A lot of attacks can be launched against networks. The tools to accomplish these attacks are becoming more widespread and easier to use every day. It is important to stay ahead of the attackers. It is next to impossible to keep out a determined attacker, especially a skilled attacker.
Fortunately, attacks launched by skilled attackers are less common than attacks launched by unskilled attackers, the so-called script kiddies. Administrators should concentrate on protecting their networks from basic attacks, and remain vigilant against skilled attacks.
Vigilance is best maintained by tracking security issues closely. Monitor vendor security information and independent security websites and mailing lists. Probably the best independent research point is the BugTraq mailing list, which is part of the Security Focus website (www.securityfocus.com) and publishes information quickly. Another excellent source for information is the Common Vulnerabilities and Exposures list, maintained by the MITRE Corporation (cve.mitre.org). Finally, both CERT (www.cert.org/) and CIAC (www.ciac.org/ciac/) publish alerts which are not as timely as those on the BugTraq mailing list, but there are also fewer false positives.