Craig White wrote: > On Sun, 2007-12-30 at 17:53 +0800, Ed Greshko wrote: >> Tim wrote: >>> On Sun, 2007-12-30 at 08:03 +0800, Ed Greshko wrote: >>>> It was more than a year ago when I attempted to install a Windows 2000 >>>> system directly connected to the internet. In fact, before the system >>>> was fully updated with security patches it had been compromised. I >>>> didn't time it, but it certainly was less than 30 minutes. >>> That happened to a friend of mine. It was something like four seconds >>> after connecting to his ISP he got infected, despite my warnings about >>> putting a firewall on first. He didn't think he'd need it, he had >>> anti-virus software installed, and thought nothing could happen that >>> quickly, despite my assurances to the contrary. >>> >>> To make matters worse, he couldn't remove the infection - his anti-virus >>> software didn't stop the infection, and wouldn't remove it. So he >>> reformatted and re-installed. An hour or so later he reconnected, and >>> got infected just the same way, and in just a few seconds, and couldn't >>> undo the damage (the virus was better at protecting itself than Windows >>> was). I nearly fell off the chair laughing at him. >> As a side note, the damage was irreversible here as well. Reformat, >> reinstall. Interesting exercise nonetheless. I'm not sure why anyone sane >> person would have done it a second time. :-) > ---- > Actually, anyone who has set up Windows 2003 Server in the last year has > noticed that this shouldn't happen anymore because the firewall is > automatic during initial setup phase and user is clearly aware that > during initial setup phase, this firewall remains until updates are all > installed or the user opts out. Let's give Microsoft a little credit > (not much, but a little). Just to reiterate, my experience was with Win2K.
