[CentOS] what percent of time are there unpatched exploits against default config?

[Craig White]

On Dec 30, 2011, at 8:24 AM, Lamar Owen wrote:

> On Tuesday, December 27, 2011 10:13:12 PM Bennett Haselton wrote:
>> Roughly what percent of the time is there such an unpatched exploit in the
>> wild, so that the machine can be hacked by someone keeping up with the
>> exploits?  
> 
> While I did reply elsewhere in the thread, I want to address this specifically.
> 
> I can give you a percentage number very easily.  The answer is 100%.  There is always an unpatched exploit in the wild; just because it's not been found by the upstream vendor (and by extension the CentOS project) doesn't mean it's not being used in the wild.  I would hazard to say the risk from an unknown, but used, exploit is far greater than the 'window of opportunity' exploits you seem to be targeting.
> 
> I would also hazard to say that it would be similar in risk to 'window of opportunity' exploit timing in the Windows world; not because the OS's are similar in terms of security but because 'window of opportunity' exploit timing is the same regardless of the general security of the OS.  And I think studies of 'window of opportunity' exploits have been done and are publicly available.
> 
> I say this after having performing a risk assessment of our infrastructure myself, incidentally. It's not a matter of 'if' you will be hacked, but 'when,' and this is being acknowledged in high-level security circles.
> 
> So you plan your high-availability solution accordingly, and plan for outages due to security issues just like you'd plan for network or power outages.  This is becoming standard operating procedure in many places.
----
to reiterate my thoughts... I still don't understand the logic of the list indulging the OP's rampant speculation of various causes when his first action was to eliminate all possibility to find out what actually happened. 

An apt analogy is to find out that your horses have been stolen so you burn down the barn where they were kept, drag the ground to remove all evidence of footprints & tire tracks and then decide that you want to figure out how the thieves got in and made away with your horses.

Craig