Slashdot Mirror

← Back to Stories (view on slashdot.org)

Survival Time for Unpatched Systems Cut by Half

Posted by CmdrTaco on from the fire-your-walls dept.

UnderAttack writes "The Internet Storm Center published a graph showing historic trends for the "Survival Time" of unpatched, unprotected (windows) computers connected to the internet. Turns out, this number dropped from about 40 minutes last year, to 20 minutes this year. The survival time is calculated as the average time between reports for an average target IP address. If you are assuming that most of these reports are generated by worms that attempt to propagate, an unpatched system would be infected by such a probe. The data is collected from a large number of networks with different types of upstream protection. So if you are on an unprotected cable/DSL line, you may see probes much more frequently. Either way, 20 minutes is not long enough to download patches. The Honeynet Project did publish a paper with some stats back in 2001."

2 of 460 comments (clear)

  1. Re:20 minutes?? by W2k · · Score: 0, Flamebait

    Downloading all the patches isn't trivial?

    1. Apply appropriate security measures to prevent immediate exploitation (put PC behind firewall/NAT - even XP's built-in firewall will suffice in a pinch)
    2. Connect the PC to the network
    3. Open Internet Explorer, go to Tools->Windows Update
    4. Download all updates marked as critical, and all others you feel you need, starting with the ones that need to be installed separately (WU tells you which)
    5. Reboot
    6. Repeat steps 3-5 until WU has no more patches for you
    7. Configure automatic updates if not already done (WU will ask you to do this - it's a two-click procedure)

    Ta-dah, your PC is secure. Now, I admit that the above can take hours (especially on slow Internet connections) but it's not hard to do. Each step is trivial to perform for any but the most novice of computer users.

    --
    Quality, performance, value; you get only two, and you don't always get to pick.
  2. Re:No big deal - just install behind a firewall by Oddly_Drac · · Score: 0, Flamebait

    "I thought we were supposed to be IT professionals here?"

    No, we're Nerds. Third word along under 'Slashdot'.

    "The only possible reasons no-one has mentioned it are"

    I'd like to invoke the 'bloody obvious' clause.

    "I've been running XP since before it came out"

    And you're the fifth Beatle?

    --
    Oddly Draconis
    Too cynical to live, too stubborn to die.