Nobody? Martin Roesch (Mar 19)
- Re: [Emerging-Sigs] GPL rules - who maintains them? Nobody? Randal T. Rioux (Mar 20)
- Re: [Emerging-Sigs] GPL rules - who maintains them? Nobody? Matthew Jonkman (Mar 21)
- Re: [Emerging-Sigs] GPL rules - who maintains them? Nobody? Matt Olney (Mar 21)
- Re: [Emerging-Sigs] GPL rules - who maintains them? Nobody? Matthew Jonkman (Mar 21)
- Re: [Emerging-Sigs] GPL rules - who maintains them? Nobody? evilghost () packetmail net (Mar 21)
- Re: [Emerging-Sigs] GPL rules - who maintains them? Nobody? Matt Olney (Mar 21)
- Re: [Emerging-Sigs] GPL rules - who maintains them? Nobody? Matthew Jonkman (Mar 21)
- Re: [Emerging-Sigs] GPL rules - who maintains them? Nobody? Randal T. Rioux (Mar 21)
- Re: [Emerging-Sigs] GPL rules - who maintains them?Nobody? Weir, Jason (Mar 21)