Survival Time for Unpatched Systems Cut by Half

UnderAttack writes "The Internet Storm Center published a graph showing historic trends for the "Survival Time" of unpatched, unprotected (windows) computers connected to the internet. Turns out, this number dropped from about 40 minutes last year, to 20 minutes this year. The survival time is calculated as the average time between reports for an average target IP address. If you are assuming that most of these reports are generated by worms that attempt to propagate, an unpatched system would be infected by such a probe. The data is collected from a large number of networks with different types of upstream protection. So if you are on an unprotected cable/DSL line, you may see probes much more frequently. Either way, 20 minutes is not long enough to download patches. The Honeynet Project did publish a paper with some stats back in 2001."

Re:Patch CDs

[Long-EZ]

I'm surprised nobody has said it yet.

If you're concerned about security, why not burn your favorite Linux install ISO onto a stack of CDs and label them Free Windows Security Update? As long as they still "have the web", most people wouldn't know the difference, other than the lack of infections.

Deceptive? Perhaps. But they'll thank you later, when their PC isn't thrashed by every Outlook worm of the week. What're we up to now, MyDoom S? When it reaches Z, I guess they'll start numbering with AA?

Mac and Linux users are tired of having their inboxes stuffed with Outlook worms and spam from infected zombie Windows PCs. Even when you do the right thing, you still suffer from other people running Windows.

I wonder...

[dfj225]

How much of the total traffic on the internet is from viruses/worms looking for targets? It's not that I really worry about getting infected, but I want to get all the bandwidth I can from my cable modem and I don't need rogue computer programs making the net crappier for everyone else!

blame the user, blame the user!

[twitter]

Ugh, what fantasy land do you live in?

Even if new computers were "almost up to date out of the box," the typical user gets creamed soon anyway. It may not happen right away, but someone always comes up with a bigger better nasty that exploits M$'s poorly designed software. All of these "patches" firewalls and other bandaids just don't work. By the time the user's computer is bogged down enough for them to notice, their computer has been used to send out all sorts of garbage and their original software is hoplessly out of date. Email bombs and malicious websites cut right through that cheap little hardware firewall just like they do virus filters and all the other expensive failed solutions that have been advocated. The average store puts the same out of date stuff right back on and sends them out to be owned all over again. They can not keep and distribute M$ patches, even if they did want to spend the hour or two required to install them all. The user does not want to pay for those extra two hours either as it might be cheaper to buy a newer version of Winblows at that point, if only the new version supported their hardware. It's totally miserable.

You can compare that experience to any modern Linux distribution and wonder why people use Windoze at all.

What's the difference?

[twitter]

please tell me you're just a kid playing, and not really a server admin.

There's not much difference in the harm he can do with his one system and the harm anyone else is doing with their XP Home. The cracker brings their own tools to both.

Also, as the recent download ject scandal shows, there's not much more the "grown up", well funded, M$ admin pros can do to protect themselves against malice. You should be happy if someone is running 2003 at home rather than at a fortune 500 bank. Microsoft was not ready for the internet back in 1995 and they still are not.

Why do you care?