Slashdot Mirror

← Back to Stories (view on slashdot.org)

The Story of Snort

Posted by CmdrTaco on from the stuff-to-read dept.

gRitteR writes "HNS is running a story of Martin Roesch, the creator of Snort where he tells the entire story of Snort in his words. Roesch covers seven years of development that made this tool one of the most important security software titles ever developed. It's interesting to get all the details on how Snort was initially conceived as well as how it is expected to develop further now after Check Point acquired Sourcefire. There are many technical details and interesting tidbits not available before."

14 of 58 comments (clear)

  1. Flash audio? by stibles · · Score: 4, Interesting

    Anyone know if there's a transcript of this interview somewhere?

  2. stuff-to-read dept? by marcantonio · · Score: 2, Funny

    I think someone didn't check this out before it was posted... By someone I mean TACO.

    1. Re:stuff-to-read dept? by zootm · · Score: 2, Informative

      Judging by the title of your parent's post, I think he was more concerned that Taco's "department" was the "stuff-to-read" department, yet the main link is in fact an audio recording...

  3. Re:Snort? by Anonymous Coward · · Score: 4, Funny

    Effective immediately, your geek license has been revoked.

  4. Not really intended to be for international by dzafez · · Score: 4, Informative

    This seems to not be intended to be listened to by international Audience. He is talking quite fast and not too easy. a written form would be easier for people with other language backgrounds. I can live with it, as I'm used to the sound of american english, but a written form could help a lot.

    1. Re:Not really intended to be for international by Anonymous Coward · · Score: 4, Funny

      You have indicated that you wish to bin these dossiers. Shall we?

      [ Right Then ] [ Rubbish ]

      And in a cruel twist of fate, "Rubbish" would cancel the operation.

  5. Snort made easy... by fak3r · · Score: 4, Informative

    Let me be the first to recommend n00bs pick up Snort for Dummies, perhaps the best "for Dummies" book I've read; a perfect primer. "If you want to get your feet wet or you've been tasked with deploying a snort system, this is a good way to start. In the typical, humorous, "for dummies" style, this book walks you through getting, setting up and using Snort and the ACID console. The book also covers how to maintain and tweak the system, once it is up and running. A good effort by the authors." For work or for home, there's really no reason not to learn an enterprise level IDS.

    --
    fak3r.com
    1. Re:Snort made easy... by martyroesch · · Score: 5, Informative
      Please, do NOT use ACID!

      ACID is no longer being actively maintained, if you want ACID's functionality you should go get BASE! Better yet, go get SGUIL and use Snort as part of a Network Security Monitoring, you'll be glad you did.

    2. Re:Snort made easy... by diamondsw · · Score: 4, Funny

      Please, do NOT use ACID!

      Too late, dude. Whoa.

      --
      I don't know what kind of crack I was on, but I suspect it was decaf.
  6. What it probably says... by xxxJonBoyxxx · · Score: 4, Informative

    I had the chance to chat with Marty in Baltimore in May 2001 and he basically said this about Snort:

    1) I wrote it over a couple of weekends because I wasn't happy with TCPDump and the commercial tools at hand

    2) Someday I hope to rewrite it

    3) The extensible plug-in architecture saved my ass

    4) I wish the commercial guys would quit ripping it off

    However, it looks like an audio interview...don't have that kind of time anymore.

  7. cheap yoke, can't believe nobody else did it yet.. by Thud457 · · Score: 3, Funny

    Finally! I've been waiting fourty years for a sequel to "The Story About Ping"!!!!!

    --

    the preceding comment is my own and in no way reflects the opinion of the Joint Chiefs of Staff

  8. Re:cheap yoke, can't believe nobody else did it ye by Thud457 · · Score: 2, Insightful

    errr... an absolutely amazing quote in the link above : " If I'd known then that it would be my most famous accomplishment in life, I might have worked on it another day or two and added some more options."

    --

    the preceding comment is my own and in no way reflects the opinion of the Joint Chiefs of Staff

  9. Snort Exploit! by Anonymous Coward · · Score: 2, Informative

    Links to information:
    First report: http://isc.sans.org/diary.php?storyid=770
    Infocon Yellow: http://isc.sans.org/diary.php?storyid=772
    Intrusion Detection: http://isc.sans.org/diary.php?storyid=782
    Tool: http://isc.sans.org/diary.php?storyid=791

    Hope everyone is safe..

  10. Snort is... by Viree · · Score: 2, Funny

    probably one of the best tools ever developed for open-source / security community. I've got a bad feeling from this whole Check Point acquisition, especially with the major revamp in http://snort.org/. Thankfully there's still http://nessus.org/....wait. Fuck!