Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Re: Know Your Enemy: Tracking Botnets (ThorstenHolz)

From: Valdis.Kletnieks () vt edu
Date: Mon, 14 Mar 2005 13:11:08 -0500
On Mon, 14 Mar 2005 20:21:35 +0300, phased said:


no they didnt, shit paper, nothing new, absolute crap just publicity bollocks


(I haven't actually read the paper in question yet, but still..)

Notice that often, a "nothing new" paper can still be important just due to
readability by an audience other than the technical geeks.  For example, it's
been *years* since "Smashing the stack for fun and profit" made it all clear
for the bitheads among us - but would you give it to your upper management as
justification for a project?  No, you'd need to find a white paper that had
"nothing new" in it, but which stated it in a way that the threat becomes clear
even to a manager.  And writing something that's accessible by a *novice*
sysadmin that has maybe a year or two experience is an entirely different skill....

In fact, for some stuff like the FBI/SANS Top 20 we do every year, or the
Center for Internet Security benchmarks, if something is "new", it's almost
certainly out of scope - when I did a very early draft of what Hal Pomeranz
ended up making into the CIS Solaris benchmark, "Have I heard this point enough
times I want to gag" was one of the clearest indicators that something should
be in the guidelines...

Attachment: _bin
Description: 

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://www.secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: