MyComputerPaladin.com

Whoa!

The Internet is a dangerous place indeed!

The Paladin was reading some posts over at the Internet Storm Center (you can check out the original post by clicking here) and was intrigued to find out that some tests were performed to see how long it took for a Windows XP computer to be infected/compromised by a worm or virus or other malicious software once it was placed on the public Internet. Their tests showed that it took an average of four minutes from the time the computer was placed on the public internet until the system was compromised!

Now, there are a few things to realize about this Windows XP computer:

1. The computer had Windows XP installed with none of the security patches available for it
2. The computer was fully exposed to the Internet. No hardware or software firewall was running

If you read the interesting post by Lorna Hutcheson over at the Internet Storm Center, the project appears to have been first conceived to see if you could reasonably expect to “patch” (download the latest updates) your Windows XP install in less time than it would take for that same computer to be infected once it was placed out on the public internet.

In Lorna’s own words: “…placing an unpatched Windows computer directly onto the Internet in the hope that it downloads the patches faster than it gets exploited are odds that you wouldn’t bet on in Vegas.”

This, of course, has tremendous implications to the readers of MyComputerPaladin.com.

First, GET A HARDWARE FIREWALL! The Paladin has mentioned this before. For a rather small sum of money you can control access to your computer via the internet (and by this, what is meant is that you can control what programs can contact your computer “over the wire.” Physical access to your computer, meaning someone walking into the room where your computer resides, is another matter entirely…).

Second, STAY UP TO DATE ON YOUR SOFTWARE UPDATES! Especially the updates for your operating system.

Also, when you buy a new computer, or if you re-install the operating system for some reason on your existing computer, it is imperative that your computer be protected behind a firewall (and the Paladin strongly encourages it to be a hardware firewall. A software firewall may need to be configured, and your computer can be compromised before you have the software firewall configured!) when you attach it to the internet to begin downloading the security patches. In addition, make sure that patching your software is the very first thing you do once you have your operating system installed/re-installed!