Re: Appreciate all of You

["Randal T. Rioux" <randy () procyonlabs com>]

Nice email. But... I have two points to make.

One, and I can't say this enough. Never use your .mil, .gov or company
email to tell the world what security tools your organization uses. It
drives me nuts that these places don't crack down on that.

Second, I think the Navy could pitch in a dime or two to buy support and
enhanced features for tools it so *heavily* uses. Unless you are
discussing personal use with your work email. But I digress. It is
allowed. I just get disappointed when the places I work use something like
Snort, and pay contractors hundreds of thousands of dollars a year to pick
their nosesXXX I mean "customize" their installation when a $50k
investment would take care of that and more for years.

Back to license bickering...

Randy


On Tue, April 14, 2009 8:38 pm, Erickson, Brent W CIV NAVSEA KPWA wrote:
> Hello all,
>
> I confess that I don't know much about open source or GPL.
>
> But I thank Marty, Sourcefire, and all the Snort community for providing
> (10 years ago or more) and still providing and supporting a very powerful
>  and free system that allows me to get as deep as I want to underneath
> the hood and customize Snort to my own organization and it's needs.
>
> And what a great firewall and network troubleshooting tool it is also!!
>
> And it runs like a rock.
>
> What more could I ask for??
>
> I have a superior IDS and IPS system that does not cost me a dime, except
>  my time.
>
> And the support and the product exceed anything I know of in the
> commercial closed source world.
>
> And also many thanks to Frank Knobbe and Snort Sam.
>
> Sincerely,
>
> Brent Erickson
>
>
>
>
>
> ________________________________
>
> From: Martin Roesch [mailto:roesch () sourcefire com] Sent: Tue 4/14/2009
> 4:31 PM To: Alan Shimel Cc: Loyal A Moses;
> snort-users () lists sourceforge net Subject: Re: [Snort-users] v2.8.4
> incorrect logging to MySQL
>
>
>
> Alan,
>
> We're not "hiding behind" anything.  Our licensing terms are clearly
> outlined in Snort 3.  We (and I) believe this is a valid way to license
> software using the GPL.
>
> Nobody has answered my question and I'll modify it a bit: Is
> Fyodor/Insecure.org "hiding behind" the GPL?
>
> Marty
>
> On Tue, Apr 14, 2009 at 6:23 PM, Alan Shimel <alan () stillsecure com>
> wrote:
> > Folks I have argued this point with Marty over and over and that was a
> > year ago when this first came to light. Is it open source? Technically,
> >  yes it is open source. Does Sourcefire need the ability to dual
> > license for other commercial entities that may want to embed Snort? Yes
> > of course. So engineering aside, the plain truth is that if Sourcefire
> > is going to protect their IP (intellectual property) and build a
> > commercial business around it, they have no choice but to do this.
> >
> > They could have just said it is not open source from 3.0 on and gone
> > that way (as other open source projects have), but they choose not to.
> > Also from a commercial point of view, how could they license code that
> > they don't own.  So if they took contributed code and it was not
> > assigned to sourcefire, what right would they have to license and
> > charge someone for this code?
> >
> > The bottom line is welcome to the world of commercial open source. It
> > may shock some of you, offend others and most of you I suspect won't
> > give a darn.  It really only effects you if you contribute code (a
> > small percentage of you) or if you are seeking to embed Snort in your
> > own commercial products.  But don't be naïve, this is what open source
> > software that is owned by commercial companies is all about these days.
> >
> >
> > Last year we at StillSecure released our own product, Cobia on our own
> > "community license" because we didn't want to hide behind a GPL
> > duality. We were plain and open about why we did this and caught flak
> > from the open source community. So I guess no matter what you do, you
> > just can't please all the people all the time!
> >
> > alan
> >
> > StillSecure Alan Shimel Chief Strategy Officer
> >
> > O 561.886.0455 C 516.857.7409 F 303.381.3881
> >
> > StillSecure, After All These Years
> >
> > ? Grab this Headline Animator
> >
> > www.stillsecure.com The information transmitted is intended only for
> > the person to whom it is addressed and may contain confidential
> > material. Review or other use of this information by persons other than
> >  the intended recipient is prohibited. If you've received this in
> > error, please contact the sender and delete from any computer.
> >
> >
> > -----Original Message----- From: Martin Roesch
> > [mailto:roesch () sourcefire com] Sent: Tuesday, April 14, 2009 5:47 PM
> > To: Loyal A Moses Cc: snort-users () lists sourceforge net Subject: Re:
> > [Snort-users] v2.8.4 incorrect logging to MySQL
> >
> > It's actually a dual license if you want to get technical and it's
> > common practice in the open source world where you have a business as
> > the primary developer of the open source technology.
> >
> > Do you consider Nmap to be open source?  It has nearly the exact same
> > license modifiers as we use and has for far longer than the Snort
> > project.  Does anyone consider it to not be open source for
> > noncommercial use?  It's in Debian's apt-get and listed as GPL2 and
> > uses almost exactly the same licensing language that Snort 3 uses, in
> > fact we derived our terms from Nmap's licensing language originally.
> >
> > Snort 3.0 is distributed under the GPLv2, the license is included with
> > the code.  That makes it open source.  The fact that it doesn't bring
> > forward code contributions from Snort 2 has absolutely nothing to do
> > with the fact that they were contributed from 3rd parties.
> >
> > The decision to undertake development of Snort 3.0 had nothing to do
> > with licensing issues and everything to do with engineering
> > requirements.  Go have a look at my blog if you want to understand the
> > scope of those engineering requirements.  *I* decided to start with a
> > fresh code base after mulling it over for months because I felt that
> > adapting the capabilities to the existing Snort 2.x code base wouldn't
> > help us at all in terms of time to release or capabilities.  We would
> > have changed so much that there would have been more effort involved
> > retrofitting the existing code than there would be writing new code. I
> > actually wrote some prototypes of what I wanted to accomplish in Snort
> > 3 on top of Snort 2 and rapidly decided that there was more risk going
> > that route instead of starting from scratch.
> >
> > The fact that it doesn't carry over contributed code makes it no less
> > open source than it is today.  Snort 3 is open source.
> >
> > Marty
> >
> > On Tue, Apr 14, 2009 at 5:06 PM, Loyal A Moses <loyalmoses () mac com>
> > wrote:
> > > Marty,
> > >
> > > Do you mean open source as in GPL or equivalent or as in we can all
> > > read the source?
> > >
> > > A quote from you:
> > >
> > > "We're also saying that people who want to contribute code to the
> > > project do so with the knowledge that we're going to consider the
> > > code as assigned to Sourcefire unless other arrangements are made."
> > >
> > > That doesn't sound so "open source" to me and more like a charade.
> > >
> > > And another quote in the same posting by you:
> > >
> > > "Given that we need to be able to offer Snort under an alternative
> > > license for commercial integrators who are integrating Snort and
> > > don't want to adhere to the GPL it's essential that we retain the
> > > right to relicense the totality of the codebase."
> > >
> > > Now, there is the real reason.
> > >
> > > Just be direct and communicate that version 3 will not be GPL and
> > > Sourcefire will now retain all rights. Unless you plan on having two
> > > source branches with zero intellectual-property cross over and
> > > licensed independently.
> > >
> > > I am not hostile towards the concept. The concept is business and it
> > > is what it is.
> > >
> > > Loyal.
> > >
> > > On Apr 14, 2009, at 1:40 PM, Martin Roesch wrote:
> > >
> > > > Snort 3.0 is open source.
> > > >
> > > > Marty
> > > >
> > > > On Tue, Apr 14, 2009 at 4:21 PM, Loyal A Moses <loyalmoses () mac com>
> > > >  wrote:
> > > > > Snort is open source, until version 3. But that is a whole other
> > > > > argument. On Apr 14, 2009, at 1:11 PM, Joel Esler wrote:
> > > > >
> > > > > No one is taking a vote, we just said, "if we had a vote in
> > > > > it..." I'd rather take the code out of the IDS/IPS and put it
> > > > > into an output module. One that is maintained well (as Shawn
> > > > > said). Snort is an open source program, I don't see harm in
> > > > > discussion on Snort's own mailing lists do you? J
> > > > >
> > > > > On Tue, Apr 14, 2009 at 3:35 PM, Loyal A Moses
> > > > > <loyalmoses () mac com> wrote:
> > > > > > Is Sourcefire limited on development skill or man power?
> > > > > >
> > > > > > It makes no sense at all to remove one of the most common
> > > > > > facilities in use by snort users because it is "too complex".
> > > > > >
> > > > > > In the end, you'll do what you are going to do regardless of
> > > > > > the community -- we've seen it before. But don't use
> > > > > > "complexity" and "bugs" as the excuse.
> > > > > >
> > > > > > Sourcefire is a publicly traded company -- Is it smart to be
> > > > > > taking votes on product development from a mailing list? I
> > > > > > wouldn't think so.
> > > > > >
> > > > > > Loyal.
> > > > > >
> > > > > > On Apr 14, 2009, at 11:52 AM, Jason Brvenik wrote:
> > > > > >
> > > > > > > I have an ulterior motive and it is simple.
> > > > > > >
> > > > > > > Many of the bugs and issues over time with snort have been in
> > > > > > >  output plugins. Make one well supported, tested, unified
> > > > > > > method designed for best performance and while doing so it
> > > > > > > improves the supportability and maintainability of the code
> > > > > > > base.
> > > > > > >
> > > > > > > On Tue, Apr 14, 2009 at 2:39 PM, Loyal A Moses
> > > > > > > <loyalmoses () mac com> wrote:
> > > > > > > > My vote is to provide as many output options as possible,
> > > > > > > > to help keep snort used as a tool.
> > > > > > > >
> > > > > > > > The argument of code complexity being a good reason to
> > > > > > > > remove output facilities is only valid if the code is
> > > > > > > > written poorly and not modular. This wheel doesn't need
> > > > > > > > re-invented and this conversation is kind of silly, unless
> > > > > > > > there is ulterior motives for actually wanting to remove
> > > > > > > > this support.
> > > > > > > >
> > > > > > > > Loyal.
> > > > > > > >
> > > > > > > >
> > > > > > > > -----------------------------------------------------------
> > > > > > > > ------------------- This SF.net email is sponsored by: High
> > > > > > > > Quality Requirements in a Collaborative Environment.
> > > > > > > > Download a free trial of Rational Requirements Composer
> > > > > > > > Now! http://p.sf.net/sfu/www-ibm-com
> > > > > > > > _______________________________________________ Snort-users
> > > > > > > > mailing list Snort-users () lists sourceforge net Go to this
> > > > > > > > URL to change user options or unsubscribe:
> > > > > > > > https://lists.sourceforge.net/lists/listinfo/snort-users
> > > > > > > > Snort-users list archive:
> > > > > > > > http://www.geocrawler.com/redir-sf.php3?list=snort-users
> > > > > >
> > > > > >
> > > > > >
> > > > > > ---------------------------------------------------------------
> > > > > > --------------- This SF.net email is sponsored by: High Quality
> > > > > > Requirements in a Collaborative Environment. Download a free
> > > > > > trial of Rational Requirements Composer Now!
> > > > > > http://p.sf.net/sfu/www-ibm-com
> > > > > > _______________________________________________ Snort-users
> > > > > > mailing list Snort-users () lists sourceforge net Go to this URL
> > > > > > to change user options or unsubscribe:
> > > > > > https://lists.sourceforge.net/lists/listinfo/snort-users
> > > > > > Snort-users list archive:
> > > > > > http://www.geocrawler.com/redir-sf.php3?list=snort-users
> > > > >
> > > > >
> > > > >
> > > > > -- joel esler | Sourcefire | gtalk: jesler () sourcefire com |
> > > > > 302-223-5974
> > > > >
> > > > >
> > > > > -----------------------------------------------------------------
> > > > > ------------- This SF.net email is sponsored by: High Quality
> > > > > Requirements in a Collaborative Environment. Download a free
> > > > > trial of Rational Requirements Composer Now!
> > > > > http://p.sf.net/sfu/www-ibm-com
> > > > > _______________________________________________ Snort-users
> > > > > mailing list Snort-users () lists sourceforge net Go to this URL to
> > > > > change user options or unsubscribe:
> > > > > https://lists.sourceforge.net/lists/listinfo/snort-users
> > > > > Snort-users list archive:
> > > > > http://www.geocrawler.com/redir-sf.php3?list=snort-users
> > > >
> > > >
> > > >
> > > > -- Martin Roesch - Founder/CTO, Sourcefire Inc. - +1-410-290-1616
> > > > Sourcefire - Security for the Real World -
> > > > http://www.sourcefire.com <http://www.sourcefire.com/> Snort: Open
> > > > Source IDP - http://www.snort.org <http://www.snort.org/>
> > >
> > >
> > > ---------------------------------------------------------------------
> > > --------- This SF.net email is sponsored by: High Quality
> > > Requirements in a Collaborative Environment. Download a free trial of
> > > Rational Requirements Composer Now! http://p.sf.net/sfu/www-ibm-com
> > > _______________________________________________ Snort-users mailing
> > > list Snort-users () lists sourceforge net Go to this URL to change user
> > > options or unsubscribe:
> > > https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users
> > > list archive:
> > > http://www.geocrawler.com/redir-sf.php3?list=snort-users
> >
> >
> >
> > -- Martin Roesch - Founder/CTO, Sourcefire Inc. - +1-410-290-1616
> > Sourcefire - Security for the Real World - http://www.sourcefire.com
> > <http://www.sourcefire.com/> Snort: Open Source IDP -
> > http://www.snort.org <http://www.snort.org/>
> >
> > -----------------------------------------------------------------------
> > ------- This SF.net email is sponsored by: High Quality Requirements in
> > a Collaborative Environment. Download a free trial of Rational
> > Requirements Composer Now! http://p.sf.net/sfu/www-ibm-com
> > _______________________________________________ Snort-users mailing
> > list Snort-users () lists sourceforge net Go to this URL to change user
> > options or unsubscribe:
> > https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users
> > list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
>
>
>
> -- Martin Roesch - Founder/CTO, Sourcefire Inc. - +1-410-290-1616
> Sourcefire - Security for the Real World - http://www.sourcefire.com
> <http://www.sourcefire.com/> Snort: Open Source IDP -
> http://www.snort.org <http://www.snort.org/>
>
> -------------------------------------------------------------------------
> ----- This SF.net email is sponsored by: High Quality Requirements in a
> Collaborative Environment. Download a free trial of Rational Requirements
> Composer Now! http://p.sf.net/sfu/www-ibm-com
> _______________________________________________ Snort-users mailing list
> Snort-users () lists sourceforge net Go to this URL to change user options
> or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users
>
>
>
> -------------------------------------------------------------------------
> ----- This SF.net email is sponsored by: High Quality Requirements in a
> Collaborative Environment. Download a free trial of Rational Requirements
> Composer Now! http://p.sf.net/sfu/www-ibm-com
> _______________________________________________ Snort-users mailing list
> Snort-users () lists sourceforge net Go to this URL to change user options
> or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users



------------------------------------------------------------------------------
This SF.net email is sponsored by:
High Quality Requirements in a Collaborative Environment.
Download a free trial of Rational Requirements Composer Now!
http://p.sf.net/sfu/www-ibm-com
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users