This is a graph showing the average amount of time between port scans against Windows boxen, and it’s change from last year to this year. It’s down from 40 minutes to 20 minutes over the last year.
If we take this and assume a few things:
(a) There will always be Windows security vulnerabilities – not an unreasonable assumption in a large piece of software like Windows, or any similarly large program.
(b) Windows security vulnerabilities will always be discovered and exploited long before they are patched by Microsoft – based on past experience, this is a fair statement.
(c) All of the script kiddies doing this port scans are knowledgeable in the most recent exploits against Microsoft Windows – a little pessimistic, perhaps, but with a several-month-long window (ahem) in which to exploit them before they get patched, acceptable.
Therefore, it can be assumed that a new Windows XP PC needs only to be online for 20 minutes before it becomes infected with a ‘push’ virus, contaminated with a trojan, or enslaved as a zombie. On a slow dial-up modem connection, that probably isn’t quite long enough to download a copy of ZoneAlarm…
Jeez. Thank Dog for SP2.
“Jeez. Thank Dog for SP2.”
Yeah, that works well…
http://www.theregister.co.uk/2004/08/20/sp2_scripting_vuln/
Not to mention the number of people who won’t install the damn thing because they’ve heard it ‘breaks’ a few games by having the firewall on by default.
More 0wned systems and spam for the rest of us all round, I think…