CERT=AE Coordination Center Before You Connect a New Computer to the Internet http://www.cert.org/tech_tips/before_you_plug_in.html This Tech Tip provides guidance for users connecting a new (or newly upgraded) computer to the Internet for the first time. It is intended for home users, students, small businesses, or any site with broadband (cable modem, DSL) or dial-up connectivity and limited Information Technology (IT) support. Although the information in this document may be applicable to users with formal IT support as well, organizational IT policies should be followed. The CERT/CC has composed this Tech Tip to address a growing risk to Internet users without dedicated IT support. In recent months, we have observed a trend toward exploitation of new or otherwise unprotected computers in increasingly shorter periods of time. This problem is exacerbated by a number of issues, including: Many computers' default configurations are insecure. New security vulnerabilities may have been discovered between the time the computer was built and configured by the manufacturer and the user setting up the computer for the first time. When upgrading software from commercially packaged media (e.g., CD-ROM, DVD-ROM), new vulnerabilities may have been discovered since the disc was manufactured. Attackers know the common broadband and dial-up IP address ranges, and scan them regularly. Numerous worms are already circulating on the Internet continuously scanning for new computers to exploit. As a result, the average time-to-exploitation on some networks for an unprotected computer is measured in minutes. This is especially true in the address ranges used by cable modem, DSL, and dial-up providers. Standard advice to home users has been to download and install software patches as soon as possible after connecting a new computer to the Internet. However, since the background intruder scanning activity is pervasive, it may not be possible for the user to complete the download and installation of software patches before the vulnerabilities they are trying to fix are exploited. This Tech Tip offers advice on how to protect computers before connecting them to the Internet so that users can complete the patching process without incident. ++ There is more on the web site. Mike ~ It is a good day if I learned something new. Editor MikesWhatsNews see a sample on my web page http://www3.telus.net/mikebike <http://www3.telus.net/mikebike/mikes_virus_page.htm> A Technical Support Alliance & OWTA Charter Member For a web-based membership management utility and information on list policies, please see http://nibec.com/24hoursupport/ To unsubscribe, send a blank email to 24hoursupport-request@xxxxxxxxxxxxx with "unsubscribe" (without quotes) in the subject.