Jesper Johansson just posted an article in TechNet magazine describing how a hacker might take over your network.
One tidbit from the conclusions:
Once a network has been thoroughly hacked, the system administrator has three options: update their resume, hope the hacker does a good job running the network, or drain the network. You will of course need to take action to deal with the attack. Let’s first take a look at some of the available options and assumptions and consider why they might not be the best course of action when cleaning a hacked system.
While his article shows how a single vulnerability can be exploited to totally own a network, his conclusion is totally relevant:
In this article, I’ve examined how a Windows-based network might be hacked. I hasten to point out that Windows-based networks are no less secure than any other network. While the specific attacks used in this article are unique to Windows, minor modifications to the techniques and a new tool set would make the same compromise possible on a network running a different platform. The problem is not the platform itself, but the practices. All platforms are securable, but all networks are exploitable if they are not architected and implemented carefully. Poor implementation is always poor implementation, regardless of the underlying platform.
This isn’t a “windows” problem. It’s a secure system problem. Once the vulnerability is exploited, the ONLY difference between compromising a Windows system and a *nix system (or an OSX system, or any other system) is the tools that are used to compromise the system.