texasitalian
IS-IT--Management
any links I can zoom to? Any help is much appreciated!
Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations TouchToneTommy on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
securing XPP for home, which services to disable?
- Thread starter texasitalian
- Start date
- Status
My answer is to disable none of them. I have yet to be convinced of any significant performance or security benefits from disabling services.
However, there are many who swear by this approach.
The most widely quoted sites for discussion of services are:
Black Viper
Elder Geeks Guide to XP Services
However, there are many who swear by this approach.
The most widely quoted sites for discussion of services are:
Black Viper
Elder Geeks Guide to XP Services
- Thread starter
- #3
texasitalian
IS-IT--Management
thanks bcaster! Its just that I was over at governmentsecurity.org and found this article: there the auther "comsec" was underscoring the need to close the holes in your XP that are open by default. So I was wanting to turn off un-needed services but didn't want to disable a service that was used by the system.
Since I can't migrate to a Linux box, and have to use windows pcs on company network, I wanted to secure them as much as possible.
what's youre take?
Since I can't migrate to a Linux box, and have to use windows pcs on company network, I wanted to secure them as much as possible.
what's youre take?
Here is a short list, and as long a list as I would stomache:
. Disable IIS - Luckily, IIS in not installed by default in Windows XP. If you enabled it during your installation, and aren't using it you should disable it. If you are using IIS on your workstation, you need to take extra precautions to lock it down and stay on top of security vulnerabilities specific to web services.
. Netmeeting Remote Desktop Sharing
. Remote Desktop Help Session Manager - If you haven't disabled this via Group Policy already
. Remote Registry
. Routing & Remote Access - if your not dialing into your machine.
. SSDP Discovery Service - this disables the Universal PNP Service, which leaves TCP Port 5000 wide open.
Universal Plug and Play Device Host - This is designed to allow your computer to automatically connect to network-enabled appliances. Although there are no practical uses for this technology yet, several severe security flaws have already been discovered. Use the UnPlug and Pray utility from Gibson Research to disable "Universal Plug and Play". Gibson's web site has additional information about why this is necessary. . Telnet
Bill Castner
. Disable IIS - Luckily, IIS in not installed by default in Windows XP. If you enabled it during your installation, and aren't using it you should disable it. If you are using IIS on your workstation, you need to take extra precautions to lock it down and stay on top of security vulnerabilities specific to web services.
. Netmeeting Remote Desktop Sharing
. Remote Desktop Help Session Manager - If you haven't disabled this via Group Policy already
. Remote Registry
. Routing & Remote Access - if your not dialing into your machine.
. SSDP Discovery Service - this disables the Universal PNP Service, which leaves TCP Port 5000 wide open.
Universal Plug and Play Device Host - This is designed to allow your computer to automatically connect to network-enabled appliances. Although there are no practical uses for this technology yet, several severe security flaws have already been discovered. Use the UnPlug and Pray utility from Gibson Research to disable "Universal Plug and Play". Gibson's web site has additional information about why this is necessary. . Telnet
Bill Castner
- Thread starter
- #5
texasitalian
IS-IT--Management
Thanks bcaster! I appreciate the help!
- Status
Similar threads
