Survival Time for Unpatched Systems Cut by Half

UnderAttack writes "The Internet Storm Center published a graph showing historic trends for the "Survival Time" of unpatched, unprotected (windows) computers connected to the internet. Turns out, this number dropped from about 40 minutes last year, to 20 minutes this year. The survival time is calculated as the average time between reports for an average target IP address. If you are assuming that most of these reports are generated by worms that attempt to propagate, an unpatched system would be infected by such a probe. The data is collected from a large number of networks with different types of upstream protection. So if you are on an unprotected cable/DSL line, you may see probes much more frequently. Either way, 20 minutes is not long enough to download patches. The Honeynet Project did publish a paper with some stats back in 2001."

Caveat

[b1t+r0t]

Of course we all know which operating system is getting p0wn3d so quickly. Linux (as long as you don't from install a CD more than two years old), BSD, and OS X have a much higher tt0.

20 minutes? More like 20 seconds.

[mbourgon]

As a test last week, we put a machine with a firewall on a dial-up account. Roughly 30 seconds after it connected was the first hit from Sasser.

20 mins..

[TheRiddler]

Is more than enough to download and install a free firewall program such as Sygate Personal Firewall (my windows pcs have that). That should buy the user enough time to get the patches.