Snort mailing list archives
Re: RE: Installing SNORT 1.8.3 on win2k server
From: Martin Roesch <roesch () sourcefire com>
Date: Wed, 13 Mar 2002 17:20:02 -0500
On 3/13/02 2:36 AM, "Stuart Staniford" <stuart () silicondefense com> wrote:
On Tuesday, March 12, 2002, at 03:28 PM, Martin Roesch wrote:Should we discuss the cost of producing Snort in the first place in man hours donated to the project versus your contribution? Nah, it'd make that contribution look pretty paltry and profit motivated in comparison. Foregoing the development costs in favor of a renewable-revenue services model isn't exactly a new idea.andAs you know, I run a company that is directly competitive with yours and yet I seem to be able to refrain from constantly engaging in crass marketing tactics.Marty: Firstly, I'd like to say that I appreciate tremendously the years of volunteer effort you have put into Snort in the past. No-one would question the massive contribution you have made in starting and sustaining Snort, and the Snort community. You were public spirited in the extreme. We at Silicon Defense are deeply grateful for what you pioneered.
And continue to develop. Please don't try to marginalize my on-going contributions to the project, I continue to be the primary developer and project coordinator for this very large open source project and talking about my position with regards to the project in the past tense does a disservice to me and to the long time members of this list. This post reeks of politicking and I find it offensive.
For a number of years now, we have been glad to help and support you and other members of the community by releasing free software to help use Snort, producing components for Snort, working on algorithmic improvements to make it faster, and helping users with their queries on the list. Our company has been built around Snort from when it was tiny, and it continues to be so today. In working with an Open Source product, we recognize our obligation to try to be of benefit to the community, and to contribute to it as best we can given the circumstances we find ourselves in. We intend to continue to offer help to the community in the same ways we have done in the past.
And it has been appreciated where it has been appropriate. Unfortunately as you have migrated into the commercial realm you seem to have lost touch with what people who use Snort for free want, unfettered and non-commercial access to information and code. I was under the impression that your company was built around DARPA contracts and has recently migrated to commercial Snort support, probably due to the non-fixed profit margins involved with such an enterprise.
If members of the community think that our communications have seemed self-serving, as opposed to simply helping people, or explaining the free resources that we offer to the community, I apologize. I am distressed at the tone of this thread, and if we have contributed to that, I'm sorry also.
One of your employees *initiated* it, "contributing" is a gross understatement. If you'll read the thread that kicked this whole episode off, you'll see that one of your "Snort Support Technicians" answered a question by redirecting a person to use the Silicon Defense version of Snort (which, incidentally shouldn't differ from any other version of Snort) and roll back the version of winpcap he was using without even bothering to look at the error that was being generated by Snort. Who does this help other than Silicon Defense getting one more pair of eyeballs on your site who will hopefully sign up for your for-pay services?
I share your sense that the snort-users list, snort.org, the snort CVS itself, etc should exist for the benefit of the Snort community as a whole, and not for the benefit of any particular company that might try to use them to gain "crass" business advantage. Since you, and we, and others, all now run for-profit companies that are trying to make a successful business out of the expertise we have each developed in Snort, this presents something of a challenge. While we compete in some ways, we need to co-operate for the benefit of the community in others and we need to remain civil with each other in the various public forums for the Snort community.
I'd love to, but circumstances and the treatment I and my company has been receiving at the hands of companies like yours prevents it. If anyone can remember a way in which the community has been a disservice by either myself or by anyone at Sourcefire, I'd like to hear about it.
If indeed the snort community determines that snort-users needs moderation, can I suggest that we find someone impartial to do it? That would protect you from any suggestion that you might use the position of moderator to advance your own commercial agenda. People who don't know you well might wonder whether there was a conflict of interest between your role as President of Sourcefire (a private company seeking to make a lot of money from Snort) and as the moderator of snort-users (trying to prevent misuse of the list for commercial purposes). I suggest some kind of impartial person or advisory board might be the best solution to avoiding any such perception.
This is a ridiculous suggestion. We're going to moderate the Snort-users list by committee? We're going to find an impartial 3rd party who knows enough about Snort to moderate the list effectively? I sincerely doubt it. If anyone is going to moderate the list, it'll be the people who have been here all along helping users get the most out of the system, I can think of several people immediately who could be very helpful in this effort: Me Chris Green Erek Adams Phil Wood Fyodor Brian Caswell Andrew Baker Ralf Hildebrant Dragos Ruiu Roman Danyliw Ryan Russel Joe McAlerney I doubt you'd be able to find more effective moderators, especially impartial 3rd parties.
The snort-users list is for discussing the use of snort. It is not intended to be used as a marketing platform nor to push personal or corporate agendas.Agreed. It's reassuring to hear you say that. Perhaps Sourcefire and Silicon Defense should try to agree on a code of ethics that we would both adhere to to ensure that neither company was abusing the list etc for its own commercial advantage? Other companies in the Snort space that chose to do so could be involved also.
I'm unwilling to enter into any sort of agreement with Silicon Defense at this time. My company's stance on open source versus commercial questions is a matter of open record, we enforce a strict separation of "church and state" here with regards to how Snort is developed and used within our products. Snort has clearly benefited from my company's involvement with the program. Stream4, frag2, spo_unified and barnyard were written by me (barnyard was taken over by Andrew Baker) for my company to make Snort an enterprise class NIDS solution and these modules were freely put into the open source code base of the system. Our position on the proprietary nature of our appliance software and how that fits together with the open source Snort code base are public knowledge too, I have repeated time after time that Snort will always be open and free to its users and that the interests of my company are directly aligned with building the best Snort sensor technology possible and keeping that code open source. Your attempt to muddy the waters by stating that my intensions are anything less than honorable or straightforward with regards to providing Snort as an open source system and separate from my company's interests is also not appreciated. -Marty -- Martin Roesch - Founder/CEO, Sourcefire Inc. - (410)290-1616 Sourcefire: Professional Snort Sensor and Management Console appliances roesch () sourcefire com - http://www.sourcefire.com Snort: Open Source Network IDS - http://www.snort.org _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- RE: Installing SNORT 1.8.3 on win2k server Michael Steele (Mar 11)
- Re: RE: Installing SNORT 1.8.3 on win2k server Erek Adams (Mar 11)
- Re: RE: Installing SNORT 1.8.3 on win2k server Dragos Ruiu (Mar 12)
- Re: RE: Installing SNORT 1.8.3 on win2k server Martin Roesch (Mar 12)
- Re: RE: Installing SNORT 1.8.3 on win2k server Dragos Ruiu (Mar 12)
- RE: RE: Installing SNORT 1.8.3 on win2k server Michael Steele (Mar 12)
- Re: RE: Installing SNORT 1.8.3 on win2k server Martin Roesch (Mar 12)
- Re: RE: Installing SNORT 1.8.3 on win2k server John Sage (Mar 12)
- Re: RE: Installing SNORT 1.8.3 on win2k server Stuart Staniford (Mar 12)
- Re: RE: Installing SNORT 1.8.3 on win2k server Andrew R. Baker (Mar 13)
- Re: RE: Installing SNORT 1.8.3 on win2k server Martin Roesch (Mar 13)
- RE: RE: Installing SNORT 1.8.3 on win2k server Ofir Arkin (Mar 13)
- List Usage Mike Poor (Mar 13)
- RE: RE: Installing SNORT 1.8.3 on win2k server Michael Steele (Mar 12)
- Re: RE: Installing SNORT 1.8.3 on win2k server Erek Adams (Mar 11)
- Re: RE: Installing SNORT 1.8.3 on win2k server Dragos Ruiu (Mar 12)
- <Possible follow-ups>
- RE: RE: Installing SNORT 1.8.3 on win2k server C . Prickaerts (Mar 11)
- Re: RE: Installing SNORT 1.8.3 on win2k server John Sage (Mar 12)
- Fw: Re: RE: Installing SNORT 1.8.3 on win2k server Dragos Ruiu (Mar 12)
- RE: RE: Installing SNORT 1.8.3 on win2k server Y P Chien (Mar 12)
- Re: RE: Installing SNORT 1.8.3 on win2k server Dragos Ruiu (Mar 12)
- RE: RE: Installing SNORT 1.8.3 on win2k server Kreimendahl, Chad J (Mar 13)