Language Selection

English French German Italian Portuguese Spanish

Sourcefire's Roesch pledges long, open-source life for Snort

Filed under
Software

Many users in the Snort community are interested in the Check Point acquisition. What's happened since the acquisition?

Roesch: Well, the fact that we're going to have more resources at our fingertips to continue to advance Snort. More people in research, developers, QA people, [and] the quality of the technology should continue to improve more rapidly. We have a lot of ideas as far as where detection technology needs to go to remain relevant. I don't think the end-all, be-all of detection technology is deep-packet inspection. I think that that's one approach, but it ignores a whole lot of problems that aren't going to be ignored by the bad guys forever. We're working hard to combat those kinds of problems and bring people more effective, powerful analysis technology. So the Snort community should be thrilled because we're going to pour a lot of interesting ideas and hard work into this technology that they're still going to benefit from.

There's a lot of skepticism from the Snort users right now because they're in wait-and-see mode, so we need to prove to them that we mean it when we say Snort's going to get a lot better. We're not going to try to close it or anything like that. Once they see how much benefiting, they're going to be really happy.

Full Interview.

More in Tux Machines

FLOSSophobia

I have seen it many times. "Linux is a cancer". "Open sauce". "Linuxtard". I even remember the teacher who did not bring a laptop for her presentation and, when I offered her my Linux netbook, she rejected it as if I had presented her something illegal. She tried to use an old Windows computer instead but, when the computer failed, she ended up displaying her presentation with my Linux netbook. Clearly, this teacher's position was not based on ignorance or lack of expertise because she knew Linux existed and all she had to do was to display slides. Her refusal was due to indoctrination: she had learned that Linux and non-Microsoft office suites had to be rejected. Read more

Today in Techrights

Hands on With elementary OS Powered Centurion Nano Laptop by Alpha Store

If you want to buy a new laptop, no doubt you should consider the Centurion line. It will be a good choice for you, Linux aficionado. As well as for your Windows-addicted husband/wife/employees. The Centurion Nano is certainly not a “gamer” laptop. However, besides that particular use case, and for an interesting price, you will get a very competent computer, 100% compatible with Linux and usable for a broad range of tasks. Read more

Tryton and Python Deprecation Warnings

  • Trying Tryton
    The quest to find a free-software replacement for the QuickBooks accounting tool continues. In this episode, your editor does his best to put Tryton through its paces. Running Tryton proved to be a trying experience, though; this would not appear to be the accounting tool we are searching for. Tryton is a Python 3 application distributed under the GPLv3 license. Its home page mentions that it is based on PostgreSQL, but there is support for MySQL and SQLite as well. Tryton, it is said, is "a three-tier high-level general purpose application platform" that is "the core base of a complete business solution providing modularity, scalability and security". The "core base" part of that claim is relevant: Tryton may well be a solid base for the creation of a small-business accounting system, but it is not, out of the box, such a system itself.
  • Who should see Python deprecation warnings?
    As all Python developers discover sooner or later, Python is a rapidly evolving language whose community occasionally makes changes that can break existing programs. The switch to Python 3 is the most prominent example, but minor releases can include significant changes as well. The CPython interpreter can emit warnings for upcoming incompatible changes, giving developers time to prepare their code, but those warnings are suppressed and invisible by default. Work is afoot to make them visible, but doing so is not as straightforward as it might seem. In early November, one sub-thread of a big discussion on preparing for the Python 3.7 release focused on the await and async identifiers. They will become keywords in 3.7, meaning that any code using those names for any other purpose will break. Nick Coghlan observed that Python 3.6 does not warn about the use of those names, calling it "a fairly major oversight/bug". In truth, though, Python 3.6 does emit warnings in that case — but users rarely see them.