Nmap Development mailing list archives
Re: Metasploit joining forces with Rapid7
From: Ron <ron () skullsecurity net>
Date: Wed, 21 Oct 2009 19:11:47 -0500
So, when can we expect Nmap to join forces with, say, Symantec? :DBut seriously, I'd be lying if I said that the Rapid7 move didn't concern me.. I'm not all that sure how it's all going to shake out. That being said, I have a ton of respect for HD and the Metasploit guys, and I'm sure they wouldn't be doing it if they didn't see it as the best option.
My biggest concern is community contributions. I mean, who's going to contribute to a for-profit company without getting paid for it? Why do I want to write code that some company is making money off of? I'm sure a lot of people feel the same way...
But, in the end, we'll just have to wait and see how it shakes out. I wish them the best of luck!
Ron On 10/21/2009 06:14 PM, Fyodor wrote:
This doesn't directly affect the Nmap project, but I'd like to congratulate HD Moore and the Metasploit project for joining forces with Rapid7! HD has done so much for Metasploit in his spare time that I can't wait to see what he and Egypt and the new team accomplish going forward with full-time dedication to the project. The Nmap project has certainly improved dramatically since 2002, when I quit my job at Netscape to work on Nmap full time. I can't take all the credit for that, but it did allow me to expand the scope of Nmap and implement many features I had wanted for years. Development sped up yet again when David joined the project (starting as a SoC student in 2007). Since I left Netscape we've added Zenmap, the Nmap Scripting Engine, Mac OS X support, Ncat, a rewritten port scanning engine, ARP scanning, version detection, and much more[1]. I wish Metasploit the same sort of success! Of course it is always a bit scary to see an open source project acquired by a for-profit VC-backed company. What if they go closed source and we end up having to pay thousands of dollars a year for a required plugin feed? After reading what HD has to say and speaking with Chad Loder of Rapid7, I don't see this as likely. They both sound dedicated to keeping Metasploit a free and open source resource for the community. Plus, Metasploit is BSD-licensed so anyone can fork it if they aren't happy with its direction. Here are some links with more information: Metasploit ML threads: http://seclists.org/metasploit/2009/q4/93 http://seclists.org/metasploit/2009/q4/103 Formal announcement/FAQ: http://www.rapid7.com/metasploit-announcement.jsp http://www.metasploit.com/home/faq Blog/News articles: http://vrt-sourcefire.blogspot.com/2009/10/rapid7-make-bold-statement-acquiring.html http://blog.coresecurity.com/2009/10/21/rapid7-metasploit-and-expansion-in-the-penetration-testing-market/ http://www.cio.com/article/505572/Open_Source_Security_Project_Could_Get_a_Boost_with_Metasploit_Buy?taxonomyId=1461 http://risky.biz/RB128 http://blog.internetnews.com/skerner/2009/10/open-source-metasploit-gets-ac.html http://news.slashdot.org/story/09/10/21/141206/ Cheers, Fyodor [1] http://nmap.org/book/history-future.html _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
-- Ron Bowes http://www.skullsecurity.org/ _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Metasploit joining forces with Rapid7 Fyodor (Oct 21)
- Re: Metasploit joining forces with Rapid7 Ron (Oct 21)
- Re: Metasploit joining forces with Rapid7 Fyodor (Oct 21)
- Re: Metasploit joining forces with Rapid7 Arturo 'Buanzo' Busleiman (Oct 21)
- Re: Metasploit joining forces with Rapid7 Fyodor (Oct 21)
- Re: Metasploit joining forces with Rapid7 Ron (Oct 21)