Snort Licenses

Background

SNORT® is an open source network intrusion detection system capable of performing real-time traffic analysis and packet logging on IP networks. Snort is comprised of two major components: (i) a detection engine that utilizes modular plug-in architecture (the “Snort Engine”) and (ii) a flexible rule language to describe traffic to be collected (the “Snort Rules”). The Snort Rules are further comprised of those rules that are made available to all users of Snort.org (the “Community Snort Rules”) and those confidential and proprietary rules that are developed by Sourcefire (the “Proprietary Snort Rules”). In order to access and download the Proprietary Snort Rules, you must enroll either as a registered user or as a subscriber to the Snort.org web site, along with agreeing to abide by the terms and conditions of the Non-Commercial Use Licensing governing the use of the Proprietary Snort Rules.

Your Rights to use the Snort Engine and the Snort Rules

Sourcefire uses a dual license strategy for the Snort source code. The source-code license governing your use of the Snort Engine and the Community Snort Rules is the GNU General Public License Version 2. The source-code license governing your use of the Proprietary Snort Rules is the Non-Commercial Use License for the Proprietary Snort Rules. Unless addressed otherwise on this site, your use of the Snort.org web site, its contents or downloadable materials shall be governed by the Terms of Use, the Privacy Policy and/or, as applicable, the GNU GPL v.2 or the Non-Commercial Use Licensing. Copies of the licenses are available at:

The purpose of distributing the Snort Engine and the Community Snort Rules under the GNU General Public License Version 2 is to encourage the development and distribution of open source software. Continuing the reliance on the open source community in developing Snort is an important step to providing a robust intrusion detection sensor that improves network security.

The Non-Commercial Use Licensing similarly allows users to copy, modify and distribute the source code of the Proprietary Snort Rules, with one very important exception. The distribution cannot be done for the purpose of reaping a commercial profit or gain. A user is only permitted to use the Proprietary Snort Rules for his/her own personal use. So for example, if a user embeds or relies on the Proprietary Snort Rules in a product that is then sold to a third party, this would be a violation of the Non-Commercial Use License, although this type of use would be permitted under the GNU GPL (assuming the other terms and conditions of the GNU GPL v.2 were followed).

You can freely modify and improve the Snort Engine and the Snort Rules source code. The key difference, however, is that the Proprietary Snort Rules are licensed to you for your personal use only, and you may not use, copy or distribute the Proprietary Snort Rules, directly or indirectly, for commercial profit or gain. For more information on the GPL, please also visit the Free Software Foundation’s web page: http://www.gnu.org

Last updated: February 2005