jdow a écrit : > At least one well respected ninja sort from this list is also a > volunteer SANS Internet Storm Cellar operator. These folks do not seem > to be in the least "inexperienced" in the ways of malware and malware > delivery. That is why I take that diary entry at face value. >
maybe I'm wrong, but I don't think writing on sans pages erquires much more than "getting the article accepted", and those guys are good at internet security, not necessarily at internet collaboration policies. > I agree he could have included more information than he did without > giving away names involved. One piece of wording suggests he is an > admin at a box or rack rental place such as rackspace rather than a > wire rental place; and, it's customers are meeting with the problems > he's expected to clear up. > the problem is that he only says "he is right and they are wrong", without giving us a chance to judge by ourseleves. as one of my favourite math teachers used to say "toute proposition non justifée est sans valeur" (translation attempt: unproven propositions have no value). I personally dislike Trend and if asked, I could spend many paragraphs insulting their stupidity. but the article seems to suggest that they require "smtp/mail/..." in hostnames. This is simply not realistic. they do accept mail from a lot of hosts which are not named "smtp/mail/...". so the author lies (by omission or whatever, but that's it). and regarding sorbs, wev'e seen a lot of attacks... the fact that the article is published at SANS says nothing to me. I personally have no idea of SANS publishing policy and process. I've seen many "less than perfect" SANS articles (and I'm polite not to say "stupid", ...).
