Slashdot Mirror
FreeVeracity: Network Intrusion Detection
Ross Williams writes: "FreeVeracity
is a new free intrusion detection tool for free platforms (GNU/Linux, FreeBSD, NetBSD, OpenBSD, etc.) that uses cryptographic hashes to detect file changes that may indicate a network intrusion. FreeVeracity can be run standalone or in a client/server configuration (on TCP port 1062) that enables you to monitor the integrity of hundreds of computers from a single point. FreeVeracity is also an excellent general-purpose data integrity tool with over ten different applications. FreeVeracity is released by
Rocksoft,
vendor of the Veracity data
integrity tool used to secure the networks of leading global companies in finance, communications, transport, aerospace, power generation and
defence. FreeVeracity is released under the
Free World Licence
which provides all the usual free-software freedoms, but for free platforms only." Looks useful.
Bruce
Bruce Perens.
for detecting portscans, the first program to come to my mind (and that i have had some experience using) is portsentry. It binds itself to a number of unused but frequently scanned ports (1, 12345, 31337, etc) and you can change the list. you can also set it up to automatically respond (add the person to ipchains or whatnot). care should be used in setting up portsentry, though. i've seen attacks where people make scans with forged ips, and the automatic reponce automatically firewalls out your own ip, your router, your nameserver, you mailserver, etc.
hope this is useful.
-legolas
i've looked at love from both sides now. from win and lose, and still somehow...
FreeVeracity sounds cool. FreeVeracity should be put on all my linux boxes. FreeVeracity might someday rival TripWire. FreeVeracity story submitters should learn to use pronouns. ;-)
Yet when my box is cracked and my credit card numbers stolen, etc., calling anyone (police, FBI, etc.) gets a "why are you bothering us? You're lucky we don't prosecute *you* for wasting our time with such trivialities." attitude?
Is cracking illegal or isn't it? Who do I report it to when I'm hit? What gov't/state/municipal entity defends me as defends amazon or CNN?
How do they indend on enforcing this "Free World" license? If you've got source, you can port. If it's really free software, how can they stop you from distributing that port? "Oh, these windows ifdefs? Those are for running it under WINE, a bona-fide certified justified free software application that runs under free operating systems."
Doesn't this just become another shrink-wrap license? I think most of us are not idelogically opposed to copyright per se, but are opposed to selling things with strings attached, aka "licensed", because of the obnoxious power it gives vendors over how we use the things we buy. Even the GPL doesn't tell you how you must use a program, it simply says "give back what we hath given you".
This license is foul, for that reason, and because it almost seems to willingly encourage relegating free operating systems to the hobbyist niche. It basically says you can make a profit on your work through traditional licensing frees, and toss a bone to free software enthusiasists at the same time. But what happens to your profit when free operating systems become the norm? If your revenue model is dependent on selling to proprietary platforms, you've screwed yourself by promoting free platforms. So you won't promote those platforms. In fact, why even release a free version at all?
this approach has an interesting motivation - this way, they can experiment with open source on the more 'hackerish' OSs, while still maintaining their commercial customer base on the commercial systems.
This licence seems to be borrowing various parts from the GNU licence and the FSF licence. I think this is somewhat a good thing, because it gives us who like to tinker with the code a chance to get at it (and for free!) while not risking the majority of their income (from serious commercial vendors). Perhaps we may see this approach to opensource used more in the near future. and it may encourage more and more companies to release their source, which is kinda cool, i think. also, it could be a starting step for companies to start releasing source, between not-at-all and full-disclosure.
-legolas
i've looked at love from both sides now. from win and lose, and still somehow...
Before I start this, I should just state for the record that I am a very enthusiastic Debian user, and a wholehearted DFSG & FSF supporter.
I thought for a long time about writng a Free World style license, simply because I resented the fact that Windows users could take almost any Free code I wrote and use it, while I couldn't use closed source Windows programs with anything like the same degree of ease.
Ross Williams (author of the Free World license) states on his Free World pages that he sees the only difference between his approach to licensing and that of the GPL as "strategic". One approach to freeing the world's software is to exclude non-free platforms from using the free code base that we have created; the other is to entice users away from the proprietary software by showing them what wonderful free programs were available.
Eventually, I came round to agreeing with RMS on this. I guess the key points that convinced me were:
- You are restricting trapped users of non-free platforms in rather unpleasant ways
- More importantly, you are encouraging an incompatible world. This is not only an unpleasant situation, but it may be strategically very unwise for the free software movement...
I guess that having said those things, there could be some arguments for using this sort of license for "convenience" code, rather than "essential" code. If your application has no potential to be a source of incompatibility, then it could be acceptable to make it only avaialable to users of Free platforms.Fixing copyright
I'm curious.. I have simple scripts that, in conjunction with md5sum, do what these doo.
Summaries are generated using shell scripts, the results collected from all over the network and stored on a secure machine for later testing.
HOw is this even a 'product'?
If it's free only for free OS's, then it's non-free if you go by the Debian Free Software Guidelines (as I do).
"This looks a whole heck of a lot like an Ad from Veracity, but the product still looks like it might be worthwhile to check out. Sorry for the blatant advertising in what's ostensibly an interesting technical story."
-=-=-=-=-
-=-=-=-=-
My mom's going to kick you in the face!