In a recent Handler's Diary entry on the SANS Internet Storm Center website, Lorna Hutchison points out that the survival time for unpatched systems is currently around 4 minutes. In other words, if you connect an unpatched system to the Internet without a router or firewall, it will probably be infected in about 4 minutes.

Why are unpatched systems connected to the Internet? Ms. Hutchinson blames the pressure of wanting to get a new system online right away, versus waiting until it's been patched. Whether you work in a large enterprise, small business, or are the network guru to your own home's PCs, the pressure to connect it right now can be overwhelming.

Here's How to Fight Back

If you want to get working with a PC right away without turning it into a bulls-eye, here's what you can do.

1. Even if you have only one PC, consider installing a router between your cable or DSL modem and your PC. The network address translation (NAT) feature in any router will provide some security against threat probes.

2. Before opening the new PC, have updated anti-virus, anti-spyware, and firewall software ready to install. If you prefer downloadable versions to packaged versions, copy the installers to a CD, DVD, or flash drive so you can install them as soon as the PC is out of the box.

3. If you are reusing an older version of Windows XP (pre-SP3) or Windows Vista (pre-SP1), follow the instructions on our site for making a slipstream version that contains the newest service pack and updates, and install the slipstreamed version. By doing so, your PC will be close to current from day one.

4. Each month, a few days after Patch Tuesday, Microsoft provides an ISO CD or DVD image of the current month's security releases for Windows. If you are responsible for patching different editions of Windows, or editions in different languages, downloading this and burning it to a disc might be easier than rounding up individual security releases. The July 2008 image, for example, is available here (2).

5. Follow the configuration settings recommended in the SANS white paper Windows Vista: First Steps; similar steps can be performed with Windows XP.

Basically, you should try to have any new system as close to 100% current before you connect it to the Internet. As Ms. Hutcheson points out, the usual result of putting an unhardened system on the Internet is this: "more time was spent playing clean up from it than if it was just done right the first time."

How Do You Cope With Threats to New Systems?

Do you have some additional tips and tricks for getting new (or reloaded) systems back on the Internet without getting them germed up with spyware and trojans? Tell us about them in the comments section.

Graph courtesy Sans.org.