Disabling risk services for XP systems reduce vulnerability threats

In the XP system, the system will usually start a number of services by default, these services are basically useless, not only occupy the disk space, but also can cause system security problems, so users can disable some unnecessary services to ensure system security.

To view the service items that are being enabled

Take win XP For example, first you want to use the system administrator account or the user who has the administrator permission to log in, and then enter "cmd.exe" in "Run" to open the Command Line window, and then enter "net start" return, will show the system is running the service

In order to view the information of each service in more detail, we can open the Service Setup window by double-clicking on "Service" in "Start → control Panel → administrative Tools" or by entering "services.msc" directly in "Run"

Turn off, disable, and re-enable services

The service is divided into three types of startup:

1. Automatic: If some useless service is set to Automatic, it will be started with the machine, which will prolong the system boot time. Services that are typically closely related to the system must be set to Automatic.

2. Manual: It will only be activated when it is needed.

3. Disabled: Indicates that the service will no longer start, even when it is needed, and will not be started unless modified to the above two types.

If we want to close a running service, just select it and then select Stop in the right-click menu. But the next time you start the machine, it may also run automatically or manually.

If the service item is really useless, you can choose to disable the service. This service is completely disabled by selecting properties from the right-click menu and then selecting Disabled in the general → startup type list.

If you need to re-use it later, simply select "Automatic" or "manual" here, or you can start with the command line "net Start service name ", such as "net start Clipbook".

Services that must be banned

1.NetMeeting Remote Desktop Sharing: Allows authorized users to access each other on the network via NetMeeting. This service is not of much use to most individual users, and the opening of the service also poses a security problem, because the service sends the user name in clear text to the client connecting to it while surfing the internet, and the hacker's sniffer program can easily detect these account information.

2.Universal Plug and Play device Host: This service provides support for Universal Plug and Play devices. This service has a security vulnerability in which the computer running the service is vulnerable to attack. An attacker who sends a bogus UDP packet to a network with more than one win XP system may cause these win XP hosts to attack the specified host (DDoS). In addition, if a UDP packet is sent to the system 1900 port, the address of the "location" domain points to the Chargen port of the other system, it is possible to put the system into a dead loop, which consumes all the resources of the system (it needs to be opened manually when hardware is installed).

3.Messenger: Commonly known as the Messenger service, computer users can use it for data exchange within the LAN (transmission of net send and Alerter service messages between the client and server, regardless of the Windows Messenger service. Alerter messages are not transmitted if the service is stopped. This is a dangerous and annoying service, the Messenger service is basically used in the enterprise network management, but spam and junk advertising vendors, also often use the service to publish pop-up ads, titled "Messenger Service." And the service is flawed, and msblast and slammer viruses are used to spread quickly.

4.Terminal Services: Allows multiple users to connect and control a single machine, and displays desktops and applications on remote computers. If you do not use the remote control feature of Win XP, you can disable it.

5.Remote Registry: Enables remote users to modify registry settings on this computer. The registry can be said to be the core of the system, the general user is not recommended to change their own, let alone to allow others to modify the remote, so this service is extremely dangerous.

6.Fast User Switching Compatibility: Provides management for applications in need of assistance under multiple users. Windows XP allows for fast switching between multiple users on a single computer, but this feature has a vulnerability, when you click on the "start → logout → fast switching", in the traditional login mode repeatedly entered a user name to log in, the system will be considered a brute force, and lock all non-administrator accounts. If you do not use it frequently, you can disable the service. Or, in the control Panel → user account → change user logon or Logoff mode, cancel use Fast User Switching.

7.Telnet: Allow remote users to log on to this computer and run programs and support multiple TCP/IP Telnet clients, including UNIX and Windows-based computers. Another dangerous service, if started, remote users can log in, access local programs, and even can use it to modify your ADSL modem and other network settings. Unless you are a network professional or the computer is not used as a server, be sure to disable it.

8.Performance Logs and Alerts: Collects performance data from a local or remote computer based on preconfigured schedule parameters, and then writes this data to a log or triggers an alert. To prevent the remote computer from searching for data, it is strongly forbidden.

9.Remote Desktop help Session Manager: If this service is terminated, Remote Assistance will not be available.

10.TCP/IP NetBIOS Helper:netbios is often used for attacks under win 9X, which can be disabled for users who do not require file and print sharing.

Through the above-mentioned small part of the XP system of the various services, is not a better understanding of the system, and quickly start, the presence of dangerous loopholes in the service shutdown, to ensure that the XP system more secure.