Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

A computer hasn\'t been connected to the internet for 2 weeks but has still been

ID: 659449 • Letter: A

Question

A computer hasn't been connected to the internet for 2 weeks but has still been used. It's running Windows 8 and various notices are complaining about virus definitions and updates not being current. What's the best thing to do once it is reconnected to the internet? Just let it sit and update itself? I remember in the past the blaster worm was so bad it would infect my computer on a clean install before the patches could be downloaded from Microsoft. Is there a way to block all traffic that doesn't come from Microsoft?

Explanation / Answer

In reading some of these answers, I wonder if some read the question: "A computer hasn't been connected to the internet for 2 weeks" as most answers are spouting "static IPs" or "if your computer is connected to the Internet." I would steer clear of these answers as it demonstrates that answers are simply being typed without a thought process.

On to the answer. So your computer hasn't been connected, and you seem to be worried that the moment you connect, something is immediately going to infect you. There are two approaches to solve this problem. The first is out of band updates, where you could either use a WSUS proxy server to download the updates, then get them from your server, or you could download them on your own. Same applies for antivirus.

As far as I can tell, and know of, there have been no "catastrophic" viruses or worms affecting Windows similar to Blaster, SoBig, and others. If you are that concerned, you could determine what the IP addresses are to the sites where you need to get updates from (Microsoft, and your AV vendor) then create a Windows based firewall rule to ONLY allow those sites, and block everything else. The issue with this is, CDN's (Akamai for example) where updates are not coming from your vendor, but a third party.

Another alternative solution (albeit long and cumbersome) is to place the machine on its own network, and monitor traffic to and from it with a sniffer (Wireshark, etc) otherwise, there is no reason to fear that turning that machine on will immediately trigger it to be "hacked" or "infected" or otherwise. That last sentence is based on the premise that the machine does not require a static address, and or, is using exploitable services (vulnerable http, pop3, etc).

There is a difference between vulnerabilities and exploits, and I have stated this before: "not every vulnerability is exploitable." The mere fact that you may have a vulnerable version of say Internet Explorer means little if all you are doing is connecting DIRECTLY to Microsoft for an update. Versus you steadily using the same IE for day to day web browsing.

Related Questions

A computer consulting firm presently has bids out cn three pro ects. Let A {awar
Question #2921331
A computer consulting firm presently has bids out on three projects. Let A i = {
Question #3207399
A computer consulting firm presently has bids out on three projects. Let A i = {
Question #3277473
A computer consulting firm presently has bids out on three projects. Let A i = {
Question #3304090
A computer consulting firm presently has bids out on three projects. Let A, = {a
Question #3073696
A computer consulting firm presently has bids out on three projects. Let A_1 = (
Question #3272160
A computer consulting firm presently has bids out on three projects. Let A_1 = (
Question #3298777
A computer consulting firm presently has bids out on three projects. Let A_1 = {
Question #3023427
Hire Me For All Your Tutoring Needs
Integrity-first tutoring: clear explanations, guidance, and feedback.
Drop an Email at
drjack9650@gmail.com
Chat Now And Get Quote

Navigate

Previous
A computer has three kinds of instructions. The CPI for type A instructions is 5
Next
A computer intrusion detection system (IDS) is designed to provide an alarm when

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.