Talk:Snort (software)

From Wikipedia, the free encyclopedia

This is the talk page for discussing improvements to the Snort (software) article.

Article policies
This article is part of WikiProject Free Software, an effort to create, expand, organize, and improve free software-related articles.
Start rated as Start-Class on the assessment scale
Mid rated as Mid-importance on the assessment scale

Contents

[edit] Deletion

On 27 July 2004, Snort was nominated for deletion. As a result of the discussion, the article was moved and kept. See Wikipedia:Votes for deletion/Snort for details. Rossami 22:02, 2 Aug 2004 (UTC)


[edit] Proprietary or free software

Snort is combined into the "Sourcefire Intrusion Sensor" by Sourcefile. There's no evidence that it is not done as an entirely proprietary aggregate distribution. If there's no proof that something is distributed as free software we usually note that its proprietary software. Since Snort is free software, the availability of a proprietary version would make it dual-licensed.

Sourcefire openly admits they combine proprietary add-ons to Snort in these sensors, but it's not clear they use the GPL to distribute Snort with the device that is sold to customers. They can use a proprietary license at their option since they are the presumed copyright holders. --69.165.73.238 14:20, 8 August 2006 (UTC)


Absolutely incorrect. Snort is used within an appliance offered by Sourcefire. Snort itself is maintained by Sourcefire under the GPL, there is no dual license, the entire snort code base is under the GPL. Go to www.snort.org, download the source, and see for yourself. —Preceding unsigned comment added by 64.214.53.2 (talk) 21:40, 28 December 2007 (UTC)

[edit] Snort Back Orifice Preprocessor Buffer Overflow

"The vulnerable code will process any UDP packet that is not destined to or sourced from the default Back Orifice port (31337/udp). An attacker could exploit this vulnerability by sending a specially crafted UDP packet to a host or network monitored by Snort." "A remote attacker who can send UDP packets to a Snort sensor may be able to execute arbitrary code. Snort typically runs with root or SYSTEM privileges, so an attacker could take complete control of a vulnerable system. An attacker does not need to target a Snort sensor directly; the attacker can target any host or network monitored by Snort." Are these notices that I'm seeing jokes? Banaticus 05:48, 7 September 2006 (UTC)

No. This was a widely-known flaw in Snort at one point. Shadow1 (talk) 12:20, 11 April 2007 (UTC)

[edit] New article: Sourcefire, Inc

I've started an article, Sourcefire, Inc, for the company that develops the Snort and ClamAV free software packages. Contributions very welcome. --Gronky 09:38, 23 October 2007 (UTC)

[edit] Applied watch command center removed

Applied Watch Command Center - Enterprise Security Management Suite for Snort is no longer free, although a trial version may be available. see [1] following takeover by endace.com —Preceding unsigned comment added by 60.242.145.52 (talk) 05:37, 10 April 2008 (UTC)