Posted on 08/18/2004 10:04:30 AM PDT by glorgau
Don't connect that new PC to the Internet before taking security precautions, researchers at the Internet Storm Center warned Tuesday.
According to the researchers, an unpatched Windows PC connected to the Internet will last for only about 20 minutes before it's compromised by malware, on average. That figure is down from around 40 minutes, the group's estimate in 2003.
The Internet Storm Center, which is part of the SANS Institute, calculated the 20-minute "survival time" by listening on vacant Internet Protocol addresses and timing the frequency of reports received there.
"If you are assuming that most of these reports are generated by worms that attempt to propagate, an unpatched system would be infected by such a probe," the center, which provides research and education on security issues, said in a statement.
The drop from 40 minutes to 20 minutes is worrisome because it means the average "survival time" is not long enough for a user to download the very patches that would protect a PC from Internet threats.
Scott Conti, network operations manager for the University of Massachusetts at Amherst, said he finds the center's data believeable.
"It's a tough problem, and it's getting tougher," Conti said.
One of Conti's administrators tested the center's data recently by placing two unpatched computers on the network. Both were compromised within 20 minutes, he said.
The school is now checking the status of computers before letting them connect to the Internet. If a machine doesn't have the latest patches, it gets quarantined with limited network access until the PC is back up to date.
"We are giving the people the ability to remediate before connecting to the network," Conti said.
The center also said in its analysis that the time it takes for a computer to be compromised will vary widely from network to network.
If the Internet service provider blocks the data channels commonly used by worms to spread, then a PC user will have more time to patch.
"On the other hand, university networks and users of high-speed Internet services are frequently targeted with additional scans from malware like bots," the group stated. "If you are connected to such a network, your 'survival time' will be much smaller."
In a guide to patching a new Windows system, the Internet Storm Center recommends that users turn off Windows file sharing and enable the Internet Connection Firewall. Microsoft's latest security update, Windows XP Service Pack 2, will set such a configuration, but users will have to go online to get the update, opening themselves up to attack.
One problem, experts say, is network administrators' reliance on patching and their assumption that users will quickly patch systems.
Speaking recently at the Microsoft TechEd developer conference in Amsterdam, Microsoft security consultant Fred Baumhardt said the day is likely to come when a virus or worm brings down everything.
"Nobody will have time to detect it," he said. "Nobody will have time to issue patches or virus definitions and get them out there. This shows that patch management is not the be-all and end-all."
Baumhardt stressed the importance of adaptability, using the human immune system as an example: "Imagine if your body said, 'Hmm, I have the flu. I've never had this before, so I'll die.' But that doesn't happen: Your body raises its temperature and so on, to buy time while other mechanisms kick in."
"If the human body did patch management the way (companies do), we'd all be dead."
Matt Loney of ZDNet UK reported from London.
Also,would someone like me that has little computer knowledge be better off with Opera or would Mozilla be easier to get set up and use?
With an alternate browser,should I still use AdAware,Spybot,Spyware Blaster,Zone Alarm,AVG,Popup Popper and Mailwasher?
I never used Mozilla so I can't offer an opinion. Other poster have said it is pretty good-although I have heard that it is slow. Yes, you should use AV, a firewall (like Zone alarm), and anti-trojan software because you still get pings even on Opera-much fewer pings (computers sending code to your computer-most are harmless/some are not). Also, if you have DSL, your connection is on all the time, and you can get bad stuff even if you are not on the web-just by being connected. Further, you should keep IE because some websites simply won't work with any other browser which means you still have to protect it as best you can. When (it always happens), some hacker manages to hijack your IE browser or homepage and you can't get on the internet,you can use opera or mozilla to get on the internet and find the solution to your problem. There are some good tech websites and really nice people who will help you. I use Opera (paid version couldn't stand the ads that come with unpaid version) most of the time. I use IE only when I must. Also, Aol (do you have messenger) will really mess up your computer. Use Trillion (free) AOL (new version) is loaded with Wild Tangent, weather bug and one other type of spyware-I can't remember the name. MGI photo suite also loads wild tangent. It is so annoying to buy software and find it has spyware. It took me days to get the junk off my computer. Hope this helps. Good luck. You are a nice person to help others and a fast learner (I wasn't) I can tell. LOL
I use Adaware, Spyblaster, spybot, zone alarm and pest patrol. I have Mcaffe (came with computer), but I don't reccomend it because they have terrible customer service.
You still get bad stuff and will need to learn how to edit your registry. Although the new spybot is great about asking you before the registry is changed.
I don't find Opera difficult, but I did know quite a bit about computers when I got it. You can try different browsers-mozilla, firefox (if this right name?) or opera. If you don't like them then uninstall using the control panel add/remove software.
self ping for later.
When I was drug out of the river and told to try a computer that was placed in front of me,I had no idea how to even start it and had no use for it at first but kept running into Free Republic and got hooked. :)
Meds sometimes keep me from picking things up very quickly now but I am learning and helping some others as I do.Knowing my own limitations helps a lot.
Been surprised that so many people that have taken college computer classes have even less knowledge about some things with computers than I do but think they know it all.I've gotten a few computers back up and running after some know it alls had butchered them and still don't even know what I did right in several instances.
.
One thing I've noticed,most people I run into have no idea about using control,alt,delete to stop programs before installing something .They just stop the running processes in the taskbar or systems tray.
You were in an accident? I am sorry to hear that. I think you are quite knowledgeable. As for college grads, I do not have a degree in computers...I am a biology/chemistry major.I know there is much more to learn... You know what...compters change every day. The threats also change and are becoming more dangerous. I learned-like you by working on my computer (made more than a few mistakes let me tell you). Thank you for an interesting discussion. I hope you are getting stronger. My husband was sick for three years. I know what it is to have physical problems. God Bless You. If I can help in any way, please let me know...I am not an expert by any means, but I am interested, and I am a pretty good researcher. LOL
wow!
Sure do.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.