Risk Management Approach

Examine and weigh up the likelyhood and cosequences for all threats. It is important not to misjudge the threats or to underestimate the potential losses.

The objectives are to;
reduce the likelyhood of any given threat, as it is almost impossible to erradicate.
reduce the impact of any given threat by minimizing the damage and allowing for ongoing risk management.

What threats exist? What is emerging?

Use resources to determine what risks are current new and emerging;

http://www.incidents.org/

http://www.cert.org/

http://www.auscert.org.au/

What are you exposing?

Know what commonly Used Ports (TCP & UDP) are, and perform Port Scans on your machines to dermine where you are at risk (you may wish to implement a CRON job to scan the ports on your hosts/subnets ?).

Check your Common ports with listings of known Trojan ports;

http://nethog.net/feeds/niteryder/trojans.htm

http://www.simovits.com/sve/nyhetsarkiv/1999/nyheter9902.html

Keep your machines patched

Keeping your system and software up-to-date will prevent "script kiddies" from using generic tools to attack your site. If a patch is released, do you have a good reason for not patching your hosts?

http://windowsupdate.microsoft.com/

http://www.versiontracker.com/

http://www.ntbugtraq.com/

http://support.novell.com/filefinder/

http://www.securityfocus.com/ incl. Bugtraq Archive

Detect, and report, intruders

If your machines are being probed and attacked would you know? Set up intrusion detection/monitoring within your systems to determine who is looking at what.

NESSUS :: http://www.nessus.org/

SNORT :: http://www.snort.org/

ETHEREAL :: http://www.ethereal.com/