US Investigates Snort Sale as a Security Risk

Use Netsparker


Basically the Americans are saying a lot of their sensitive govermental organisations are using Snort and they don’t want the software to be controlled by an Israeli company, they see it as a threat.

The same Bush administration review panel that approved a ports deal involving the United Arab Emirates has notified a leading Israeli software company that it faces a rare, full-blown investigation over its plans to buy a smaller rival.

The objections by the FBI and Pentagon were partly over specialized intrusion detection software known as “Snort,” which guards some classified U.S. military and intelligence computers.

Snort’s author is a senior executive at Sourcefire Inc., which would be sold to publicly traded Check Point Software Technologies Ltd. in Ramat Gan, Israel. Sourcefire is based in Columbia, Md.

Check Point was told U.S. officials feared the transaction could endanger some of government’s most sensitive computer systems. The company announced it had agreed to acquire Sourcefire in October.

Is it really a threat?

I’m guessing from this though that the US government then doesn’t use ANY Checkpoint devices or software in any of its organisations.

The ongoing 45-day investigation into the Israeli deal is only the 26th of its type conducted among 1,600 business transactions reviewed by the Committee on Foreign Investments in the United States. The panel, facing criticism by Congress about its scrutiny of the ports deal, judges the security risks of foreign companies buying or investing in American industry.

I wonder what the outcome is going to be.

Let’s hope the whole thing is dealt with properly.

Source: Redmond Mag – (Slashdot)

Posted in: Legal Issues, Security Software

, , , ,


Latest Posts:


Eraser - Windows Secure Erase Hard Drive Wiper Eraser – Windows Secure Erase Hard Drive Wiper
Eraser is a hard drive wiper for Windows which allows you to run a secure erase and completely remove sensitive data from your hard drive by overwriting it several times with carefully selected patterns.
Insecure software versions are a problem Web Security Stats Show XSS & Outdated Software Are Major Problems
Netsparker just published some anonymized Web Security Stats about the security vulnerabilities their online solution identified on their users’ web applications and web services during the last 3 years.
CTFR - Abuse Certificate Transparency Logs For HTTPS Subdomains CTFR – Abuse Certificate Transparency Logs For HTTPS Subdomains
CTFR is a Python-based tool to Abuse Certificate Transparency Logs to get subdomains from a HTTPS website in a few seconds.
testssl.sh - Test SSL Security Including Ciphers, Protocols & Detect Flaws testssl.sh – Test SSL Security Including Ciphers, Protocols & Detect Flaws
testssl.sh is a free command line tool to test SSL security, it checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws and more.
Four Year Old libSSH Bug Leaves Servers Wide Open Four Year Old libssh Bug Leaves Servers Wide Open
A fairly serious 4-year old libssh bug has left servers vulnerable to remote compromise, fortunately, the attack surface isn't that big as neither OpenSSH or the GitHub implementation are affected.
CHIPSEC - Platform Security Assessment Framework CHIPSEC – Platform Security Assessment Framework For Firmware Hacking
CHIPSEC is a platform security assessment framework for PCs including hardware, system firmware (BIOS/UEFI), and platform components for firmware hacking.


One Response to US Investigates Snort Sale as a Security Risk

  1. Navaho Gunleg March 30, 2006 at 6:27 am #

    Sure, it’s a serious threat: it threatens the US’s economy if the ownership of that company went abroad. It doesn’t matter that the company is from Israel as it has nothing to do with politics, or fear of backdoor-ed software, it’s all about economics.

    From a technical point of view, it doesn’t really matter what company owns the code as long as the code stays the samen, no?

    It seems US policy to keep everything, which is successful and has the potential to make money, inside.