Snort mailing list archives
RE: re: Professionalism
From: ICPPhila_Email_Review () icpphil navy mil
Date: Tue, 20 Nov 2001 10:29:33 -0500
Well, I guess it's time for me to put in my TWO cents Marty, I am one of those who believes very much in this product. I also believe in "Open Source" software. I also want to say that I appreciate your work and efforts getting this to fruition. The credibility of this product must be noted as I have read reviews that have stated this and the fact that the CERT people write code o support this products reporting. Gee!! I don't know but maybe they might be a good source of reference. I believe that people who spend time worrying about where a piece of code has a little language in it needs to "GET A LIFE" cause they obviously have way to much time on their hands that they have to worry about such trivial things. The real key focus here needs to be on the development, "constructive" comments and assistance so that this product can support the ISS needs of a couple million people and the ability to mitigate risk from people who have way to much time on their hands and write viruses and make dumb ass comments on subjects that they obviously have no clue about. I have been doing ISS for over 18 yrs and in that time I have NEVER felt the need to comment on an issue like this but this is the first. Marty keep up the great job and take care. Wayne T Work -----Original Message----- From: snort-users-admin () lists sourceforge net [mailto:snort-users-admin () lists sourceforge net]On Behalf Of Martin Roesch Sent: Saturday, November 17, 2001 7:55 PM To: snort-users () lists sourceforge net Subject: Re: [Snort-users] re: Professionalism It's always nice to go on the road for a few days because I can almost always be sure that the [expletive deleted] will hit the fan in one way or another when I'm travelling and can't respond in an effective manner. I'll start off by posing a question: MS Excel has a functioning *flight simulator* embedded into it as an easter egg, does anyone take it less seriously as a business application because of that? The vast majority of Snort was written by me between the hours of 10PM and 3AM over the course of the past three years. Up until recently, I've done this in my spare time exlusively. The contributers to the project are almost exclusively volunteers, also giving their best in their spare time. Given all that, it's pretty amazing that this software works at all without even mentioning that Snort is widely considered to be one of the top intrusion detection technologies available. What's even more amazing is that when compared with the top 10 commercial NIDS available, Snort was bested only by 2 products from companies with market caps in excess of $1B, beating all the dedicated security companies in the review (I'm talking about the Network Computing review here, it's been linked in some of the other replies). If you'll take a second and grep for the "top 7 words you can't say on TV" in the source, you will see there are a number of not entirely professional comments and messages contained within. It's widely been said that "the one language that all programmers know is profanity", and there's no exception in Snort. When I'm coding some up some tricky concept or piece of code and it's not going well (or for whatever other reason) I have been known to slip colorful language into comments or error messages. These things happen at 2AM, they're inevitable. This code/system is free (and Free). People who don't like the way the code is written have a number of other NIDS options both free (Prelude, Firestorm, Pakemon, Shoki, etc) and commercial, and also have the option of running sed(1) to search and replace all the "crap"s and "fuck"s to "doody"s and "darn"s. Ditto with the classification system. The entire rule, classification and configuration default set that comes with Snort is merely an example of suggested configurations and signatures so that you can have something to work with when you *customize* Snort for your site, especially in "professional" grade installations. I'll make no excuses for the people who maintain Snort along side with me, we thought that the classification was funny and we put it in. The development and maintenance team for Snort gives away some of their best ideas *for free* as a matter of principle, and in the words of Jack Nicholson "I have neither the time nor the inclination to explain myself to a man who rises and sleeps under the blanket of the very freedom that I provide and then questions the manner in which I provide it." That's a little overheated, but you get the gist. Some people may think that it's unprofessional, but I've had no complaints from the US Government or military, major e-commerce sites, gigantic banks, semiconductor manufacturers, telecommunications carriers, network security companies and managed security services providers (among others) that use and support Snort for their operations or as services, and if it's good enough for them then I'm ok with it. Snort's acceptance doesn't suffer one iota as far as I'm concerned (and if it actually reduces the support load from blue blood companies that are more worried about appearances than substance, so much the better). The legitemacy and professionalism of Snort and the open source development model is borne out by it's user base. 'Nuff said. -Marty -- Martin Roesch - President, Sourcefire Inc. - (410)552-6999 roesch () sourcefire com - http://www.sourcefire.com Snort: Open Source Network IDS - http://www.snort.org _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- RE: Professionalism, (continued)
- RE: Professionalism Mike Shaw (Nov 14)
- RE: Professionalism Joshua Wright (Nov 15)
- RE: re: Professionalism Scott Pham (Nov 15)
- RE: re: Professionalism James Fowler (Nov 15)
- Re: re: Professionalism Martin Roesch (Nov 17)
- Re: re: Professionalism Mark Rowlands (Nov 18)
- Re: re: Professionalism Jeff Nathan (Nov 19)
- Message not available
- Re: re: Professionalism Jeff Nathan (Nov 20)
- RE: re: Professionalism James Fowler (Nov 15)
- RE: re: Professionalism Wayne T Work (Nov 18)