Slashdot Mirror

← Back to Stories (view on slashdot.org)

Open Source For Perimeter Security

Posted by ryuzaki0 on from the people-still-afraid-of-oss dept.

An anonymous reader writes "IT Observer has a look at some of the perceived problems with an OpenSource approach to security and what could be done to improve the situation. From the article: 'There is a widespread and wholly inaccurate impression that open source development is somehow haphazard and undisciplined, a free-for-all among brilliant but uncoordinated individuals. In fact, most major open source projects are very tightly managed highly disciplined teams. This article gives examples of very successful Open Source security projects -- netfilter and Snort -- and also describes some weaknesses that need to be addressed by IT organizations or vendors.'"

7 of 56 comments (clear)

  1. Marketeer shows how to pitch open source... by xxxJonBoyxxx · · Score: 4, Insightful
    "An excellent example of a cutting-edge open source effort is the netfilter project (www.netfilter.org), a Linux-based packet filter that features stateful firewalling, Network Address Translation (NAT), load balancing, and other kinds of packet mangling. The project was founded in 1999 in Australia and has now grown to more than 100,000 lines of code contributed by over 700 developers. There are currently about 300 active developers submitting about 1,400 postings a month to the development mailing lists. The core team consists of 4 members who winnow down the submissions to an average of 65 code improvements and fixes per month. "

    "By Walter Schumann, VP Sales and Marketing, Astaro"

    You Slashdotters may make fun of marketing people, but I think Walter just showed you how YOU need to make your pitch for your favorite open source project at your company.

    1. Re:Marketeer shows how to pitch open source... by xxxJonBoyxxx · · Score: 2, Insightful
      "Like spinning X as something great when there is a much better Y?"

      Well...yes. That's kind of the whole point behind a specific pitch. Once you've decided to get X, you need to turn around and make an audience that may know a little something about both X and Y feel that X is clearly better. It's the very definition of spin...

    2. Re:Marketeer shows how to pitch open source... by BobSutan · · Score: 2, Insightful

      You need to look at who he's making the pitch to. For a technically inclined management, which some are, the first question they're going to ask is, "So?"

      Having a large development footprint is great for quantity, but how is the product's quality? No amount of marketing will tell you the true measure of of something's worth to a business. Sure you can make it sound like the best thing since sliced bread, but the reality is if it doesn't live up to expectations (something bad if you marketed it to your own management), bad juju will come looking for you.

      --
      "On a scale from 1 to 10, people are stupid"
  2. Forgot some ingredients... by shmlco · · Score: 4, Insightful
    "In fact, most major open source projects are very tightly managed highly disciplined teams."

    Which is one of the reasons they became major open source projects in the first place. Of course, that tightly managed highly disciplined team ALSO needs to be working on something we all want, and the end result needs to do the job, and do it well.

    --
    Any sect, cult, or religion will legislate its creed into law if it acquires the political power to do so.
  3. Open Source Security Nomenclature by digitaldc · · Score: 4, Insightful

    perceived problems with an OpenSource approach to security and what could be done to improve the situation.

    Could it possibly have something to do with the fact that some people just don't like having the words 'Open Source' attached to their computer security? Maybe rename it to something like 'Closed Fortress OS' or 'Locked Down OS' to give a more positive ring to it?
    Maybe I am just thinking about it too much.

    --
    He who knows best knows how little he knows. - Thomas Jefferson
  4. Brilliant individuals? Where? by Sandor+at+the+Zoo · · Score: 1, Insightful
    Partial quote: There is a widespread...impression that open source development is...a free-for-all among brilliant...individuals

    I don't think it's that widespread, except amongst Open Source fans. :-)

    The impression I usually see is that Open Source projects are done by guys who were laid off and need something to fill in the time between gaming sessions.

  5. Haphazard? by Beefslaya · · Score: 2, Insightful

    Ever since I've discovered the magic of Open Source (Linux, BSD) I have implemented the rule with every network I've run...No Windows box will ever talk to the Internet without going through a Unix/Linux box.

    Since then (7 years now) I have had ZERO worms, ZERO security breaches, have cut the Windows server reboots by 80%.

    These 2 projects have saved me countless hours of time...

    <li>http://www.squid-cache.org/<li/>
    and
    <li>http://vlsi.cornell.edu/~rajit/fbsd/bridge.htm l<li/>