My home servers get SLAMMED on a daily basis by a whole wonderful plethora of bots. Most recently has been Muieblackcat. Going on the whole salary analogy: I'd make my current salary plus a bit if I had a penny for ever scan on the box in my living room. I keep the Ukrainian IP's off my blacklist just for fun. Nothing sensitive on the server, just my web playpen. I kind of hope that one of these exploits works one day so I can see where I've slipped up.
I vaguely recall that unpatched XP averages just a couple minutes on a network before being owned. If you didn't have the SP on a disc it was a race between the updates and the bots. That might have been old linux propaganda though.
Not propaganda, I saw a great example of this once bringing up a Windows system on a residential line shared with other apartments. Seconds after the box's "Hey, there, Windows Update, got something for me?", the network slowed to a crawl and our router's (rejected) incoming connection log grew hot and heavy. Would be lovely if the massive influx of attempted incoming connections were just eager WindowsUpdate systems, but unless Microsoft moved their infrastructure to China and Romania...
Anyway, there's a reason to travel with your own locked-down router and to never connect through anyone else's connection directly, especially if you're running Windows. Even that's not foolproof, but at least you've got an Angry Bouncer protecting the Windows Club. Windows Update connections totally feel like spotlights and booming bass.
It was certainly true at large LAN parties. I had to reinstall Windows at QuakeCon one year, and it was nearly impossible to win the race against the malware floating around the network. Putting your computer on the same LAN as 3000 gamers (most of whom download a lot of warez) isn't exactly the same as connecting your computer to the internet through a firewall, so I'm not sure if my experience at QuakeCon generalizes to a typical PC setup.
Without SP2 installed, I had multiple systems infected before I had a chance for the service pack to finish installing. I eventually had to order it on CD from Microsoft.
I'm guessing that Windows Firewall (included in SP2) buys you some time, but I can't see unpatched system lasting very long.
When I showed up for my first day of work 8 years ago, a newly installed WinXP system awaited me. I had to patch the system that morning because it had been powered on and connected to the network for several days already.
My home servers get SLAMMED on a daily basis by a whole wonderful plethora of bots. Most recently has been Muieblackcat. Going on the whole salary analogy: I'd make my current salary plus a bit if I had a penny for ever scan on the box in my living room. I keep the Ukrainian IP's off my blacklist just for fun. Nothing sensitive on the server, just my web playpen. I kind of hope that one of these exploits works one day so I can see where I've slipped up.