PC survival time 'down to 20 minutes'

By Matt Loney, ZDNet UK
18 August 2004 08:19 AM
Tags: loney, microsoft teched, pc, sans, survival, time, average, patch
The time that an unpatched PC can survive connected to the Internet has dropped to an average of 20 minutes, down from 40 minutes in 2003.

According to the latest data from the Internet Storm Center at the US-based SANS Institute, which provides research and education on security issues, the historical trend is continuing its downward journey, and has now reached a point at which it does not provide enough time to download the very patches that would protect a system from malware.

SANS calculated the survival time of a PC using the average time between probes of an average target IP address from worms attempting to propagate for an average target IP address.

"If you are assuming that most of these reports are generated by worms that attempt to propagate, an unpatched system would be infected by such a probe," said the Institute in a statement. However, it said, the result is only an average, and times will vary widely from network to network.

"Some of our submitters subscribe to ISPs which block ports commonly used by worms," said the Institute.

"As a result, these submitters report a much longer 'survival time'. On the other hand, university networks and users of high speed Internet services are frequently targeted with additional scans from malware like bots. If you are connected to such a network, your 'survival time' will be much smaller."

The main issue, said SANS, is that the time to download critical patches now commonly exceeds this survival time. Part of the problem, say security experts, is IT's reliance on patch management..

Speaking at the recent Microsoft TechEd developer conference in Amsterdam, Microsoft Security consultant Fred Baumhardt said the day is likely to come when a virus or worm brings down everything.

"Nobody will have time to detect it. Nobody will have time to issue patches or virus definitions and get them out there. This shows that patch management is not the be all and end all."

Baumhardt drew an analogy with the human body catching the 'flu. "Imagine if your body said 'Hmm, I have the flu, I've never had this before, so I'll die.' But that doesn't happen: your body raises its temperature and so on, to buy time while other mechanisms kick in."

"If the human body did patch management the way IT does we'd all be dead."

ZDNet UK's Matt Loney reported from London. For more coverage from ZDNet UK, click here.

Advertisement

Print feature brought to you by Adobe

Talkback 5 comments

    I wonder what the time is for ...Anonymous -- 18/08/04

    I wonder what the time is for Linux PCs....

    I wonder how long it would tak ...Anonymous -- 18/08/04

    I wonder how long it would take for a windows machine, if they had the market share of Linux and consequently, the number of crackers searching for vulnerabilities. Security by obscurity is no measure of a system's potential vulnerability.

    Jason your market share " ...Anonymous -- 18/08/04

    Jason your market share "excuse" doesn't work.....

    If you look at web servers, over 65% use Apache. Microsoft IIS has about 30% from memory. Guess which one has the most security holes?

    Linux is more reliable than Windows, simply because you aren't logged in with Administrator privileges by default.

    The title should be "Wind ...Anonymous -- 19/08/04

    The title should be "Windows survival time...". Your title suggests that all PC operating systems are similar, which they are not. Linux, BSD, Mac systems should NOT be cast under undue suspicion based on a report into Windows.

    It's no excuse... It's a blind ...Anonymous -- 19/08/04

    It's no excuse... It's a blindingly obvious fact that should be apparent to anybody with half a brain. Your rebuttal of my assertion is a joke... This article wasn't referring to web servers! What sort of rediculous comparison is that?? This is obviously only relative to desktop machines, as no system admin with a brain would put an unpatched server onto the internet, regardless of the operating system. I await your next amusing attempt at explaining why the market share assertion is invalid.

Add your opinion

Latest Videos

Sponsored content

Power Centre - Content from our premier sponsors

Blogs

  • Suzanne Tindal Sick of broken tender sites
    Some of the state governments desperately need to invest in more user-friendly tender sites so that looking for information on government tenders doesn't have to be a game of blind man's bluff.
  • Array Cyberwar: What is it good for?
    In this week's episode, Cyberwar. What is Australia's place in the world of digital warfare? What are the implications for the NBN?
  • Array Is wholesale-only backhaul just a pipedream?
    The potential acquisition of Pipe Networks by SP Telemedia has raised the question about whether vertically integrated backhaul providers will mean higher wholesale prices for ISP customers.
  • More blogs »

Tags

  1. 490 articles are tagged with 3g
  2. 43 articles are tagged with afact
  3. 14 articles are tagged with anu
  4. 1279 articles are tagged with apple
  5. 83 articles are tagged with asic
  6. 141 articles are tagged with ato
  7. 1308 articles are tagged with broadband
  8. 14 articles are tagged with cenitex
  9. 671 articles are tagged with cio
  10. 254 articles are tagged with conroy
  11. 319 articles are tagged with court
  12. 47 articles are tagged with david thodey
  13. 156 articles are tagged with exchange
  14. 152 articles are tagged with firewall
  15. 1039 articles are tagged with government
  16. 790 articles are tagged with hp
  17. 1306 articles are tagged with ibm
  18. 224 articles are tagged with iinet
  19. 353 articles are tagged with iphone
  20. 289 articles are tagged with isp
  21. 7 articles are tagged with jodee rich
  22. 11 articles are tagged with kim carr
  23. 36 articles are tagged with michael malone
  24. 1484 articles are tagged with microsoft
  25. 36 articles are tagged with mike quigley
  26. 67 articles are tagged with minister
  27. 1127 articles are tagged with mobile
  28. 220 articles are tagged with national broadband network
  29. 400 articles are tagged with nbn
  30. 202 articles are tagged with new zealand
  31. 198 articles are tagged with nsw
  32. 61 articles are tagged with one.tel
  33. 930 articles are tagged with open source
  34. 885 articles are tagged with optus
  35. 16 articles are tagged with pdc
  36. 21 articles are tagged with pipe networks
  37. 173 articles are tagged with queensland
  38. 2653 articles are tagged with security
  39. 10 articles are tagged with sp telemedia
  40. 180 articles are tagged with stephen conroy
  41. 656 articles are tagged with sun
  42. 85 articles are tagged with supercomputer
  43. 177 articles are tagged with sydney
  44. 232 articles are tagged with telco
  45. 61 articles are tagged with telecom nz
  46. 2447 articles are tagged with telstra
  47. 140 articles are tagged with tender
  48. 32 articles are tagged with tpg
  49. 177 articles are tagged with victoria
  50. 79 articles are tagged with wholesale

Back to top

Featured