Estimating the Time-To-Own of an Unpatched Windows PC 424
An anonymous reader notes a recent post on the SANS Institute's Internet Storm Center site estimating the time to infection of an unpatched Windows machine on the Internet — currently about 4 minutes. The researcher stipulated that the sub-5-minute estimate was valid for an unpatched machine in an ISP netblock with no NAT or firewall. The researcher, Lorna Hutcheson, called for others to post data on time-to-infection, and honeypot researchers in Germany did so the same day. They found longer times to infection, an average of 16 hours. Concludes the ISC's Hutchinson: "While the survival time varies quite a bit across methods used, pretty much all agree that placing an unpatched Windows computer directly onto the Internet in the hope that it downloads the patches faster than it gets exploited are odds that you wouldn't bet on in Vegas."
Baloney (Score:1, Funny)
I am posting this message from a completely unpatched windows box on the Internet and I am not seeing any side eff....
Buy Viagra Cheap at http://myipaddres/viaga
Re:Um, what version? (Score:4, Funny)
Would be interesting to compare with Vista.
They tried. They ran into some obscure bug with Vista that prevents it from accessing the internet while the machine is powered on.
Typical /. Hypocrisy! (Score:5, Funny)
I keep hearing on /. about how slow Windows is. Now it turns out that Windows is very fast.
Re:Baloney (Score:1, Funny)
Pft. Newb. If you were smart, like me, you would have patched your Windows bo
Buy Viagra Cheap at http://myipaddres/viaga
Re:Baloney (Score:5, Funny)
Fools, don't you know that all you have to do is make sure you scan any flopp
Buy Viagra Cheap at http://myipaddres/viaga [myipaddres]
Re:I have to call BS (Score:5, Funny)
I never patch my windows unless its a service pack and I run just fine... Always have my Antivirus running and Windows defender with a router with built-in firewall... No complaints for the 7 years since I built my pc....
Indeed, your computer is a valued member of our botnet.
Re:Baloney (Score:5, Funny)
Haha, no problem for me with my Linux dis
Buy Viagra Cheap at http://myipaddres/viaga [myipaddres]
Re:How is this measured (Score:2, Funny)
How is this statistic measured?
How long is a piece of string?
Pretty short in this case...
Anonymous Coward (Score:1, Funny)
Why does my IT guy always say PwN3D? he actually pronounces the "3" in klingon. Does this somehow relate?
Re:Baloney (Score:2, Funny)
Well, once again, me and my Mac have been proven to be superi
Buy Viagra Cheap at http://myipaddres/viaga [myipaddres]
Re:Baloney (Score:1, Funny)
This reminds me, can your OS be shut off remotely? Because I just got a new dell, and I'm wondering if I install linux can dell jack my computer and turn it off remo
Re:What? (Score:1, Funny)
Luck.
hell people have managed to survive jumping from airplanes without a parachute.
Re:How is this measured (Score:4, Funny)
Re:Typical /. Hypocrisy! (Score:5, Funny)
Kinda like a high priced callgirl...and just as expensive to purchase.
But you only get to use windows for a couple of hours before you get a virus ... oh, wait ...
Re:Baloney (Score:2, Funny)
It just means your aquarium populates faster now.. (Score:2, Funny)
http://xkcd.com/350/ [xkcd.com]
Re:wholesale jewelry (Score:4, Funny)
Slashdot the spammers!
Re:How is this measured (Score:2, Funny)
Re:Honeynet (Score:5, Funny)
If this is Windows XP, why isn't there an article on the time-to-own for an unpatched RedHat 8 install?
Can you still buy Redhat 8?
Can you still buy Windows XP?
Re:Doesn't make sense (Score:3, Funny)
As the OP said, just don't browse the web while you're doing a server install.
Yeah, let's see YOU install Gentoo without browsing the web.
Re:How is this measured (Score:5, Funny)
Everybody who would be reading this article?
Re:How is this measured (Score:3, Funny)
if everyone was computer savvy like most of us here then there would be hardly any need for The Geek Squad, and others.
Are you sure there is a need for geek squad? People can steal porn [slashdot.org] off of computers without professional help....
Re:Funny thing is that Zone Alarm has had vulns (Score:4, Funny)
How hard would it be for Microsoft to add a patch CD to the box, or when patches are released to ship patch CDs..... to people that ask nicely for them?
It seems that it's not that hard, seeing that they already do.
Your homework for today is to find the link at Microsoft's site that lets you get a copy of the SP3 security update CD mailed to you, and post it below. Extra points if you can write a script that goes through your local phone book and orders a CD for each person.
Re:How is this measured (Score:5, Funny)
Exactly.
Everybody's long since upgraded to the Storm worm.