From: Stefano Zanero (zanero@elet.polimi.it)
Date: Thu Jun 15 2006 - 16:17:48 EDT
Dominique Karg wrote:
> It's not my duty to enter into discussion if ossim is easy to use or not
It is easy to use - not so much to install ;)
> I must say that I have to deny this and ask Stefano sincerely for proof
> of this.
Let me say that your denial on public record here on this list is more
than enough - I believe you on your word.
However...
> This is why parts of it may be not well documented, not clearly
> structured and so on. But obfuscating / complicating code in purpose ?
> No way.
Well, last time I looked (it was september last year) the OSSIM server
code was completely undocumented - not just in nice, user friendly docs,
but not EVEN IN THE CODE.
We had to reconstruct the communication between client and server by
reverse engineering the code and sniffing the communications, which is,
let me say this gently, UNCOMMON for an open source project aiming to
integration. Don't you think so ?
> Anyway, if you have had trouble understanding the code and needed help,
> we've got a small but fine user base who would've been glad to help
We tried, at that time, on both #ossim and on project mailing lists...
The answers we had were 1) in french and 2) private, so I won't quote
them here... but I can quote a brief sentence of one of your "user base"
members:
" Ce manque de commentaires est fait pour éviter la reprise et
modification du code source par d'autres personnes !! Un développeur
OSSIM a dit: "if hell was coded, it would have been done like our server" "
This mail, and others of the kind, were partially confirmed by devels on
the channel. If your policy has changed, or if this was just a huge
misunderstanding, I'll be glad to see some devel docs as soon as you can
fix them together. Even as drafts, we will be glad to help you put the
knowledge base together.
Best,
Stefano Zanero
------------------------------------------------------------------------------
This List Sponsored by: Cenzic
Concerned about Web Application Security?
Why not go with the #1 solution - Cenzic, the only one to win the Analyst's
Choice Award from eWeek. As attacks through web applications continue to rise,
you need to proactively protect your applications from hackers. Cenzic has the
most comprehensive solutions to meet your application security penetration
testing and vulnerability management needs. You have an option to go with a
managed service (Cenzic ClickToSecure) or an enterprise software
(Cenzic Hailstorm). Download FREE whitepaper on how a managed service can
help you: http://www.cenzic.com/news_events/wpappsec.php
And, now for a limited time we can do a FREE audit for you to confirm your
results from other product. Contact us at request@cenzic.com for details.
------------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:56:07 EDT