Snort mailing list archives

RE: My Experience with the new Sourcefire VRT rules..

From: "Keith Pachulski" <keithp () corp ptd net>
Date: Wed, 9 Mar 2005 07:46:18 -0500

You`re not selling those snort stormtrooper outfits by chance are you? Would make a great costume for defcon =)

-----Original Message-----
From: Martin Roesch [mailto:roesch () sourcefire com]
Sent: Tuesday, March 08, 2005 5:35 PM
To: Arseneault, Thomas (HQP)
Cc: Jose Maria Lopez Hernandez; snort-users () lists sourceforge net
Subject: Re: [Snort-users] My Experience with the new Sourcefire VRT
rules..

Just FYI, I talked to our lawyers about this and it's a standard 
provision in software license agreements.  Basically if you're not 
violating the use clause in the agreement, then you have absolutely 
nothing to be concerned with.  Stormtroopers wearing Snort masks are 
not
going to randomly show up at your door and demand to see your books.  
In the unlikely event we suspect that someone is trying to distribute 
the VRT rules for a profit, this provision merely provides us some 
recourse to seek assurances that our suspicions are incorrect, or, as a 
last
resort, perform an audit.  Audits are expensive and going around 
performing them without cause will certainly do us more harm then good. 
  And it goes without saying that we would comply and respect local law 
before attempting to do anything.

      -Marty

On Mar 8, 2005, at 3:06 PM, Arseneault, Thomas (HQP) wrote:

They do have a blurb in there concerning if local laws prevent fully 
complying with the license terms so they did think of that. I'll leave 
it up to the lawyers to determine how good/bad the clause is, but it 
is there.

Tom Arseneault
Security Engineer
Robert Half International

-----Original Message-----
From: snort-users-admin () lists sourceforge net 
[mailto:snort-users-admin () lists sourceforge net] On Behalf Of Jose 
Maria Lopez Hernandez
Sent: Tuesday, March 08, 2005 12:00 PM
To: snort-users () lists sourceforge net
Subject: RE: [Snort-users] My Experience with the new Sourcefire VRT 
rules..

El mar, 08-03-2005 a las 13:32 -0500, Scott Morris escribió:


    It is a new site so I'll give them slack there. However our
corporate counsel had  apoplexy when he saw the license terms.
Particularly the granting access to books, records and facilities.

You will, from time to time and as requested by Sourcefire, provide
assurances to Sourcefire that you are using the VRT Certified Rules
consistent with a Permitted Use, and you grant Sourcefire access, at
reasonable times and in a reasonable manner, to the VRT Certified
Rules in your possession or control, and to your books, records and
facilities to permit Sourcefire to verify appropriate use of the VRT
Certified Rules and compliance with this Agreement.


This is completely illegal. At least in my country, Spain. Sourcefire 
should be aware that their license it's under the control of the 
country laws they are selling their services to. I think this it's 
going too fast. I agree with the new licensing terms, but this is an 
error. I think Sourcefire should take a look at their licensing terms 
or the license will not be legal in many countries.

Regards.

-- 

Jose Maria Lopez Hernandez
Director Tecnico de bgSEC
jkerouac () bgsec com
bgSEC Seguridad y Consultoria de Sistemas Informaticos 
http://www.bgsec.com ESPAÑA

The only people for me are the mad ones -- the ones who are mad to 
live, mad to talk, mad to be saved, desirous of everything at the same 
time, the ones who never yawn or say a commonplace thing, but burn, 
burn, burn like fabulous yellow Roman candles.
                -- Jack Kerouac, "On the Road"




-------------------------------------------------------
SF email is sponsored by - The IT Product Guide Read honest & candid 
reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://ads.osdn.com/?ad_ide95&alloc_id396&op=ick
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=ort-users




-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real 
users.
Discover which products truly live up to the hype. Start reading now.
http://ads.osdn.com/?ad_ide95&alloc_id396&op=click
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

-- 
Martin Roesch - Founder/CTO, Sourcefire Inc. - +1-410-290-1616
Sourcefire - Discover.  Determine.  Defend. - http://www.sourcefire.com
Snort: Open Source Intrusion Detection and Prevention - 
http://www.snort.org



-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://ads.osdn.com/?ad_ide95&alloc_id396&op=ick
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=ort-users


-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://ads.osdn.com/?ad_ide95&alloc_id396&op=click
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Current thread:

Re: My Experience with the new Sourcefire VRT rules.., (continued)
- Re: My Experience with the new Sourcefire VRT rules.. Peter J Manis (Mar 08)
- Re: My Experience with the new Sourcefire VRT rules.. Martin Roesch (Mar 08)
- RE: My Experience with the new Sourcefire VRT rules.. Scott Morris (Mar 08)
  - RE: My Experience with the new Sourcefire VRT rules.. Jose Maria Lopez Hernandez (Mar 08)
  - Re: My Experience with the new Sourcefire VRT rules.. Michael Sierchio (Mar 09)
- RE: My Experience with the new Sourcefire VRT rules.. Arseneault, Thomas (HQP) (Mar 08)
  - Re: My Experience with the new Sourcefire VRT rules.. Martin Roesch (Mar 08)
    - Re: My Experience with the new Sourcefire VRT rules.. Jose Maria Lopez Hernandez (Mar 09)
- RE: My Experience with the new Sourcefire VRT rules.. James Ashton (Mar 08)
  - Re: My Experience with the new Sourcefire VRT rules.. Martin Roesch (Mar 09)
- RE: My Experience with the new Sourcefire VRT rules.. Keith Pachulski (Mar 09)