The CERT/CC has composed this Tech Tip to address a growing risk to Internet users without dedicated IT support. In recent months, we have observed a trend toward exploitation of new or otherwise unprotected computers in increasingly shorter periods of time. This problem is exacerbated by a number of issues, including:
Many computers' default configurations are insecure.
New security vulnerabilities may have been discovered between the time the computer was built and configured by the manufacturer and the user setting up the computer for the first time.
When upgrading software from commercially packaged media (e.g., CD-ROM, DVD-ROM), new vulnerabilities may have been discovered since the disc was manufactured.
Attackers know the common broadband and dial-up IP address ranges, and scan them regularly.
Numerous worms are already circulating on the Internet continuously scanning for new computers to exploit.
As a result, the average time-to-exploitation on some networks for an unprotected computer is measured in minutes. This is especially true in the address ranges used by cable modem, DSL, and dial-up providers.http://www.cert.org/tech_tips/before_you_plug_in.html
Critique, please. Thanks.