Not everyone has l33t skilz or mass amounts of hardened TCP/IP stack programming experience. When I´m at work, I don´t look at logs all day long, nor do I run security audits every five minutes. I do my job, which takes all of my time. This is the situation for most small to medium sized companies that have only a few IT guys. So how does an everyday IT guy handle the constant threat of impending attack?
Keeping up with the latest security threats in a mixed OS environment is virtually impossible. You have to choose where to put your defenses. I choose my defenses based on my own paranoid view of the world, with my procrastination and laziness factored in for good measure. The term I use for this is “theoretical hacking”, in which no actual computers, programs or animals are harmed.
The first question in theoretical hacking is, “Where do I start?”. You have two options here, inside out or outside in. That is, you can consider attacks from the point of view of someone outside your office trying to break in. Or, you can consider scenarios in which someone inside your office is trying to cause damage or steal data. For now, let´s take the standpoint of some random dude on the outside trying to break into your network.Read Full Story