Unpatched PCs go down in 20 minutes on the 'net!

Discussion in 'Community' started by stoid, Aug 18, 2004.

  1. stoid macrumors 601

    stoid

    Joined:
    Feb 17, 2002
    Location:
    So long, and thanks for all the fish!
    #1
    Article


    One word comes to mind. Ouch. :(
     
  2. G5orbust macrumors 65816

    G5orbust

    Joined:
    Jun 14, 2002
  3. iMeowbot macrumors G3

    iMeowbot

    Joined:
    Aug 30, 2003
    #3
    It's actually much worse than that. That average includes users whose ISPs use SPI or the like to filter out packets headed to known vulnerable ports. On an unfiltered network the survival time is much shorter.
     
  4. virividox macrumors 601

    virividox

    Joined:
    Aug 19, 2003
    Location:
    Manila - Nottingham - Philadelphia - Santa Barbar
    #4
    thats horrible

    now i dont want to reformat my pc back here and have to gothroughthe patching if i will just end up leaving it vulnerable...ugh
     
  5. iMeowbot macrumors G3

    iMeowbot

    Joined:
    Aug 30, 2003
    #5
    The answer for PCs is to always use them behind at least a NAT router. That renders them pretty much safe (unless malware enters through another route such as email).
     
  6. stevehaslip macrumors 6502a

    stevehaslip

    Joined:
    Apr 30, 2004
    Location:
    The Ocean Floor
    #6
    thats seriously harsh! I'm trying to get my mum on the internet at the moment, she is quite good at excel and word stuff but wants to surf! Shes using an XP machine though, scary thought!
     
  7. garybUK Guest

    garybUK

    Joined:
    Jun 3, 2002
    #7
    I managed to get the sasser virus in less than 10 minutes when installing ADSL for a neighbour.

    I ended up re-formatting ^again^ but armed with a copy of of adaware / zone alarm, which I had to install BEFORE the graphics card drivers to stop this damn thing being re-infected.

    I always suggest now that people buy a dedicated router and stop ICMP replies going out, that way Sasser etc are useless (unless manually downloaded).

    1 experiment to try, a vanilla install of windows, run windows update and patch it up. Then using I.E. browse the net for a game crack, I can guarantee it will at least change your homepage and install some weird toolbar in I.E. without you ever noticing its done it.

    Thats why people should abandon I.E. and use Mozilla firefox.
     
  8. AmigoMac macrumors 68020

    AmigoMac

    Joined:
    Aug 5, 2003
    Location:
    l'Allemagne
    #8
    I saw the champion ....

    a private customer got a PC from some small company and called me to install the software which comes with the ISP, he paid the antivirus program which should update itself when he is detected in internet, all by the ISP, OK, I connected everything (less than 4 min), username, password, connecting to ISP to start the antivirus program for the first time... Boom! Done... your PC will restart in 60, 59,58, 57 :p ... he's since 1 month retired in this was his first private PC :eek: , he decided to travel today and will be back next week... I'm sorry for him, scary as already said but funny as well ;)
     
  9. Nermal Moderator

    Nermal

    Staff Member

    Joined:
    Dec 7, 2002
    Location:
    New Zealand
    #9
    I think I'm safe, for three reasons:

    1. I have a NAT router.
    2. I use the best* ISP in the country.
    3. I use a Mac :D

    *Well maybe not the best, but at least it's not MSN :eek: (MSN has the highest market share over here)
     
  10. XnavxeMiyyep macrumors 65816

    XnavxeMiyyep

    Joined:
    Mar 27, 2003
    Location:
    Washington
    #10
    I saw this article and told some of my PC using friends on Instant Messenger. Two of their responses were "I think that happened to my computer," and "I don't want to click the link, because Internet Explorer gives me too many pop-ups."
     
  11. musicpyrite macrumors 68000

    musicpyrite

    Joined:
    Jan 6, 2004
    Location:
    Cape Cod
    #11
    What do they mean by 'compromised'?

    Do they mean that the computer has a few (1-5) malware programs?
    Or something like 50?
    Or do they mean the computer is completely unusable?
     
  12. stoid thread starter macrumors 601

    stoid

    Joined:
    Feb 17, 2002
    Location:
    So long, and thanks for all the fish!
    #12
    Compromised is defined as contracting some sort of self-propagating malware.
     
  13. craigdawg macrumors 6502

    Joined:
    Mar 8, 2004
    Location:
    Sactown
    #13
    The article was somewhat vague about exactly what "compromised" means.

    The sponsor of the report, the Internet Storm Center, talks about "survivaltime" which is "as the average time between reports for an average target IP address. If you are assuming that most of these reports are generated by worms that attempt to propagate, an unpatched system would be infected by such a probe."

    The 20 minutes is the average time before you're likely to have a port probed by a worm and assumes an open port will be discovered and "compromised".

    It's a little bit of hyperbole I think.

    They do have a guide with an interesting title called Windows XP: Surviving the First Day. :)
     
  14. whooleytoo macrumors 603

    whooleytoo

    Joined:
    Aug 2, 2002
    Location:
    Cork, Ireland.
    #14
    Just 1 is enough to be considered compromised.
     
  15. 18thTomorrow macrumors 6502

    Joined:
    Apr 5, 2004
    Location:
    The Alpha Quadrant
  16. Eomando macrumors member

    Joined:
    Apr 7, 2004
    Location:
    UK
    #16
    Undoubtedly true. When I got my old laptop, the first thing I did was to try to download a firewall...and whilst it was downloading (dialup, so it took about 15-20 minutes)...i got a worm that was such a *pain* to get rid of.

    But now I have my mac, so I'm getting over the nightmares :)
     
  17. CubaTBird macrumors 68020

    Joined:
    Apr 18, 2004
    #17
    OKay, here's what I don't understand

    I have a friend who has never patched his comp and has win xp.. He's on cable modem and says patches slow down his computer.. he doesn't even have the firewall on, he is just very careful of what he downloads and uses common sense. Your computer just won't get a virus just from being on the net... There's a reason for everything. I also know other people who patch very little and have yet to experience a virus.. Why? b/c they use common sense and don't open suspicious e-mail etc.
     
  18. Mantat macrumors 6502a

    Joined:
    Sep 19, 2003
    Location:
    Montréal (Canada)
    #18
    Sorry but you are just showing your ignorance here... New virus propagate without any user interaction using some odd ports or buffer overflow. There is nothing you can do againts these except patch and firewall.

    Its very hard to believe that your friend has no protection and isnt infected by some kind of unwanted crapware. My favorite was the one who made your computer reboot every 5mins, the tech guys here simply asked everyone do disconnect from the network until all computers were patched. When he came to my office and saw that I had a mac and still browsing the net I could see in his eyes envy and resignation of the pc policy of my university...
     
  19. rueyeet macrumors 65816

    rueyeet

    Joined:
    Jun 10, 2003
    Location:
    MD
    #19
    Maybe not, but this article is talking about self-propagating worms, which operate directly over an internet connection without any action from the user of the infected computer. Unlike viruses, spyware, and adware, he wouldn't need to do anything "wrong" to get one, and wouldn't necessarily see any effects from it.

    A worm just sits there on your computer, attempting to propagate itself to other computers over your internet connection. Depending on the worm, it might also be waiting for instructions from the person who put it there, who may be using your computer as a 'bot to send spam, or any other number of uses.

    ALL of this will probably happen without the legitimate user of the infected computer noticing a single thing. That's what they mean by "compromised", and once is enough to qualify.

    This is why I have told my Mom that I will not support Windows on her next computer, and I'm trying to convince my dad as well. Neither of them are capable of maintaining Windows to any secure level, and I'm not going to do it from a distance.
     
  20. spinner macrumors regular

    Joined:
    Jan 16, 2002
    Location:
    South Dakota
    #20
    Funny Stuff

    "If the human body did patch management the way (companies do), we'd all be dead."

    I think Apple should somehow incorporate that article into future advertisements. :p
     
  21. comictimes macrumors 6502a

    comictimes

    Joined:
    Jun 20, 2004
    Location:
    Berkeley, California
    #21
    hehe.. that's classic :D One of my friends got that worm, or virus, or whatever it was. I was talking to him online, and he never had time to say much before his computer rebooted again. It was incredibly entertaining for me...
     
  22. stoid thread starter macrumors 601

    stoid

    Joined:
    Feb 17, 2002
    Location:
    So long, and thanks for all the fish!
    #22
    If the human body did ANYTHING like Microsoft, we'd all be dead. :eek:
     
  23. Jalexster macrumors 6502a

    Joined:
    Jun 8, 2004
    #23
    This would result in the following:

    "Hey does your brain run Windows or Linux? I'm a genius so my brain runs Mac OS X."
    "I'm running Windows"
    "You do know your brain will get compromised"
    "No it won't..." *Runs away, while screaming a song about hedgehogs* "I love my Windows hedgehog! Woop, Woop Woop!"
    "Ah looks like he got that hedgehog trojan, stupid Windows user"

    And this:

    Microsoft releases Windows Intellegence Lite! Now you can only use three senses at once, and can't share ideas with family members! However, you can still communicate with strangers, and use our award-wining privacy systems!

    Don't forget this:

    "My name is Ted, I'm 15 years old, I can't read, and I can't stop screaming my secrets out to people! Help me! I eat dog food and fried cabbage! Ah, I don't want people to know that!"

    Oh, there is also this:

    "I remember when we used to run nothin but UNIX on our brains. It couldn't be hacked, unless it was by a dreaded "phycologist-hacker", and it had terrible Floating-Point support. But it could do alot of things, like allow us to multitask!"
     
  24. BakedBeans macrumors 68040

    BakedBeans

    Joined:
    May 6, 2004
    Location:
    What's Your Favorite Posish
    #24
    i think you forgot...


    windows user....

    sorry i cant see you, ive been trying to set-up and instal my eyes for days..
    but my brain just doesnt want to recogognise them..

    os x user...

    thats strange
    i just put my eyes in and they started working straight away,


    or

    windows user
    i when out into the big wide world yesterday and i had a cold by the time i got to the shop... and on the way home i just froze and turned blue..the doctor said it was the blue face of death... dr norton is so good he made me all better in just a few formats.. of course ive forgot everything i have ever known but at least i work ( except eyes of course )

    osx user
    ive been out for hours in the big wide world, and ive never even had so much as a headache... i wouldn't know who dr norton is, i dont need him...
     
  25. Mord macrumors G4

    Mord

    Joined:
    Aug 24, 2003
    Location:
    UK
    #25
    correction norton attacked me and screwed with my brain (system works for mac os x broke more than it fixed)
     

Share This Page