Getting hacked - inevitable?

How does everyone balance paranoia and realism with regards to server security? Obviously the most secure computer is one that is not connected to any network at all. But when you offer network services (web, email, etc), you are exposed.

We are engaged in internal debate about various intrusion detection systems, router access control lists, user privileges, etc. One team member has suggested that getting hacked is essentially inevitable. We all want to minimize the risks of course, but does anyone else agree with this sentiment?

As a followup, what intrusion detection software do people use (we're Linux-based)?

 

 

 

 

Top