Snort mailing list archives
Re: v2.8.4 incorrect logging to MySQL
From: Paul Schmehl <pschmehl_lists () tx rr com>
Date: Tue, 14 Apr 2009 20:16:56 +0000
Sourcefire develops and provides snort, to the community, for free. They do *not* develop ancilliary apps for free. If you want a coordinated, polished interface, you buy Sourcefire (as we have.) If you want an open source build-your-own IDS, you install snort *plus* whatever additional pieces you want. It isn't Sourcefire's responsibility to develop ancilliary tools for snort, although they do some work in that area and encourage others to do it as well. As to your "we've seen it before" comment, I think you have to look at the performance of Sourcefire since the company was established. You would have to admit, then, that Marty has managed to sustain his goal of continuous development of the open source product alongside the proprietary one with a minimum of disruptions. The only change has been in the timing of rules releases, and that is a small price to pay for such an accomplished product. Those rules are written by Sourcefire engineers to serve their customers and provided to the community free of charge, with a slight delay. I think that is commendable, and I thank Marty for his contributions to the open source community and his sterling example of how to maintain open source products while creating a commercially viable company. Besides, you can always write your own rules or use emerging threats and other sources for rules. As to whether it's smart to discuss development on a public list, their source code is freely available. It's kind of hard to hide the direction of their development. --On Tuesday, April 14, 2009 14:35:33 -0500 Loyal A Moses <loyalmoses () mac com> wrote:
Is Sourcefire limited on development skill or man power? It makes no sense at all to remove one of the most common facilities in use by snort users because it is "too complex". In the end, you'll do what you are going to do regardless of the community -- we've seen it before. But don't use "complexity" and "bugs" as the excuse. Sourcefire is a publicly traded company -- Is it smart to be taking votes on product development from a mailing list? I wouldn't think so. Loyal. On Apr 14, 2009, at 11:52 AM, Jason Brvenik wrote:I have an ulterior motive and it is simple. Many of the bugs and issues over time with snort have been in output plugins. Make one well supported, tested, unified method designed for best performance and while doing so it improves the supportability and maintainability of the code base. On Tue, Apr 14, 2009 at 2:39 PM, Loyal A Moses <loyalmoses () mac com> wrote:My vote is to provide as many output options as possible, to help keep snort used as a tool. The argument of code complexity being a good reason to remove output facilities is only valid if the code is written poorly and not modular. This wheel doesn't need re-invented and this conversation is kind of silly, unless there is ulterior motives for actually wanting to remove this support. Loyal. --------------------------------------------------------------------------- --- This SF.net email is sponsored by: High Quality Requirements in a Collaborative Environment. Download a free trial of Rational Requirements Composer Now! http://p.sf.net/sfu/www-ibm-com _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users------------------------------------------------------------------------------ This SF.net email is sponsored by: High Quality Requirements in a Collaborative Environment. Download a free trial of Rational Requirements Composer Now! http://p.sf.net/sfu/www-ibm-com _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
-- Paul Schmehl, Senior Infosec Analyst As if it wasn't already obvious, my opinions are my own and not those of my employer. ******************************************* Check the headers before clicking on Reply. ------------------------------------------------------------------------------ This SF.net email is sponsored by: High Quality Requirements in a Collaborative Environment. Download a free trial of Rational Requirements Composer Now! http://p.sf.net/sfu/www-ibm-com _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Re: v2.8.4 incorrect logging to MySQL, (continued)
- Re: v2.8.4 incorrect logging to MySQL Shirk Dog (Apr 14)
- Re: v2.8.4 incorrect logging to MySQL JJ Cummings (Apr 14)
- Re: v2.8.4 incorrect logging to MySQL Loyal A Moses (Apr 14)
- Re: v2.8.4 incorrect logging to MySQL JJ Cummings (Apr 14)
- Re: v2.8.4 incorrect logging to MySQL Shirk Dog (Apr 14)
- Re: v2.8.4 incorrect logging to MySQL Joel Esler (Apr 14)
- Re: v2.8.4 incorrect logging to MySQL Joel Esler (Apr 14)
- Re: v2.8.4 incorrect logging to MySQL Christopher Jacob (Apr 14)
- Re: open source vs. GPL Loyal A Moses (Apr 14)
- Re: open source vs. GPL Martin Roesch (Apr 14)
- Re: v2.8.4 incorrect logging to MySQL Paul Schmehl (Apr 14)
- Re: v2.8.4 incorrect logging to MySQL Loyal A Moses (Apr 14)
- Re: v2.8.4 incorrect logging to MySQL Martin Roesch (Apr 14)
- Re: v2.8.4 incorrect logging to MySQL Paul Schmehl (Apr 14)
- Re: v2.8.4 incorrect logging to MySQL Shirk Dog (Apr 14)
- Re: v2.8.4 incorrect logging to MySQL Randal T. Rioux (Apr 14)
- Message not available
- Re: v2.8.4 incorrect logging to MySQL Shirk Dog (Apr 14)
- Re: v2.8.4 incorrect logging to MySQL Alan Shimel (Apr 14)
- Re: v2.8.4 incorrect logging to MySQL Matt Watchinski (Apr 14)
- Re: v2.8.4 incorrect logging to MySQL Martin Roesch (Apr 14)
- Re: v2.8.4 incorrect logging to MySQL Jack Pepper (Apr 14)