Hacker
Professional
- Messages
- 1,044
- Reaction score
- 804
- Points
- 113
List of services that are most often exposed to external attacks and that are best disabled:
Remote Registry (RemoteRegistry) - allows remote users to change the registry settings on your computer; if you stop this service, the registry can only be changed by local users working on the computer.
Terminal Services - designed for remote connection to your machine over the network with the ability to manage it. It allows multiple users to interactively connect to a computer and displays the desktop and applications on remote computers.
Discovery Service SSDP (SSDPSRV) - Enables detection of UPnP devices on the home network. UPnP, or Universal Plug and Play, is a universal automatic configuration and connection of network devices to each other, as a result of which the network (for example, home) can become accessible to more people.
Messaging service (Messenger) - The service sends administrative alerts to selected users and computers. In the absence of a network (and, accordingly, an administrator), it is absolutely useless. Disable it to prevent net send messages to hide your computer from automated spam mailings.
Task Scheduler (Shedule) - allows you to set up a schedule for automatic task execution on your computer. Automatically launches various applications, programs, scripts, and the backup function at the time you plan. In addition, the vulnerability of this service is used by some viruses for autoloading. But you should know that some antivirus programs, such as Symantec or McAfee, use this service to update at certain times and perform scheduled system scans. So in this case, you should not disable the task scheduler.
Telnet - allows a remote user to log in and run programs, supports various TCP / IP Telnet clients, including computers running UNIX and Windows operating systems. If this service is stopped, the remote user will not be able to run programs.
NetMeeting Remote Desktop Sharing (mnmsrvc) - allows verified users to access the Windows desktop via the corporate intranet using NetMeeting.
Remote Desktop Help Session Manager - Manages the capabilities of the Remote Assistant.
Computer browser - translate manually if you don't have a local network.
Automatic Remote Access Connection Manager - disable it.
Distributed Transaction Coordinator - disable.
NetBIOS support module - disable it.
Configuring the remote desktop server - disable it.
Windows Image Upload Service (WIA) - if you have a scanner or digital camera connected to your computer, then do not touch anything, if not, then disable it
Bluetooth support service - if we don't use the tooth, then disable it.
Windows Remote Management Service - disable it.
Remote Desktop Service - disable it.
Smartcard - disable it.
Fax - if we don't use it, we also disable it.
IF YOU DON'T KNOW WHERE THESE SERVICES ARE LOCATED:
Start => Run =>> write the following on the command line: services. msc =>>> click OK
or
Control Panel => System and Security = > > Administration = > > > Services
There is also a list of services that "slow down" the operation of Windows:
Automatic update - enables downloading and installing Windows updates). If you don't use this service, disable it.
Secondary login - allows you to run processes on behalf of another user. If there is only your account in the system (not counting the administrator account), you can also disable it.
Print Spooler - responsible for processing, scheduling, and distributing documents intended for printing. If you don't have a printer, disable it.
Help and Support - if you don't use the Windows Help menu, disable it.
Computer Browser - maintains a list of computers on the network and provides it to programs on request. If you don't have a local network, then disable this service.
Uninterruptible Power Supply - If you don't have an uninterruptible power supply, you can disable this service as well.
I hope you had some useful information )
Remote Registry (RemoteRegistry) - allows remote users to change the registry settings on your computer; if you stop this service, the registry can only be changed by local users working on the computer.
Terminal Services - designed for remote connection to your machine over the network with the ability to manage it. It allows multiple users to interactively connect to a computer and displays the desktop and applications on remote computers.
Discovery Service SSDP (SSDPSRV) - Enables detection of UPnP devices on the home network. UPnP, or Universal Plug and Play, is a universal automatic configuration and connection of network devices to each other, as a result of which the network (for example, home) can become accessible to more people.
Messaging service (Messenger) - The service sends administrative alerts to selected users and computers. In the absence of a network (and, accordingly, an administrator), it is absolutely useless. Disable it to prevent net send messages to hide your computer from automated spam mailings.
Task Scheduler (Shedule) - allows you to set up a schedule for automatic task execution on your computer. Automatically launches various applications, programs, scripts, and the backup function at the time you plan. In addition, the vulnerability of this service is used by some viruses for autoloading. But you should know that some antivirus programs, such as Symantec or McAfee, use this service to update at certain times and perform scheduled system scans. So in this case, you should not disable the task scheduler.
Telnet - allows a remote user to log in and run programs, supports various TCP / IP Telnet clients, including computers running UNIX and Windows operating systems. If this service is stopped, the remote user will not be able to run programs.
NetMeeting Remote Desktop Sharing (mnmsrvc) - allows verified users to access the Windows desktop via the corporate intranet using NetMeeting.
Remote Desktop Help Session Manager - Manages the capabilities of the Remote Assistant.
Computer browser - translate manually if you don't have a local network.
Automatic Remote Access Connection Manager - disable it.
Distributed Transaction Coordinator - disable.
NetBIOS support module - disable it.
Configuring the remote desktop server - disable it.
Windows Image Upload Service (WIA) - if you have a scanner or digital camera connected to your computer, then do not touch anything, if not, then disable it
Bluetooth support service - if we don't use the tooth, then disable it.
Windows Remote Management Service - disable it.
Remote Desktop Service - disable it.
Smartcard - disable it.
Fax - if we don't use it, we also disable it.
IF YOU DON'T KNOW WHERE THESE SERVICES ARE LOCATED:
Start => Run =>> write the following on the command line: services. msc =>>> click OK
or
Control Panel => System and Security = > > Administration = > > > Services
There is also a list of services that "slow down" the operation of Windows:
Automatic update - enables downloading and installing Windows updates). If you don't use this service, disable it.
Secondary login - allows you to run processes on behalf of another user. If there is only your account in the system (not counting the administrator account), you can also disable it.
Print Spooler - responsible for processing, scheduling, and distributing documents intended for printing. If you don't have a printer, disable it.
Help and Support - if you don't use the Windows Help menu, disable it.
Computer Browser - maintains a list of computers on the network and provides it to programs on request. If you don't have a local network, then disable this service.
Uninterruptible Power Supply - If you don't have an uninterruptible power supply, you can disable this service as well.
I hope you had some useful information )
