Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

The Standards Balancing Act

A recently revealed flaw in Snort, a popular open-source intrusion-detection system used by many corporations and government agencies, could let an attacker subvert many of Snort's HTTP content-inspection rules simply by manipulating Snort's implementation of the HTTP standard. Closer adherence to the standard might have prevented this flaw.

Too often, tight protocol standards are not considered significant in information security, but this bug highlights the importance of adherence to industry standards.

The standards war has been waging for years. At one extreme are companies like Microsoft that often ignore existing specifications and create their own redundant protocols to lock users into their products. At the other extreme are people like Dan Bernstein, a University of Illinois professor who has gone so far as to cause his popular mail server, Qmail, to refuse service to mail clients that do not precisely follow protocol standards (resulting in some unreceived mail). Where on this spectrum the happy medium lies remains to be seen, but perhaps this latest flaw in Snort will bring attention to the importance of strict standards.