What is your attack surface?

With security there are three diensions determing the security riks:
a) User behavior
b) Security software in place
c) Software used (needed to be defended by B).

We already have a thread on B, curious what C is at Wilders. I have a straight forward install (only office 2007 + HitmanPro + CCleaner). For reference let's use HitmanPro's report on scanned objects, mine is just over 700.000 total objects with less than 6.000 files objects (see Pic), what is yours?

 

The list of my non-security related software: Chrome, Firefox, Utorrent, Google Talk, Skype, FeedDemon, Office 2010, Foobar2000, KMPlayer, Foxit Reader, Movie Collector, Nero, Gimp 2, Daemon Tools Lite, Audacity, Total Commander.

Security related software is in my signature.

My HitmanPro report is in attachment.

 

your hard disk is 15% faster (scan time versus file objects scanned )

 

I didn't calculate that. I'm using SSD. What about you? SSD or HDD?

 

I would also add D) Settings to increase passive security like UAC at max, disabled services and default task scheduler entries and so on. I have no B, so I use only apps I trust, that are clean. I use CCleaner to turn off PC to clean temp and browser's cache to prevent anything bad in there from starting, if it manages to create startup entries.

 

I don't see where those scan results are of any use in identifying, isolating, or securing your attack surface.
The attack surface is the entry points of the PC. It includes but is not limited to:
1, any application or system component that can connect out from your PC.
2, any application or system component that can receive incoming connections.
3, any port or connection point to which another component can be attached.
4, any application or system component that opens, reads, edits, etc files or data originating from outside the PC.

 

I pretty much agree with this assessment. For the most part the "attack surfaces" are the specific applications or plugins/extensions the attackers are going after such as the web browser or Java and Flash plugins. I think what Windows_Security alludes to is more relevant with kernel exploits because now anything or everything installed on the system will potentially weaken it.

 

Total objects to beat:

 

Those are the most common targets. The services and applications that open ports are regular targets as are files that can contain scripts or active content (PDFs and document files). Even a common text file can be malicious if the file extension is changed, .txt to .bat for instance.
In theory, every component of the operating system and every part of all the applications installed on it can be exploited, IF the attacker can gain access to it. Access is gained through the attack surface. It doesn't matter if the kernel is made from peanut butter if the attacker can't get to it.

Most of those exploits rely on a non-hardened browser with normal permissions (everything enabled) and the usual amount of access to other apps and system components. Properly implemented content filtering will remove most of them.

 

Enabled scan for remnants, PUPs, and cookies.

Yup, that's why I adore lower ILs so much. Happily running a web browser with medium IL all the time is soooo 40s. Although it's not everything, limiting access to the system is very important IMO. I wish in the future Microsoft will make all user space apps to run inside a LUA box.

 

Yep, but that is not the ambition level of my question, just a rough educated guess (through the eye lashes or between thumb and index finger as we say in Holland).

 

Sampei Nihira, please tell me how you got your registry so small? (1/3 of the objects I have got with roughly same number of files scanned)

)

 

Maybe for the use of many software in portable version.

 

Thx, simple is usually smart