Nmap Development mailing list archives
Re: Nmap/Sourcefire Collaboration
From: Fyodor <fyodor () insecure org>
Date: Thu, 24 May 2007 15:55:28 -0700
On Thu, May 24, 2007 at 03:28:20PM -0700, doug () hcsw org wrote:
I'm sure you're well aware of the friction and problems these issues caused for Nessus and I'd hate to see Nmap go down a similar road.
Hi Doug. I'd hate to see that too! And I'm happy to report that this isn't anything like the case of Nessus going proprietary. The Nmap license isn't changing, and we'll only be accepting scripts from SouceFire if they are under the Nmap license. It is similar to the case of Google, who is sponsoring people to work on NSE and write NSE scripts. We will accept scripts from pretty much any corporation or individual as long as they are under the Nmap license. In exchange for contributing scripts to Nmap, SourceFire gets to use the Nmap Technology within their products. That part is similar to the licenses which dozens of companies buy to embed Nmap within their products. Those licenses and web advertising are the main funding for the Nmap project. So nothing is changing much for us, except that we'll have Google AND Sourcefire helping with NSE development this summer. That should certainly speed things up! While the Nmap license isn't changing related to this, I still hope to change it to the Nmap Public Source License at some point. I posted a draft of that last November (http://seclists.org/nmap-dev/2006/q4/0126.html), but I haven't had time to work on that for the last 6 months. I need to follow up on a lead I have for a good open source copyright lawyer to review it. Also, I'm not trying to turn Nmap into Nessus. There is a big difference between adding some checks for common and critical remote vulnerabilities and implementing a comprehensive vuln scanner such as Nessus with tens of thousands of checks. Cheers, -F _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- Nmap/Sourcefire Collaboration doug (May 24)
- Re: Nmap/Sourcefire Collaboration Fyodor (May 24)