For many users and vendors, network security is dependent on a collection of open-source programs that provide key capabilities, sometimes as standalone tools and sometimes as the basis for commercial products. Last month, however, the open-source status of two of those key technologies--Snort and Nessus--became threatened.
First, SourceFire--which developed the open-source IDS Snort and commercial products based on it--was acquired by Check Point. Both Check Point and Snort developer Martin Roesch have said the open-source code base will still be enhanced, but users are waiting to see whether the acquisition will mean changes in SourceFire support.
Next, Tenable, developer of the Nessus vulnerability scanner, announced that future versions will not be open-source and that support for existing open-source versions will be limited, noting that its open-source experience had been one way rather than give and take. Within five days, a code-fork project was announced to continue open-source development based on existing Nessus code.
The moral is that heavy reliance on open source carries risk, and that the greatest insurance policy for open-source technology is participation by a large number of users and developers. If you're thinking of using open source, keep a close eye on what happens to both Snort and Nessus.