Click here for case studies, whitepapers and other useful vendor content Newsletter Subscription
It takes less than five minutes for hackers to find and compromise an unpatched Windows PC after it's connected to the Internet, a security researcher said today.
The SANS Institute's Internet Storm Center (ISC) currently estimates the "survival" time of an Internet-connected computer running Windows at around four minutes if it's not equipped with the latest Microsoft security patches, said Lorna Hutcheson, a researcher and analyst, in a post to the ISC blog.
"I have been asked many [times] by people if I really believed the survival time graph on the ISC site was truly an accurate representation of how long a new system had once connected," said Hutcheson. "The answer to this is 'yes' for most home users and systems that are Internet facing.
ISC maintains a record of the time between network probes for an average IP address, and assumes that hackers would follow a successful probe -- which would disclose one or more open ports -- with an exploit, most likely a worm.
Another security researcher, however, said unpatched machines can last longer than just a few minutes before falling to attack. The German Honeypot Project, which sets vulnerable systems on the Internet to collect malware, estimates survival time in hours, not minutes.
"Compared to the survival time from the Internet Storm Center which is currently below five minutes, we measure a higher survival time," said Thorsten Holz, a co-founder of the project and current a Ph.D. student at the University of Mannheim, in a post to the Honeypot Project's blog. The project's data estimates the average time between connecting to the Internet and compromise at under 1,000 minutes, or approximately 16 hours.
"[But] the time is still short and you need to patch a system before taking it online," said Holz.
"While the survival time varies quite a bit across methods used, pretty much all agree that placing an unpatched Windows computer directly onto the Internet in the hope that it downloads the patches faster than it gets exploited are odds that you wouldn't bet on in Vegas," added Hutcheson of the ISC.
ARN Member Login
ARN Panel Sessions: Day 3The last of our panel sessions recorded live at CeBIT 2008. Today, the topic is storage. Data is growing at an enormous rate, so what does the future hold?
Weekly Tech News Update: 7th October, 2008This week we're coming to you from the Ceatec show in Japan. It's a showcase for gadgets and gizmos galore from all of Japan's biggest electronics companies and this week we're going to be showing you the best of what the show has to offer.
Brian's bloopersIt takes a long time to produce an episode of Channel Watch. Maybe you'll understand why after watching this...
When an IT disaster occurs, how handy it would be to push a button and start again as if nothing had happened.
Discover and learn more about CA XOSoft today.
Multimedia Technology signs exclusive National distribution agreement with Freecom 07 October, 2008 14:30:00
Symantec State of Spam Report - October 2008 07 October, 2008 11:58:00
AIIA to Reward Sustainability and Green IT Champions at the 2009 iAwards 07 October, 2008 11:56:00
WD Unveils Affordable, High-Capacity Network Storage For Small Offices And Homes 07 October, 2008 11:40:00
Yellowfin Achieves BI Success with Asia Pacific Telcos 07 October, 2008 09:46:00
Dimension Data, La Trobe University and Windows Server 2008 partner to improve compliance
La Trobe University partnered with Dimension Data to deploy Windows Server 2008 and Network Access Protection technology to improve their existing network security solution.
Subscribe to ARN
