DATA CENTERS AND INFRASTRUCTURE FOR THE MIDMARKET
Locking down services on XP client workstations
Jonathan Hassell
09.20.2005
Rating: --- (out of 5)
This tip originally appeared on SearchWindowsSecurity.com, a sister site of SearchSMB.com.
One of the easiest ways for crackers to exploit holes in your system is through open services. And lately, viruses have been masquerading as services listed in the Task Manager, making them harder to detect, clean and prevent. When you audit and close unused services, in addition to security benefits, you receive performance enhancement because stagnant programs aren't taking up available resources. Besides, a full security audit of your service can reveal some interesting details about your machine.
Windows XP comes with only two services that require open access to an external interface for normal operation: Terminal Services, or Remote Desktop Connection, and the Remote Access Service for answering dial-in calls.
Follow these instructions to manage services on your computer:
The following services ship with Windows XP. The list is not complete, but it includes the recommended state that each service shown should be in on your computer, assuming normal office functions are performed on the machine. On this list you'll see the name of the service, followed by a short description and my recommendation regarding the st
To continue reading for free, register below or login
To read more you must become a member of SearchCIO-Midmarket.com
ate of the service.
As you can see from the list, you don't need very much to keep your Windows XP installation functioning, at least in a nondomain environment. Most of the enabled services just pose an unfavorable security risk compared to the reward, bring little or no benefit, consume resources and can be safely turned off.
While disabling unnecessary services is an excellent and fundamental step to hardening Windows, there are some other necessary items to accomplish to further secure the services that remain and any services that you may add in the future.
Peruse the following list of best practices and consider implementing them.
About the author: Jonathan Hassell is author of Hardening Windows (Apress LP), and is a SearchWindowsSecurity.com site expert. Hassell is a systems administrator and IT consultant residing in Raleigh, N.C., who has extensive experience in networking technologies and Internet connectivity. He runs his own Web-hosting business, Enable Hosting. His previous book RADIUS (O'Reilly & Associates), is a guide to the RADIUS authentication protocol and offers suggestions for implementing RADIUS and overall network security. Ask Hassell a hardening Windows question today.
|
|
|
|
|
|
