Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
Note: You can take 10% off all Slashdot Deals with coupon code "slashdot10off." ×

Submission + - Is open source SNORT dead?->

alphadogg writes: Is Snort, the 12-year-old open-source intrusion detection and prevention system, dead?

The Open Information Security Foundation (OISF), a nonprofit group funded by the U.S. Dept. of Homeland Security (DHS) to come up with next-generation open source IDS/IPS, thinks so. But Snort's creator, Martin Roesch, begs to differ, and in fact, calls the OISF's first open source IDS/IPS code, Suricata 1.0 released this week, a cheap knock-off of Snort paid for with taxpayer dollars.

The OISF was founded about a year and a half ago with $1 million in funding from a DHS cybersecurity research program, according to Matt Jonkman, president of OISF. He says OISF was founded to form an open source alternative and replacement to Snort, which he says is now considered dead since the research on what is supposed to be the next-generation version of Snort, Snort 3.0, has stalled.

"Snort is not conducive to IPv6 nor to multi-threading," Jonkman says, adding, "And Snort 3.0 has been scrapped."

According to Jonkman, OISF's first open source release Suricata 1.0 is superior to Snort in a number of ways, including how it can inspect network packets using a multi-threading technology to inspect more than one packet at a time, which he claims improves the chances of detecting attack traffic

Link to Original Source

Comment Re:Ads have been shown to harbor malware too (Score 1) 1051

"Ads are invasive, intrusive, annoying, and I don't want to see them. ever." - by Epsillon (608775) on Sunday March 07, @09:34AM (#31389634) Homepage

No, it bloody well isn't a quote from me. Try by mcelrath (8027) on Sunday March 07, @01:25.

No offence, mcelrath. I see nothing wrong or embarrassing about your post, just incorrect attribution really gets up my nose.

Comment Re:It's the freeloaders time (Score 5, Interesting) 1051

That's all very well, but these ad farms aren't just serving ads, are they? Most of the time they're also installing tracking cookies and collecting private information. You want me to see ads? Don't try to track me, then. Until this shit stops, I won't just be using AdBlock, I'll be blacklisting ad farms on my proxy and barring them on the gateway. Not only is this the primary motivation for me eschewing ad farms but it is also my fundamental right to retain control of what I allow in and out of my private network. Don't like it? Tough. My network, my rules.

Comment Re:That's very nice, but (Score 2, Informative) 216

Every developer out there seems to think DRM will "get them more sales" at least at some point in time. Some then realize this fact: The people pirating aren't "lost sales"- they're people who either can't/won't buy your product for varying reasons.

You want to win the "can't" crowd back if possible- you're never going to convince the "won't" crowd ever. The former is a possible customer, the latter is not and will not be.

DRM might slow the infringers down (it's been proven that pretty much every DRM solution to date has been circumvented within weeks of the release of the title...and that initial crush in the case of many titles won't be where you make your money if you're download only/mostly...) but it will pretty much never stop them. Ask Microsoft how nifty their DRM has been on the 360. DRM won't turn the "can't" crowd to be your customer- it won't put money in their pockets to buy. DRM won't turn the "won't" crowd into your customers- if they want your game badly enough, they will take it whether you have DRM on the title or not. If it's such that they won't bother, you've failed at making a fun game.

DRM is a folly wherever it gets used. It's use is based off of a flawed premise out of the gate.

Comment My thoughts (Score 1) 244

There is no magic solution - you are talking about managing multiple environments with different requirements and technologies in some meaningful, automated way.

You're looking at home-brew here.

What you want to aim for is

0) Stop using multiple technologies if you can. If that's not an option, it just makes more work.

1) Clearly define policies regarding development, testing, and release. These have nothing to do with tools. You build and select your tools based on these policies.

2) Automated pushbutton deployment. You want your code releases of each new version of a site to be automated. You also want rolling back to the previous version to be automated. This applies for CI, QA, and whatever other stages you want, all the way to Production.
3) Automated deployment should involve at a minimum tagging a given revision and pushing it to the correct environment.

4) You can use commit hooks or some other method against TRUNK to run a CI server that continually does regression testing and other funky stuff... as well as just shows you a live version of what's in trunk "right now".

5) When working towards a target release,developers need to include any necessary scripts to update (and rollback, if necessary) their respective databases.

6) Config data... can be handled by having a separate /config folder for each environment, version controlled separately - and where access and change control are again strictly defined and limited, and well documented. this would automatically be inserted by your pushbutton deployment process.

Comment Re:Turn the tables (Score 1) 1364

What happens when you cross the state line? Oh, I'm sorry, we don't recognize your 'union'. How is that equal to any 'marriage'?

First: That's not a legal right.
Second: It only works for marriages because states already have reciprocal recognition agreements regarding marriages.
Third: The fix is not to force a new definition of marriage on everyone. The fix is to add civil unions to states' reciprocal recognition agreements.

Married couples can divorce anywhere. Civil unions? Not a chance.

First: It's only an issue because civil unions aren't always recognized across state lines. Amending the state reciprocal recognition agreements will fix that.
Second: Are you seriously complaining that it's too hard to dissolve a civil union? I thought they wanted to marry so they could commit to eachother?

Doing so with 'marriage' will grant that person immediate citizenship. Not so with a civil union.

First: That's not a legal right.
Second: The person can simply go through the normal citizenship process. (I don't think marriage to a citizen should automatically make a person a citizen, so I could make that argument as well.)

Taxes? Forget it. The federal government doesn't recognize civil unions. You can't file jointly.

First: Joint tax filing is not a legal right.
Second: They can usually file state taxes jointly.
Third: Again, the solution is not to redefine marriage, but to add a "civil union" joint filing status to the federal tax code.

There are also over a thousand benefits (yes, that's 1,000+) granted to married couples. Unions in the few states that allow them grant SOME of those, but not all. Not a single state in the union grants all of those protections.

Assuming your number is correct, how many of those benefits are legal rights, as opposed to, say, tax benefits for having children? Can you show me any of those benefits which are actually relevant to a majority of homosexual civil unions? (For example, child tax deductions are completely irrelevant for the vast majority of homosexual couples.)

(Remember: gay-marriage supporters like yourself complain that gays are losing rights. Tax benefits are not a right, they're merely benefits. If that is your chief complaint, fine, I don't have a problem with you complaining about benefits, but don't call them "rights" when they're not.)

Do you seriously thing these civil unions as available today are in any way equivalent to a marriage?

No, of course not; but I've already mentioned the solution: amend state reciprocal recognition agreements to include civil unions. That will solve most of your complaints, and would be far easier for the majority of the country to stomach than redefining something so important to them.

They can visit their partners in the hospital.

One hospital's indiscretion should not reflect on the country as a whole. Or should I regale you with stories about people who are discriminated against in the South just because they're Mormon?

My point is, an anecdote does not give you license to claim there's some rampant mistreatment of $MINORITY going on.

They can inherit.

So can partners in civil unions. Not sure where you're getting that. But even if they couldn't the solution would be to change that.

But even if that weren't an option for some contrived reason, it's literally a trivial matter to write a will giving your possessions anyone you want in the event of your death.

They can adopt.

So can gay couples. Or are you referring to specific adoption agencies who won't give kids to gay couples, because they think gay couples can't provide an adequate child-rearing environment? If that's the case, you need to address that issue (the child-rearing environment one), not complain about the adoption agencies.

They are actively trying to prevent these folks from having the same rights.

First: Nothing you listed is a legal right.
Second: Everything you listed has a relatively simple fix which does not involve redefining "marriage".

Do you feel it's right to force the majority of the country to accept your new definition for "marriage" when a relatively simple alternative exists?

Comment Re:The Moon (Score 1) 703

You can count "earth" as a resource the moon has that mars doesn't... Sure in a few thousand years it will be easier to live on Mars and take resources from Martian soil than ship them to the moon from earth, but for the next 5 or so human generations, it will be easier to ship stuff to the moon from earth.

However, why would anyone want to live on the moon, there is no solid business reason to colonize it.

Comment Re:Outrage (Score 1) 448

Wheres the outrage from the users who always have a huge bitch when other "more evil" companies disable something on your system automaticall?

I'll show you where it is: Open up your Firefox browser, surf to "about:config" and search for blocklist. There ya go. Oh wait, that's the place that allows you to turn off or fine tune Mozilla's blocklist.

Work expands to fill the time available. -- Cyril Northcote Parkinson, "The Economist", 1955