The BBC's Honeypot PC 344
Alex Pontin writes, "This article from the BBC shows how vulnerable XP Home really is. Using a highly protected XP Pro machine running VMWare, the BBC hosted an unprotected XP Home system to simulate what an 'average' home PC faces when connected to the internet." From the article: "Seven hours of attacks: 36 warnings that pop-up via Windows Messenger. 11 separate visits by Blaster worm. 3 separate attacks by Slammer worm. 1 attack aimed at Microsoft IIS Server. 2-3 "port scans" seeking weak spots in Windows software." The machine was attacked within seconds of being connected to the Internet, and at no time did more than 15 minutes elapse between attacks.
Well Duh! (Score:3, Insightful)
Impressing (Score:5, Insightful)
I set up a friend's new computer and installed a firewall, before attaching to to internet for the first time and he was stunned how fast the log of probes filled up. He'd never used a firewall before on his old XP machine.
What bugs me is why there doesn't seem to be any decent coordinated effort to track the bots down and shut them down and to go after the perpetrators. Really, it doesn't seem that hard, it just seems like no government is interested in doing anything about it.
Re:And the moral of the story is. (Score:4, Insightful)
Re:Well Duh! (Score:4, Insightful)
It's still a HUGE problem. So, maybe it's a no-brainer for you, but it isn't for the average user.
Sorry but... (Score:3, Insightful)
So okay- a naked machine may have an issue but this is really a non-issue if you spend an extra 20 bucks for an inexpensive router with a built in firewall.
How vulnerable Windows XP really is? (Score:2, Insightful)
I like to bash MS as much as most people here, but this choice of words really misleading. True, never ever put an unpatched box un the Internet, especially if it's running some version of MS Windows, but this hasn't got that much to do with the security of an updated Windows installation.
Here at
Re:Well Duh! (Score:5, Insightful)
The thing they've tried to do here is to accurately simulate what the average home user will do, and see what the consequences would be.
It's like a 17 year old nude virgin visiting the octoberfest and expecting to come away 'unscathed', I give you that much. But anybody that buys one of those HP internet ready pc's with XP pre-installed that goes home and plugs in his / her machine is doing the exact same thing.
The instructions even tell you to connect all that stuff *before* switching on in simple-to-use IKEA style no words diagrams. Don't be too quick to judge the beeb, they're pretty good at what they do.
Re:And the moral of the story is. (Score:3, Insightful)
Re:better question... (Score:3, Insightful)
I do believe that the default should be for the MS firewall to be on after installation, that would have saved problems for MANY inexperienced users whose windows boxes ended up getting owned within minutes of them connecting them to the internet. The MS firewall definitely seems to be light, nimble, and does a decent job but for users like me who prefer to use a software firewall that is more customizable (I like Kerio Personal Firewall myself) I would hope that "ALWAYS ON" means by default and not that it can NEVER be turned off or disabled.
Duh (Score:2, Insightful)
Not just Windows (Score:5, Insightful)
The difference is with windows you will probably get hacked, with linux you at least have a fighting chance.
Re:Their 'unprotected'=flawed (Score:3, Insightful)
You're obviously confused by the definition of "average home PC". The "average" home PC user doesn't do jack shit other than put the CD in the drive and click OK a bunch. Do you honestly believe that an "average" PC user is installing their OS with the cable unplugged? Do you honestly belive that the first thing that goes through their head is "Windows Update and Firewall!" No, it's "myspace++, AOL Instant Messenger++, MSN Messenger, Yahoo! Messenger, oooh porno+++++++++++++, mmmmmm porno."
Give me a break.
where are all the attacks coming from .. (Score:5, Insightful)
"we installed an unprotected version of Windows XP Home configured like any domestic PC."
"made apparent by the fact that the system was vulnerable to viruses that came out over 3 years ago", not already in use
But these three year old attacks were still coming from other already infected machines on the Internet. Are all these infected machines running three year old software.
was Re:I have plenty of reasons to dislike Microsoft..
Re:I have plenty of reasons to dislike Microsoft.. (Score:3, Insightful)
During this time you might just leave it unsecured because that's what your addressing, you might be fully intending to get a good windows version of a firewall up and running, but think that you'll get the windows updates first. This is pretty realistic I think... So just how many viruses etc could you have before you can sort this out?
Also, I would say most people just don't update at all anyway... I know people who don't and then question what's going on. Seems like a fair test to me.
A Premium of Paying Vicitms (Score:4, Insightful)
Even if you're a master of Microsoft "anti-ware" solutions and tweaks, what happens when someone who isn't takes a few wrong turns with their OS? It's toast, or worse, enslaved and used as a resource the end-user is paying for.
I stopped using Microsoft operating systems to directly connect to the Internet nearly 10 years ago, when the sophistication of the exploits had developed to the point where it was no longer safe to use any Microsoft OS online. Since then it really hasn't gotten much better, has it?
I think it's a shame that the company with the fattest pockets can't be bothered to get it right yet still demands to be on every PC made.
Re:Their 'unprotected'=flawed (Score:3, Insightful)
What part of "The machine was attacked within seconds of being connected to the Internet," did you not understand?
How quickly can you apply the latest service pack and all the patches to your fresh installation of Windows?
Over 2 years ago, I was hearing from several people that experienced exactly that... They were incredibly frustrated that their freshly-installed systems were being compromised before they could even download a software firewall, or install necessary patches. It's unbelivable what a horrible situation Windows home users are in. Without a hardware firewall, they don't even get a CHANCE to secure their systems before someone else takes over.
RTFA (Score:1, Insightful)
Indeed, AC (Score:5, Insightful)
The point is that they are too late - they're perfectly likely to get hit before update can protect them, and perfectly likely to get hit with something as bad as what they had before.
This really is a problem.
Re:Indeed, AC (Score:4, Insightful)
where are all the attacks coming from .. (Score:3, Insightful)
The point is thet the Internet is infested with compromised Windows boxen. Ok, where are all the compromized Linux web servers. Assuming they are running Apache under Linux. According to Netcraft [netcraft.com] Apache usage is at roughly 980,00,000 while IIS is at 490,00,000. Why don't we see an equivalent number of compromised Linux servers.
Yet another mod troll
was Re:Duh (Score:5, Interesting)
Re:Well Duh! (Score:2, Insightful)
Seriously, it's really up to us in the know to help our friends and family who aren't.
Re:Well Duh! (Score:3, Insightful)
But honestly, I highly doubt many of the buyers of consumer grade hardware have a clue, and frankly I don't think they should have, it should just work.
Another major issue is people that revert to their original 'rescue' or 'recover' cd while still having the network plugged in. That's another potential source of lots of trouble. Older compaqs and some Toshiba machines had a recovery partition on the HD or a CD which essentially restored the machine to off-factory condition. No handy 'you've registered your product so we'll send you an upgrade to your os in the mail' policy, that would cost $.
Re:better question... (Score:3, Insightful)
Sure, the user could turn it off, but-- guess what?-- it's THEIR COMPUTER. You can turn off the firewall on your Linux or OS X machine, also. That said, Windows XP SP2 will make your life a pain in the ass if you do run it with no firewall. There are constant system tray messages reading "your system is at risk."
Microsoft could prohibit people from turning off the software firewall at all, and THEN imagine the teeth-grinding on Slashdot! "Microsoft is controlling the computer I bought! From mom's basement I STAB AT THEE!!"
Could people please learn a teeny bit about Windows before posting crud like this? How about intelligently considering issues like this instead of always making them into a lose-lose for Microsoft? They're doing all they can to secure the system. Microsoft has NO control over what people install on their own computers, nor do they have any control over what the computer maker puts on them.
Re:Well Duh! (Score:3, Insightful)