Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Have you ever been hacked?

Status
Not open for further replies.
Sifer

Sifer

MIS
Jun 26, 2002
13
AU
Hi all!

I'm currently doing research for a white paper and would like to hear from people who have implemented anti-intrusion systems only to be hacked anyway. I'd like to know what firewall software you had running, how you discovered the attack, what general actions you took to thwart the attack and what you changed in your environment or software configs to stop future attacks occuring in the future. I'd also like to know what the intruder did while on your network. Did he deface a web site or steal information.

Are you now confident that your systems are now safe from hackers? And lastly, if a friend of yours had to set a security system up for their company but didn't have any experience, what would you say to them?

Cheers

Sifer
 
Sifer,
I can honestly say that none of our clients have been compromised (knocks on wood), so I can't really answer the first part of the question.

However, for the friend, I would recommend that he/she enlist the services of a professional and reputable consultant/firm. Security has to be set up in a layered approach and has to take into account the topology of the whole network. The mindset that says "I'll just drop in a firewall and be secure" is erroneous.

Aside from the network issues, there are political issues with security (ie balancing the need to block certain traffic with the desire of the CEO to do AOL Instant Messenger). Security measures often lead to conflict because of differing points of view and no real communication. End users see IT as the Nazi people who want to restrict how they do their "work." They really don't think of the big picture; they just know that IT is trying to ruin their MP3 downloads. IT managers, on the other hand, are tasked with keeping intruders out and ensuring that people can still do their legit jobs. This conflict can lead to really bad problems.

Hence, I would enlist the services of a good consulting firm to come in and:
1. Look at your network setup and present security model
2. Talk with higher levels of management about their findings
3. Create a plan for implementing better security
4. Executing the plan
5. Training the local staff on the security measures.


Hope this helps
------------
Certified in absolutely nothing :)
 
"if a friend of yours had to set a security system up for their company but didn't have any experience, what would you say to them?"

Get Specter!...if you can afford it.


...and Zone Alarm:
 
"if a friend of yours had to rewire their house but didn't have any experience, what would you say to them?"

Either hire someone with experience, or do a LOT of reading. Same applies to setting up network security.
-Steve
 
Status
Not open for further replies.

Similar threads

Tommy_T
  • Locked
  • Question
Sonic wall - Have an issue remotely connectioning VNC and SMB (and AFP) to one of the 2 ISP circuits
Replies
1
Views
230
nnaarrnn
nnaarrnn
GeorgeAlba
  • Locked
  • Question
What do you think about this proxy
Replies
0
Views
97
GeorgeAlba
GeorgeAlba
MrPB
  • Locked
  • Question
Am I being hacked/spied on?
Replies
7
Views
130
kjv1611
kjv1611
Blue407
  • Locked
  • Question
Home network hacked?
Replies
9
Views
120
Noway2
Noway2
basball
  • Locked
  • Question
Can you lag two dmz ports on a tz205?
Replies
2
Views
58
basball
basball

Part and Inventory Search

Sponsor

Back
Top