Slashdot Mirror

← Back to Stories (view on slashdot.org)

Snort Creator Makes Good

Posted by timothy on from the no-bayou-or-weaseling-required dept.

Anonymous Coward writes: "Robin Miller, aka Roblimo, has written a great analysis of one of the first Open Source companies to be profitable before their IPO, Sourcefire! In this 'local boy makes good', we read about Team Fortress-playing programmer Marty Roesch, who writes Snort to beat his online gaming addiction. Now Snort is one of the most successful Intrusion Detection Systems out there and Marty's start-up is going gangbusters. Robin explains how Marty's company started in his basement (like Apple's garage), got profitable, then got venture capital in a time when everyone swears there is no venture. Marty even offers jobs at Sourcefire for the Slashdot crowd, 'Linux zealots, Open Source gurus, self-starters who are self motivating so I can just turn them loose...'"

34 of 288 comments (clear)

  1. Careers? by cp4 · · Score: 5, Informative

    Clicked on Careers and don't see anything for Linux zealots...

    Technical Writer and Marketing Manager don't quite fit the bill.

    Am I looking in the wrong place?

    1. Re:Careers? by Hast · · Score: 2, Interesting

      If you're interested in a job why don't you just fire off a mail to them? It's not too uncommon these days (with the market a bit down) for companys to hire because they have heard of you before.

      They said they wanted forward people after all, contacting them before they ask you too is rather forward. (Just don't be pushy about it, just ask them to add your CV to their pile.)

      You could also do as someone said and download the source and start poking around. (And the two are not mutually exclusive, of course.)

  2. Misread the headline... by Anonymous Coward · · Score: 5, Funny

    ...and thought it was "Snort Creator Makes God".

    I was like, whoa, cool...

  3. Snort Slashdotted. by MisterBlister · · Score: 5, Funny

    Can it still detect intrusions when its being hit by an infinite number of open source monkeys?

    1. Re:Snort Slashdotted. by Col.+Panic · · Score: 3, Informative

      Just in case you were somewhat serious, yes! You can use a load balancer and tap even 1 Gb traffic.

  4. great! by Arminius · · Score: 3, Interesting

    It's good to see people who are making a difference in the open source world and not just criticize it!

    --

    ------
    Never underestimate the power of stupid people in large groups.
  5. Snort?? by Myshkin · · Score: 5, Funny

    With a name like snort he is probably making a bunch of money off of people who think they're buying some cocaine.

  6. And also useful... by User+956 · · Score: 5, Informative

    I'm sure some of you would prefer the Windows version of Snort, put together by Silicon defense.

    --
    The theory of relativity doesn't work right in Arkansas.
    1. Re:And also useful... by carlos_benj · · Score: 5, Funny

      I'm sure some of you would prefer the Windows version of Snort

      Would that be 'blow'?

      --

      --

      As a matter of fact, I am a lawyer. But I play an actor on TV.

  7. Good luck. by saintlupus · · Score: 5, Funny

    Linux zealots, Open Source gurus, self-starters who are self motivating so I can just turn them loose...

    ...are actually off doing something interesting, rather than spending their time fucking about on Slashdot.

    --saint

  8. Sourcefire \.'ed by unformed · · Score: 3, Interesting

    Not really surprised...you had to state that he's offering jobs, didn't you?

  9. But will he remain profitable? by jschrod · · Score: 4, Interesting
    The point is not if he is profitable, but if he will remain to be so after venture capital and the associated demands came into his company. I hope that this guy did a very thorough cost-benefit analysis before he took the money.

    Venture capitalists are not in for the long run, they want to capitalize their investments in the mid term. Quite some companies went bankrupt or got in difficulties after external money and the demand for quick market grab came in and drove solid growth strategy out. Look at SuSE for an example from the Linux world.

    Disclaimer: I'm owner and CEO of a (privately held, incorporated) company. We still make profits, even in this harsh market, because we didn't join the hype train, but brought solid add-on value to our customers. I wish Marty Roesch luck in choosing his business strategy...

    --

    Joachim

    People don't write Manifestos any more -- what's going on in this world? [Frank Zappa]

    1. Re:But will he remain profitable? by monkeydo · · Score: 2

      I wish him luck. VC's don't like cheap. I have no idea how much of their money he took, but investors don't expect you to sit on the cash they give you earning interest in your savings account while you only buy what you *need*. The VC's are giving you money to spend, and if you're stockpiling it they'll complain that you aren't growing fast enough. If you don't have an immediate need for a bunch of cash, you probably shouldn't take it. No, companies don't *need* $1,000 chairs, but they also don't necesarrily *need* VC dollars.

      --
      Si vis pacem, para bellum
      The only thing more annoying than a Libertarian is an (un|mis)informed Libertarian
  10. Re:Can't wait till.... by Shoten · · Score: 2

    What are they going to patent? Snort is open-source. That's not just a catchphrase, it's a legally solid concept. And they don't make money off the technology, they make it off the implementation of it, and the support of it. Things like service and support contracts and Snort appliances.

    --

    For your security, this post has been encrypted with ROT-13, twice.
  11. Step two revealed by gmhowell · · Score: 5, Insightful

    First go read the newsforge article.... Okay, the joke is:

    Step one: develop open source software
    Step two: mumble, mumble
    Step three: profit!

    Now, it seems that step two is revealed. It's actually a few steps. Now, for the first time ever:

    Step two (a): Come up with (proprietary) tools that make the basic (GPL) Snort code easy to understand and use for non-technical managers.
    Step two (b): Load Snort and the additional tools into a box, and sell the box as a complete solution, instead of just selling software.

    It's been said before that there is no incentive to make OSS easy to use. Here (and elsewhere) is the proof. Make it hard to use. Release it. BUT, make the config tools easy to use, IF you pay for them.

    I'm not slagging the guy, he's gotta eat. But it is another notch in the belt for those who are cynical about OSS and business.

    --
    Jesus was all right but his disciples were thick and ordinary. -John Lennon
    1. Re:Step two revealed by wessto · · Score: 3, Informative

      This is evident in Sun's iPlanet suite of application servers. You can get the entire enterprise edition of the server as a command-line set of tools absolutely free, however the nice GUI's for application deployment, monitoring and configuration will cost you.

    2. Re:Step two revealed by natefaerber · · Score: 2, Insightful

      But the great thing is that anyone can build a config tool and sell it, thus creating competition. They can do that because they can see the source.

      Or, someone could add features to the source that could make it easier with or without tools.

      It's about CHOICE and OPTIONS.

      "...there is no incentive to make OSS easy to use."
      What's the incentive to make OSS?

      --
      -- My HARDWARE, My CHOICE.
    3. Re:Step two revealed by crimoid · · Score: 5, Insightful

      Exactly, but this is a GOOD thing.

      Developers get to eat (and maybe pay rent), and customers aren't tied to one vendor.

      In addition the developer can get the assistance from the community at large, while the customer has equal opportunity to review the code that they are using.

      This is a shining example of how to leverage Open Source and make a living at it. Find a middle-ground where the core code is usable but not so easy that a monkey in a suit can install it.... the techies can run it for free and the suits can pay for it. I don't see how this is a bad thing.

    4. Re:Step two revealed by gmhowell · · Score: 2

      I agree that it is a mostly good thing. The guy has to eat. Personally, I would prefer it if infrastructure tools were developed in-house, by, say, Bank of America and Ford, and Fred's Chicken Hut, then released into the wild, rather than have one company do the development, support, and sales.

      But, yes, this is a good thing.

      --
      Jesus was all right but his disciples were thick and ordinary. -John Lennon
    5. Re:Step two revealed by carlos_benj · · Score: 3, Insightful

      I'm not slagging the guy

      Sure you are. If you read that far down into the article you had to read about the technical guys who gladly would have installed snort but couldn't get it past the suits because it didn't come from a 'company'. In other words, he could have sold the product as-is. The problem was that so could anyone else. The GUI front end for the phb's, a preloaded box, all that is just differentiation (what makes us better than the other guys).

      --

      --

      As a matter of fact, I am a lawyer. But I play an actor on TV.

    6. Re:Step two revealed by Erasmus+Darwin · · Score: 2
      "But the great thing is that anyone can build a config tool and sell it, thus creating competition."

      Or they can create an OSS project to develop a snort configuration tool, thereby undercutting the software end of the SourceFire project. I'm not sure if this scenario would be a win (an OSS project improves the usability of another OSS project) or a loss (an OSS project reduces revenue that's indirectly helping another OSS project).

    7. Re:Step two revealed by gmhowell · · Score: 2

      I agree that it's about choice and options. I looked at a half dozen programs before picking a photo gallery manager for my website (not linked in the above url, BTW).

      To answer your question: in CatB (or one of the other essays in the book) the incentive is peer approval and positive strokes from the community. Ease of use doesn't generate those things.

      --
      Jesus was all right but his disciples were thick and ordinary. -John Lennon
    8. Re:Step two revealed by gmhowell · · Score: 3, Insightful

      Honestly, I did miss the part (or underplayed) where he said the tools the company developed helped corporate buy-in.

      I think the thing that helped more than the product was the price tag. If you sell it for $49.95, it's not worth that much to a Fortune 100. But $20,000 per box plus $10k per sensor... That must really be worth something if you are charging that much for it.

      --
      Jesus was all right but his disciples were thick and ordinary. -John Lennon
  12. Re:Can't wait till.... by jsimon12 · · Score: 2

    Hey, so far we have seen http and a bunch of other wild things patented, all I am saying is it seems when people "go corporate" they do exactly that and start beliving their own PR and listening to the lawyers and such. Hopefully that won't happen in this case, snort is solid opensource goods, but you never know.

  13. potential jobs? by Hegemony · · Score: 2, Funny

    Oh man, you HAD to mention that he was hiring. Instantly slashdotted.

  14. Sounds great, and just in time for the IPO by Gumber · · Score: 2

    I hope it still sounds great 12 months or so after the IPO.

  15. I know at least one earlier by T.E.D. · · Score: 4, Interesting

    ACT is a company that creates only free software. They've been around since the late 90's, and I understand they have been in the black for years, perhaps since inception. They are a privately held company, and as far as I know, have no plans to ever do an IPO. Perhaps that's why they don't get much press (although RMS likes to use them as examples in his speeches).

  16. Only one thing to say..... by AMuse · · Score: 2

    CONGRATULATIONS MARTY!!

    I attended a SANS function that Marty lectured at once, for using Snort as an intrusion detection system. It's damn solid software. Very impressive, very configurable.

    Congrats on getting paid to do what you love, Marty. The rest of us should be so lucky. :>

  17. Sorry, I meant hyperlinking by jsimon12 · · Score: 2

    Sorry, I meant hyperlinking

  18. OT: OSX ?= FreeBSD by LunaticLeo · · Score: 2

    I was under the impression that OS X was _A_ BSD but not actually a code fork of FreeBSD. Do they really share the same code in the base distribution? Or are they just cousins in the same family tree?

    BTW, I do know that Hubbard(sp?) and other FreeBSD folk have become employed by Apple. How does that factor in?

    --
    -- I am not a fanatic, I am a true believer.
  19. Re:yah, snort screws it's developers by SomeOtherGuy · · Score: 4, Interesting

    Maybe not in up front dollars...But if any open source package gets "huge" or becomes a "killer app" then being one of the "core developers" will mean much on the old Resume. Ask Linus or some of the Apache folks.

    In the medical field (and in some degrees education) it is considered a huge career boost to get "published" in a journal....Considering the amount of money a Dr. makes -- just getting a concept or research published does not make tons of cash -- but the future dollars he makes "because" he was published are very big!

    P.S. -- I work for a big Fortune 500 company and Snort has been all the rage this year so far. (Last year it was Apache).....

    --
    (+1 Funny) only if I laugh out loud.
  20. Re:Other step by Jason+Earl · · Score: 3

    Clearly you didn't read the article. The biggest difference between Sourcefire and most of the other crash and burn software companies (whether selling Free softwware or commercial software) was that Marty and friends have not spent money they didn't have. They ran the company out of Marty's house for a while, and when they finally did get offices they bought pre-furnished offices from a burnout at pennies on the dollar.

    In fact, the cycle you describe is common in the commercial software world as well. I pay maintenance fees on several large commercial software packages that I have no intention of ever updating to the newest version. The version I have works fine, and the new version had "issues" in my environment. I pay the maintenance fees as insurance.

    Microsoft has a large enough market, and enough clout that they can force their customers to upgrade, but most software companies don't have that kind of leverage.

  21. Demarc by checkitout · · Score: 3, Informative

    If you're checking out snort for the first time, I highly recommend using Demarc PureSecure which is free as in beer (aka for personal use). It's by far the best front end for snort, and does host based checks as well.

    The screenshots are mouthwatering. :)

  22. Re:Like a doctor? by SomeOtherGuy · · Score: 2

    Yes..We have all seen how successful the .com/linux/open source businesses have been. I may "be rolling my joints with my resume" ... but you will be rolling them with stock shares that are worth zilch...zero...

    --
    (+1 Funny) only if I laugh out loud.