Licenses

Background

SNORT^® is an open source network intrusion prevention system capable of performing real-time traffic analysis and packet logging on IP networks. Snort is comprised of two major components: (i) a detection engine that utilizes a modular plug-in architecture (the "Snort Engine") and (ii) a flexible rule language to describe traffic to be collected (the "Snort Rules"). The Snort Rules are further comprised of those rules that are contributed by the user community and made available to all Snort users (the "Community Rules") and those confidential and proprietary rules created, developed, tested and certified by Sourcefire?s Vulnerability Research Team (the "VRT Certified Rules").

Your Rights to use the Snort^® Engine and the Community Rules

The license governing your use of the Snort Engine and the Community Rules has been, and will continue to be, the GNU General Public License V2 (the "GPL"). Under the GPL V2, you are permitted to use, modify, publish and distribute the Snort Engine and the Community Rules, subject to a few restrictions. For example, if you decide to distribute copies of the Snort Engine or the Community Rules, you must keep intact Sourcefire's copyright notices in the work, along with references to the GPL V2 and the disclaimer of warranties contained therein. Additionally under the GPL V2, you may distribute your modifications to the Snort Engine or the Community Rules so long as you comply with the requirements above and include a prominent notification in the modified work that you modified the original Snort Engine and/or the Community Rules (and date). Please refer to the GPL V2 for all the terms and conditions that govern your use and distribution of the Snort Engine or the Community Rules.

The purpose of distributing the Snort Engine and the Community Snort Rules under the GPL V2is to encourage the development and distribution of open source software. Continuing the reliance on the open source community in developing Snort is an important step to providing a robust intrusion detection sensor that improves network security.

Your Rights to use Sourcefire VRT Certified Rules

In a nutshell, the license governing the VRT Certified Rules is designed to prevent users from (i) selling the VRT Certified Rules or (ii) distributing those rules in a way to circumvent the subscription requirements for early release of the VRT Certified Rules. Except for those two restrictions, your rights to use and distribute the VRT Certified Rules will be similar to those in the GPL. For example, posting bug fixes and having discussions about the VRT Certified Rules on mail lists is expressly permitted under the VRT Certified Rules License (however, not with respect to VRT Certified Rules available only to subscribers). You may also deploy the VRT Certified Rules on your network and share modified rules with others, so long as you comply with the two restrictions above.

The fact of the matter is that the VRT Certified Rules License is an attempt to balance two very important factors: (i) the need to allow the open source Snort^® user community to continually improve Snort^® by allowing the free exchange of information and ideas (ii) along with the need to cover the significant expense incurred to support Snort^® research and development and host the Snort^® web site(www.snort.org). Please refer to the VRT Certified Rules License Agreement for all the terms and conditions that govern your use and distribution of the VRT Certified Rules.

In order to access and download the VRT Certified Rules you must agree to abide by the terms and conditions of the VRT Certified Rules License Agreement governing the use and distribution of the VRT Certified Rules.

For more information, please see our frequently asked questions.

For more information on the GPL, please also visit the Free Software Foundation's web page: http://www.gnu.org.

Last updated: December 2006