Page 1 of 5 123 ... LastLast
Results 1 to 10 of 50

Thread: 0Wn3d In 17 Minutes

  1. #1
    AO Security for Non-Geeks tonybradley's Avatar
    Join Date
    Aug 2002
    Posts
    830

    0Wn3d In 17 Minutes

    According to the SANS Institute's Internet Storm Center Survival Time data there is only an average of 17 minutes between network probes or attacks on the Internet. Theoretically, if you take a brand new Windows XP computer out of the box and plug it in to the Internet you have less than 20 minutes to download and apply the appropriate patches and updates before your computer is compromised or infected in some way.

    Obviously it isn't possible to download the patches in that time- even over a broadband connection. Users would have to be supplied with CD's packed with all necessary updates and instructed not to connect to the Internet until they are all applied.

    Scott Granneman discusses the Survival Time data and its implications for home users and network security in this Security Focus article: Infected In 20 Minutes

  2. #2
    Well most recent computer come with some kind of CD Firewall, mine came with Norton AV and Personal Firewall, its only that users install them after they've been online for a couple of days and got to know the computer !

  3. #3
    Senior Member
    Join Date
    Oct 2002
    Posts
    4,055
    I've known system's that have taken shorter amount's of time believe it or not. Once a system is connected to the internet, it has then made itself vulnerable to those in the wild. It is then susceptible to attack from the outside.
    Space For Rent.. =]

  4. #4
    AO Security for Non-Geeks tonybradley's Avatar
    Join Date
    Aug 2002
    Posts
    830
    I agree with Granneman that the world will be at least a little better off as XP SP2 machines make it to market. Not only will they be patched through a more current date and thus start off with more of a clean slate in terms of vulnerabilities, but the firewall is enabled by default.

    As he points out in the article, users don't even TRY to download the patches because they don't know what a patch is, why they want it or where to get it. Enabling the firewall and automatic updates by default will help a lot. I also agree for the most part with the logic of his comment:

    If a user isn't educated enough to know how to open up a port he needs to run a particular program that needs a hole punched in the firewall, then that user shouldn't have unfettered access to the Net anyway.
    I don't agree that switching friends and family to Linux or Mac OS X will solve the issue of providing free tech support though. Not only would you have to train everyone through the learning curve, but those OS's still need to be patched and updated as well. Hell- I used to support a company with about 30 graphic designers using Mac's and even though the PC's outnumbered the Mac's 5 to 1 I spent half of my time answering help desk calls from the Mac people.

  5. #5
    Senior Member
    Join Date
    Oct 2002
    Posts
    4,055
    tonybradley: Your quite correct. Switching family and friends from windows to linux or mac isn't always the best decision for a number of reasons. The main one would be transition itself. They would probably end up screwing up the system worse than they intend. Also, and like it has been stated before, people are afraid and hate/bitch about change.
    Space For Rent.. =]

  6. #6
    Senior Member DeadAddict's Avatar
    Join Date
    Jun 2003
    Posts
    2,583
    What I would like to see happen is when any user connects to the internet for the very first time on a new computer internet explorer should automatically go to the windows update site and begin downloading any updates that have been released instead of going to the msn home page.

  7. #7
    AO Security for Non-Geeks tonybradley's Avatar
    Join Date
    Aug 2002
    Posts
    830
    What I would like to see happen is when any user connects to the internet for the very first time on a new computer internet explorer should automatically go to the windows update site and begin downloading any updates that have been released instead of going to the msn home page.
    That is so crazy it just might work! Simple in its design and elegant in its execution. Honestly, it had not occurred to me previously but as soon as I read it I though "well, duh!".

    Why wouldn't Microsoft just make the default IE homepage the WindowsUpdate site or at the very least the Security At Home page on TechNet? Until a user applies the patches and updates they don't need to see the news on MSN and if they can't learn enough to change their homepage they probably don't have any business leaving the security site anyway.

    Great idea! Who has Bill Gate's cell number so we can run this by him? Maybe Ballmer's email? No? Well, hopefully Microsoft reads AO so they can benefit from your wisdom.

  8. #8
    AO French Antique News Whore
    Join Date
    Aug 2001
    Posts
    2,126
    Your late tony! I post that 4 days ago here ( http://www.antionline.com/showthread...104#post782104 ). I thnk it's same but I enjoy more discution on the subjet!
    -Simon \"SDK\"

  9. #9
    AO übergeek phishphreek's Avatar
    Join Date
    Jan 2002
    Posts
    4,325
    Originally posted here by DeadAddict
    What I would like to see happen is when any user connects to the internet for the very first time on a new computer internet explorer should automatically go to the windows update site and begin downloading any updates that have been released instead of going to the msn home page.
    Funny you say that. I just got a client's pc that was infected with tons of viruses... you name it... it was on there. Not A SINGLE PATCH was installed. Luckily for them I was able to uninstall and clean up all damage. I applied every update and set serious security restrictions on what they are allowed to do.

    Machine by machine... I'm making the internet a little bit safer... even if the clients can't do anything online....
    Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.

  10. #10
    Has anyone ever had compatibility problems with downloading critical updates? The only problem I can imagine with downloading updates immediately would be Tech Support hell if software breaks. I myself have never seen updates go awry, but I would expect some networks to be messed up a bit from a "forced" update.

    It would be better though, better than getting speared by worms.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •