valuable article almost a year ago that will probably be applicable for
a very long time: Nine
questions to ask when evaluating a security threat.
keep in mind when asking yourself these questions: the underlying
assumptions are not static and other "forces" may change the questions.
To be able to answer the questions effectively, you need to have
intimate knowledge of your infrastructure (well-maintained documention)
and you need to know what "normal" traffic looks like (well-monitored