I am working on learning network security… so I went and picked up the NMAP Network Scanning book (ISBN: 978-0-9799587-1-7) from Gordon Lyon and Insecure.org.
During my reading he talks alot about an Intrusion Detection System (IDS). Apparently IDS’s are used to detect attacks on their networks including something benign as a port scan. This got me thinking… doesn’t my MS Action Pack include something like that… indeed it does… two in fact. The ISA 2006 and it’s newer replacement Threat Management Gateway (TMG 2010).
Any respectable hacker would jump at the chance to set it up and “hack” yourself to see what happens right? OF COURSE!!!
I’ve setup the new system and placed it on the “edge” of my network. This puts it in exactly the right spot to have the largest exposure… right…
