The Tao of Network Security Monitoring, and our suite Sguil have been "Bilanoed." I have coined this term to refer to being parodied by Mr. Billy B. Bilano. I first became aware of this fictional (man, I hope he's fictional) character when he described a "crypto virus" on the Full-Disclosure list. Watching people feed the troll was hilarious. Bill's latest message can be found in his posting to Snort-users. Here is an excerpt:
"See, at first I decided I would use this Squil IDS thing but that crazy Russian guy that wrote down the docs said I needed to keep every packet in a database (who has time for being a packet rat like that?) to make sure I don't get hackered by the nerds! Well that makes a whole hell of a lot of sense! If you keep them online in a database and you get hacked then the hacker will be able to just copy and paste them packets and whammo! Instant replay attack! Maybe I should I gift wrap them too? Smart thinking there you Bolshevik dundernuts! First Northcut drops his drawers at SANS and now this Betjitch guy wants to pinch it off for the hackers! His book should be called Tao of Network Reach-arounds!"
My reply is also available.