Belated thanks for jobs well done

When your favorite open source security tools go commercial, don’t look back in anger

Times are a-changing. Check Point is purchasing Sourcefire. Nessus is going commercial. Even the Linux logo now requires a licensing fee.

The Sourcefire purchase isn’t overly concerning, because Sourcefire has been the commercial arm of the open source Snort intrusion-detection tool since its creation, and creator Marty Roesch says open source Snort will continue on.

Nessus’ 2.x current GPL code will remain open source and has started a new development fork, but version 3.x with bug fixes and performance enhancements will be a commercial-only product.

We are rightly worried about any commercial company’s commitment to its open source software cousin. But I’m a capitalist living in a capitalist country, and I think making money legitimately is a fair goal, even when it possibly comes at the expense of my favorite free software.

I have, however, seen many people frustrated and angry when their beloved open source program begins to wither or die. I even saw a few people throw heated rants and curse words toward previous open source advocates that seem to have “gone to the dark side.” My wife has taught me to count my blessings and to be thankful for what I do have -- and what I did have. With that in mind, I would like to take a moment and thank some of the most important free resources I have used over the past five years.

So, thanks to Snort and Nessus for the good times. I hope we have many more years of free innovation ahead. Thanks to Linus Torvalds and the rest of the Linux team for the Linux kernel. Thanks to Richard Stallman, GNU, the GPL license, and all the other, myriad open source and free licenses. Thanks to all of the hundreds of thousands of coders who give us free software -- guaranteeing choice and competition.

I appreciate all the commercial companies that give us lots of free software tools. Thanks to the Sysinternals Web site for every single ultracool, free utility. I don’t know a Windows hacker who doesn’t thank Mark Russinovich and Bryce Cogswell for Regmon, Filemon, and all the PsTools. Thanks for the excellent, excellent Autoruns: Not only can we see what’s automatically running on our Windows systems, but we can turn things off. Possibly the only more accurate autorun program finder is the free SilentRunners.vbs script by Andrew Aronoff. And who could forget HijackThis, which started the search for spyware and adware?

Thanks to Foundstone, which I do a lot of consulting for; eEye; Steve Gibson’s Gibson Research Corporation; and Yahoo and Google for making so much of the Web instantaneous.

One of the most interesting GUI tools is Cain & Abel. A great interface with dozens of hacking tools, it has more than a dozen password crackers, can ARP (address resolution protocol) spoof, dump secret registry keys, and sniff on the wire. Man-in-the middle attacks are point-and-click. If you haven’t run this tool on your network and seen how easy it is to crack low-hanging fruit, you might not be doing enough to secure your network.

Thanks to Ettercap, which comes in Windows and Unix versions, for first making man-in-the middle and injection attacks easy to demonstrate to management.

Thanks to John the Ripper for making it easier to validate the strength of password hashes. And where would we be without Fyodor’s cross-platform Nmap, the world's best, free network port scanner? Kudos also to Ofir Arkin for his excellent OS fingerprinting tool, Xprobe2.

Let’s not forget all the great mailing lists where we learn, vent, and learn again. My current favorites are: SecurityFocus (too many good lists to list), Russ Cooper’s NTBugTraq, BugTraq, DShield (who doesn’t love the Handler's Diary?), SANS, and FrSIRT.

Packet Storm is a great repository of information and tools. Thanks to SourceForge for being a provider and development environment for free software. Congrats to newcomer Metasploit for making vulnerability checking easier.

A very big thanks to the creators and maintainers of the free and cross-platform network sniffer Ethereal. You prove that open source can be feature-rich, have a great GUI, and be long-term sustainable -- all at once.

Thanks to the makers of little, but important, WinPcap. Without WinPcap, probably half of today's free network analysis tools would not be available on the Windows platform. Of course, almost all network sniffers owe credit to libpcap and tcpdump for developing a network sniffer library and general use format.

I could go on and on, but there isn’t room in all of InfoWorld, much less this column, to do all the thanking I need to do. Overall, I want to thank all those coders who spent months to years of their lives giving, developing, storing, and releasing free and open source tools that benefit society in general.

Take a moment today and thank your favorite free coder or vendor. Send an e-mail, send a few dollars, or volunteer your time on the project. If you can’t code, help a new beginner out instead of flaming them. And when your favorite open source project goes commercial, look back on the good times and be thankful.