But MOM! I wanna connect to the internet NOOOW
Pedro Bueno over at SANS ISC had some great advice to share. Something I have been preaching myself for quite a while.
During one of those past weekends I was installing and configuring some honeypots. I decided to try different Operating Systems to see which one would fit better for my needs.
As I already had a perfect NAT for one IP, nothing more natural that I already put the IP address on the OS during installation, right? Yep, WRONG! The reason is that if you install an internet facing OS (like my NAT was providing me), maybe there will be not enough time to apply the patches (even offline patches, from CDs or Pen Drivers).
So, my Tip of the Day, is for whatever OS that you are installing, if you can’t unplug physically the network, choose to not configure the NICs during installation. In this way, you will have enough time to check which Services will be running in your machine, and turn it down before someone explore your unpatched OS, because if you are installing a fresh OS, chances are that some applications/services are already outdated and you may be a victim of some bot of the day…