- Start | Run (type) "services.msc" (no quotes)
- Scroll down to "DNS Client", Right-click and select: Properties
- Click the drop-down arrow for "Startup type"
- Select: Manual, or Disabled (recommended) click Apply/Ok and restart. [more info]
DNS Client
Mô tả: Phân tích và cache tên Domain Name System (DNS) cho máy tính này. Nếu service này bị stopped, máy tính này sẽ không thể phân tích tên DNS và định vị Active Directory domain controllers. Nếu service này bị disabled, bất kỳ services nào phụ thuộc explicitly vào nó sẽ fail to start.
Fast User Switching Compatibility
Mô tả: Provides management for applications that require assistance in a multiple user environment.
How To: Determine what Services are running in Windows XP
When you bring up the Task Manager you'll see an entry for Services and the amount of memory consumed. However this one listing is actually all the Services combined into a single entry. As you can see I have them trimmed down to only the Services needed for this machine. To view the complete list:
From a command prompt: Start | Run (type) cmd (click Ok)
(type) tasklist /svc (press Enter)(XP Pro only)
You will see all the Services running in process.
To save the onscreen info:
- Right-click and select: Select All
- Right-click again and select: Mark
- Open Notepad and Paste the info
- File - Save As: tasklist.txt
or- (type) "tasklist /svc >tasklist.txt" (no quotes)
To Remove any unneeded running Processes
Log on as Administrator
Start | Settings | Control Panel | Administrative Tools | ServicesOnce completed, repeat the "tasklist /svc" method and compare.
If you use the "tasklist /svc >tasklist.txt" method, change the second output (to prevent overwriting the previous file) to: "tasklist /svc >tasklist1.txt" (no quotes) then compare. You can also view this info in System Information, however the text output loses the formatting and is almost unreadable.Note: to temporarily disable a Service while troubleshooting:
Start | Run (type) "msconfig" (no quotes)
Click on the Services tab, uncheck desired service. (for testing only!)
To display the Process Identifier in Task Manager
Right-click on the Taskbar, select: Task Manager
Click on the Processes tab, click View (up top)
Select: "Select Columns", and select: PID
(Process Identifier) from there you can also select any of the other options available.You can also sort the entries by clicking on the header in each section.
Note: Each time you remove or add a Service the PID for the Services.exe entry will change.
Protecting your Security and Privacy
On a stand-alone system you should disable or at least Stop and set to "Manual" the Remote Access services, unless you really have a need for these. This would include [example] TCP/IP NetBIOS Helper, Telnet, Routing and Remote Access, Remote Access Auto Connection Manager, QoS RSVP, Remote Registry, etc. The point to all this is that the amount of unneeded services running directly affects the amount of Ports open and exposes the user to unnecessary risks. This tends to leave your Firewall full of holes!
Even XP's Firewall (ICF) can achieve "Stealth" results [more info] After a while you'll notice all these things are tied together. If you're getting "Message Service" pop-ups it's usually because one or more of your Ports are open. [more info - on pop-ups] A great place to start is by testing your setup by running ShieldsUP [Internet port vulnerabilities]
Symantec Security Response encourages all users and administrators to adhere to the following basic security "best practices":
Turn off and remove unneeded services. By default, many operating systems install auxiliary services that are not critical, such as an FTP server, telnet, and a Web server. These services are avenues of attack. If they are removed, blended threats have less avenues of attack and you have fewer services to maintain through patch updates. The SANS Top 20 Internet Security Vulnerabilities
"These non essential services increase the exploit surface significantly."Microsoft TechNet - Threats and Countermeasures: Security Settings in Windows (XP)
"Therefore, you should disable or remove any unneeded services"
To avoid the above manual method
Sysinternals Freeware - Autoruns - this terrific utility can display and disable (if needed) [screenshot]
Safe XP allows users to quickly tweak various security and privacy related settings in XP.
This is a very useful little freeware utility! Compare the recommended Safe XP settings to the one's on Black Viper's site, then decide for yourself what is needed. [Screenshot]
How To: Generate a Printout of running Services
Run HijackThis | Config [button]
Select: "Include list of running processes in logfiles"
Click the "Misc Tools" [button]
Select: "List also minor sections", Select: "List empty sections"
Click "Generate Startuplist log" [button]
Open "Startuplist.txt" and scroll down to: "Enumerating Windows NT\2K\XP Services"
Use Netstat to Determine what Services are "Listening"
From a Command Prompt (type) "netstat -ano" (no quotes) To create a text file of this info - (type) "netstat -ano >autocon.txt" You can also use Sysinternals Freeware - TCPView to view a detailed listings
of all TCP and UDP endpoints on your system
Không có nhận xét nào:
Đăng nhận xét