Top ten services that must be banned in Windows

1.NetMeeting Remote Desktop Sharing: Allows authorized users to access each other on the network via NetMeeting. This service is not very useful for most individual users, and the opening of the service also poses a security issue because it sends the user name in clear text to the client connecting it, and the hacker's sniffer program can easily detect the account information.





2.Universal Plug and Play Device Host: This service provides support for Universal plug-and-hold devices.　　 There is a security vulnerability to this service, and the computer running the service is vulnerable to attack.





An attacker who sends a bogus UDP packet to a network with multiple win XP systems could cause these win XP hosts to attack the specified host (DDoS).　　 In addition, if you send a UDP packet to the system 1900 port, so that the address of the "Location" field points to the Chargen port of another system, it can cause the system to fall into a dead loop, consuming all of the system's resources (which need to be manually turned on when you install the hardware).





3.Messenger: Commonly known as Messenger service, computer users can use it for data exchange within a local area network (transmission of net send and Alerter service messages between client and server, this service is not related to Windowsmessenger.) If the service is stopped, the Alerter message will not be transmitted. This is a dangerous and annoying service, the Messenger service is basically used in enterprise network management, but spam and spam advertising vendors, also often use the service to publish pop-up ads, titled "Messenger Service."　　 And the service is vulnerable, msblast and slammer viruses are used for rapid transmission.





4.Performance Logs and Alerts: Collects performance data for a local or remote computer based on preconfigured schedule parameters, and then writes this data to the log or triggers an alert.　　 To prevent data from being searched by remote computers, it is strongly prohibited.





5.Terminal Services: Allows multiple users to connect and control a single machine, and display desktops and applications on remote computers.　　 If you don't use Win XP's remote control feature, you can disable it.





6.Remote Registry: Enables remote users to modify registry settings on this computer.　　 The registry can be said to be the core of the system, the general user does not recommend their own changes, not to mention to allow others to remotely modify, so this service is extremely dangerous.





7.Fast User Switching Compatibility: Provides management for applications that require assistance under multiple users.　　 Windows XP allows for fast switching between multiple users on a single computer. But this feature has a loophole, when you click "Start → logout → fast switch", in the traditional login mode to repeatedly enter a user name to log in, the system will be considered to be brute force, and locked all the Non-administrator account.





This service can be disabled if it is not used frequently.　　 or cancel "Use Fast User Switching" in the control Panel → user account → change user logon or Logoff mode.





8.Telnet: Allows remote users to log on to this computer and run programs, and support a variety of tcp/iptelnet customers, including unix-based and Windows based computers. Another dangerous service, if launched, remote users can log in, access local programs, and even use it to modify your network settings such as Adslmodem.　　 Unless you are a network professional or the computer is not used as a server, you must prohibit it.





9.Remote Desktop Help session Manager: If this service is terminated, Remote Assistance will not be available.





10.tcp/ip NetBIOS Helper:netbios is often used for attack under win 9X, and can be disabled for users who do not need file and print sharing.





redundant services that can be banned in Windows XP for ordinary users, in addition to some of the more security-threatening system services that must be disabled, there are also services that can be banned according to their requirements:





1, Alerter: Notifies selected users and computers about system management-level alerts.　　 If you are not connected to a local area network and you do not need to administer alerts, you can disable it.





2. Indexing Service: Indexed content and properties of files on local and remote computers, providing quick access to files.　　 This service is not very useful to individual users.





3, Application Layer Gateway Service: Provides support for Third-party protocol plug-ins for Internet Connection Sharing and Internet connection firewalls. If you do not have a built-in firewall that enables Internet Connection Sharing or Windows XP, you can disable the service.





4, uninterruptible Power Supply: Manage uninterruptible power supplies connected to the computer, and users without UPS can be disabled.





5, Print Spooler: Loads the file into memory for later printing. If you do not have a printer installed, you can disable it.





6, Smart card: Manages computer read access to smart cards. Is basically not used, can be disabled.





7, SSDP Discovery Service: Start the UPnP device discovery on the home network automatically.　　 There are not many devices with UPnP, for us this service is useless.





8, Automatic Updates: Update patches automatically from the Windows Update network.　　 Use the WindowsUpdate function to upgrade, the speed is too slow, we recommend that you download the patch to the local hard drive through the multi-threaded download tool, and then upgrade.





9., Clipbook: Enables the Clipboard Viewer to store information and share it with remote computers.　 If you do not want to share information with a remote computer, you can disable it.





10, Imapi cd-burning Com Service: Using IMAPI to manage Cd recordings, although this feature is built into Win XP, most of us choose professional burn software, and if you don't have a burner installed, you can disable the service.





11, Workstation: Create and maintain a client network connection to a remote service. If the service is stopped, these connections will not be available.





12, Error Reporting Service: When services and applications run in a non-standard environment, bug reporting is allowed.　　 If you are not a professional, this error report is of no use to you.





then there are several services for ordinary users also have no effect, you can decide their own choice, such as: Routing and Remote Access, Net Logon, network DDE and network DDEDSDM.