Week 10 reflective post

Since this week we can discuss any topic related to IT, I'd like to write about security by obscurity.
Security by obscurity is actually quite common in IT. Many of the companies with IT infrastructure (almost all in this day and age) rely on security by obscurity. The rationale in most of the cases is that to implement proper IT security is expensive and since nobody knows how the company is connected to internet, then there is nothing to worry about since nobody knows what IP to attack. Bad news for all of you who think like this!
My dynamic IP address is attacked every day between 150 to 500 times and this is an IP address that is assigned to my router from the pool of IP addresses that my ISP owns. So no one really knows which IP I'll get and when it will change, but still, every IP I get is constantly attacked all the time, 24x7. I know about it because I decided to do something about it, so I run Snort (intrusion detection software) on my router which gives me all these statistics. My Snort instance is configured with SnortSam plugin which automatically blocks offending IP addresses for 24 hrs, so the same attackers are not attacking me all the time (at least not all day). Most of the attacks are attacks for windows based computers, so all of you running windows, at least install or activate firewall software on your computers and install latest security patches.

The conclusion is that security by obscurity may work for a while, but sooner or later someone will hack their way into your computer unless you decide to protect yourself against it.