XP Services

[yellowpike]

GreetingsIn Scot's Newsletter Forum (as well as others ie microsoft.public.windowsxp.network_web)finding and solving problems involving settings in the Services Extension are often suggested and referred to.Here is a list of links, with the intention of assisting those seeking more information about the Services Extension. If you come across other links in your "travels", Please post them here.Description of System Services (Overview)http://www.microsoft.com/technet/treeview/...an/SvrXPSer.aspDefault settings for serviceshttp://www.microsoft.com/technet/treeview/...lt_settings.aspTo configure how a service is startedhttp://www.microsoft.com/technet/treeview/...ure_startup.aspTo start, stop, pause, resume, or restart a servicehttp://www.microsoft.com/technet/treeview/...art_service.aspServices And Security (A view from accross the "pond")Windows XP Home User Self-Defense Guide - Disabling unnecessary and potentially dangerous servicesPLEASE be careful here. I have implemented SOME of the recommendations found on this page (research,backup,and test)http://www.uksecurityonline.com/husdg/wind...bleservices.htmabove site is linked fromhttp://www.uksecurityonline.com/husdg/These links have really helped me get a better understanding of System Services and what they do.I hope they prove helpful to you as well.Best Wishes:yellowpike

[dryhumor]

Thanks for starting this list . I'll add these, (includes one duplicate of your UK Disable link):Black Viper - XP Service Configurations - http://www.blkviper.com/WinXP/servicecfg.htmDisable unnecessary & potentially dangerous services - UK Security Online - http://www.uksecurityonline.com/husdg/wind...bleservices.htmDisable unnecessary services - Is It True org - http://is-it-true.org/nt/utips/utips76.shtmlMS KB 314056 Description of Svchost in Win XP - http://support.microsoft.com/default.aspx?...b;en-us;Q314056Useless Startup Applications Database - Greatis RegRun - http://www.greatis.com/regrun3useless.htmXP Services Explained - XP Mania - http://www.pro-networks.org/XPMaNiA/services.shtmlXP Services List - Netfirms - http://camica.netfirms.com/services.htmXP Services Minimized - HSC Marchand - http://www.hsc.fr/ressources/breves/min_sr...res_win.en.htmlXP Services Tweak Guide - Techspot - http://www.techspot.com/tweaks/winxp_servi...ces/index.shtmlRegards,Dryhumor

[yellowpike]

Thanks dryhumor !Good Stuff. I guess the move to this group makes sense ?Keep in touch Holmes.....yellowpike @ lycos.com

[Guest ThunderRiver]

Great links I highly recommend Black Viper because it really provides you a nice list of services with suggestions like maybe you should turn it off...or leave it on.. quite useful if you want to tweak your system

[dryhumor]

Thanks for the thanks. I recently discovered this site, and will add it to my list:XP Services - David Lechnyr - Univ of Oregon - http://hr.uoregon.edu/davidrl/windowsxp.html

[dryhumor]

I think it would be beneficial to increase this thread with our lists of security settings for XP Services. They would serve both as guides, and for intermediate level learners like me who need constructive feedback on our lists. I'd rather keep it all in this thread, if possible, since it already has a generic title "XP Services." One-stop-shopping for XP Services: links, settings, and tools. Tools? List to follow, if the Mod thinks it's ok to expand this.XP Services Secure Settings - My Short List: NetMeeting Remote Desktop Sharing - Disabled Remote Access Auto Connection Manager - Disabled Remote Access Connection Manager - Disabled Remote Desktop Help Session Manager - Disabled Remote Procedure Call (RPC) Locator - Disabled SSDP Discovery Service - Disabled Terminal Services - Disabled Universal Plug and Play Device Host - Disabled WebClient - Disabled Windows Time - DisabledI put a red in front of secured services on my full list for easier identification.My Computer - Desktop, No LAN.Dell Dimension P-III 550; 512 MB RAM; 2 hard drives; multiple patrtitions.Win XP Home; all MS critical updates.Cox Cable; Linksys Modem; Linksys Router BEFSR41; DHCP.NIS 2003.

[Guest ThunderRiver]

You need Windows Time service to synchronize the clock time on the internet. I don't recommend people turning it off. You don't have to get time updates from Microsoft. Just go to www.ntp.org and they have a list of free time servers hosted by various number of universities and gov.Those remote services mentioned above are useful if you plan to have Remote Destop access and so on. Only turn them off if you absolutely have no use for them now and FUTURE.

[dryhumor]

Thanks, ThunderRiver. I have no current use for remote services. Some of the XP Services sites, and others, list Windows Time as a potential security vulnerability. Is it necessary to have my time synched, for my individual standalone setup?

[GolfProRM]

It's not "necessary" to have your time synchronized as it's purely for your benefit. Personally, I wish the other Windows OS's had this feature built in as my ME machine at work is constantly losing time (although sometimes it'll gain time too)... Had to install a 3rd party program to manage it.... Love that it's built into XP... Not a necessary feature, just handy

[Guest ThunderRiver]

You don't really have to synchronize it. It is just that every few weeks, a few seconds will go off..and then after a few months, a few minutes will go off. So it is up to you. It also depends on how much you rely on the PC. It only takes less than 1 minute to update itself anyway. People think it has vulnerability because it is getting updates from Microsoft. The time server I use is tick.mit.edu << always trust MIT :-p

[yellowpike]

And the "biggy"..... (dryhumor has it listed but note the bold text)SSDP Discovery Service - Used to locate UPnP devices on your home network. Used in conjunction with Universal Plug and Play Device Host, it detects and configures UPnP devices on your home network. For security reasons Disable this service. Please read the section in the guide on UPnP. Please note that even the FBI recommends disabling and preferably deinstalling this!! fromhttp://www.uksecurityonline.com/husdg/wind...bleservices.htmYa'll Rock Onyellowpike

[dryhumor]

Thanks, both of you. I just reset Win Time to Auto/Started. BTW, how do you setup "tick.mit.edu"? My choice is MS or Gov.Thanks, again.

[Guest ThunderRiver]

You double click on the time clock in the system tray. Go under "Internet Time" tab, select "time.windows.com" and enter tick.mit.eduClick update now. and from now on, it will always use tick.mit.edu to update time. Like I said, you don't have to use tick.mit.edu either. there are a lot of other free time servers listed in http://www.eecis.udel.edu/~mills/ntp/clock1a.htmlMake sure you choose the right server for your time zone. I don't know if they will synchronize your time according to its time zone or not.

[dryhumor]

Thanks, Yellowpike. Your UPnP reminder leads me into the first of my current, favorite utilities that have XP Services related features included:Unplug n' Pray - Steve Gibson's UPnP settings tool for the skittish tweaker:http://grc.com/UnPnP/UnPnP.htmProcess Explorer v6.01 - Among other things, it highlights services:http://www.sysinternals.com/ntw2k/freeware...e/procexp.shtmlStartup List v1.52.1 - "Lists all and every autostarting app on your system."http://www.lurkhere.com/~nicefiles/index.htmlXP-AntiSpy - "Enhance XP privacy." http://www.webattack.com/get/xpantispy.shtml"XP-AntiSpy is a small utility to quickly disable some built-in update and authentication features in WindowsXP that may rise security or privacy concerns in some people. For example, there is a service running in the background which is called Automatic Updates... that may sound useful to most people, but suspicious to others. You can disable all these features manually by going through your configuration, find the settings for each etc. However with XP-AntiSpy there is no need to do this, since it will show you all of them at once and let you choose which ones to disable. Not only will it save you a lot of time disabling them - it will also allow you to quickly re-enable them if you change your mind." XP-AntiSpy - Developer (Name Game) adds info in this thread at DSLR security forum:http://www.dslreports.com/forum/remark,700...ity,1~mode=flat

[yellowpike]

dryhumor,Running ad-aware 6.0 and Spybot S&D on my laptop now (still learning and tweaking both).Any issues between XP-AntiSpy and these ?yellowpike

[teacher]

It's not "necessary" to have your time synchronized as it's purely for your benefit.  Personally, I wish the other Windows OS's had this feature built in as my ME machine at work is constantly losing time (although sometimes it'll gain time too)...  Had to install a 3rd party program to manage it....  Love that it's built into XP...  Not a necessary feature, just handy

I ran a computer for a year with the wrong date on - just cleared the box for synchronizing the clock. It had no effect on the computer. Updates still came through when I wanted them. Some software, however, is tied into the calendar to determine if the copy is still legitimate.

[dryhumor]

Yellowpike, I've had no issues with anything, so far, from using XP-AntiSpy. All it does is change the settings, then you close it, and it goes away. I only changed the default settings as they came out of the box; and I had already manually disabled most of those, anyway. There were some that I didn't know for sure how to change manually, so I ran it. I mentioned it here, because it will automatically change some of the XP Services. It's a well known utility, and I'm sure one of the pros here will mention any problems they're aware of, if any.Rule of thumb #1: If you don't know what it is or does, then leave it alone! Rule of thumb #2: Back up your system (create a restore point or Image), before, and immediately after, making changes.Rule #3: Research, then, ask the experts, like we're finding here.I just now ran Spybot S&D with no problem. I wouldn't dork around with anything beyond the basic spyware scans with S&D or Ad-aware.I also use, with no adverse effects from my tweaks, these:NIS/NAVMRU-BlasterSpywareBlasterScript SentryK9MailWasher (free v1.32.9)dryhumor

[yellowpike]

dryhumor:Thanks for the info. I'll look into XP-AntiSpy.Your 3 rules of thumb are gospel. May I add a "corollary" (?)Never underestimate the "Duh" factor.....yellowpike

[snoepie]

I use XP-AntiSpy for about half a year now. It's a great way to easely block services. I've blocked out every service except "clear pagefile at shutdown" and "disable ZIP functionality". Once a month I temporary enable the "automatic update services" and the "timeservice", so only for a very short time my computer is vulnerable. It's also a great way of controlling the moment you want to download updates.

[FuzzButt]

Well I went to BlkViper's site and he has put together quite a list of services and descriptions of those sevices. Noe I think I shut off 10 services from his details. I left a few on that I might need and also set a few to automatic since I regularly use them. I think some of the lists and tweaks out there are a bit too paranoid. Security in general is getting a bit too much. Fred Langa's letter that came out the other day had link's to an IW article that he published talking about up to 1344 bit encryption technology. Well isn't this getting a bit out of hand? I think there is a point to where you have nearly disabled your entire PC just to be secure. Well before I get into a rant I'll stop this thought.Chris

[dryhumor]

Chris,You make a good point, and I'm not trying to encourage you to rant . It's getting even more difficult for intermediate's, like me, to determine what's basic, good enough, overkill, and problematic. I'd like to see someone ( who knows what they're doing ) start a topic on security settings; along the lines of the SUPER job Bruno is doing with "Tips for Linux starters", in the All things Linux forum. Maybe something that builds up, through the basic three levels:Newbie - Must set these.Intermediate - Set these, to tighten up; but know the effects, and how to work around them.IT Pro - Beyond me.By the way, would you mind sharing which 10 services you turned off?Thanks, Al

[FuzzButt]

Chris,You make a good point, and I'm not trying to encourage you to rant . By the way, would you mind sharing which 10 services you turned off?Thanks, Al

Al,While I don't remember exactly which ones they were. Some come disabled from the point of installation of XP Pro. Here is what I have.By the way for the notice of newbee's you can see the services in Windows 2000 or XP by going to "Start""Run" and typing "services.msc". There is a few ways to see them but this is the easiest. Most sites do not recommend turning them off with msconfig as this can cause issues beyond this post.I stopped these services if they were running then set them to "Disabled" from either the Manual or Automatic setting.Indexing Service (Not really used by most people. I disabled to free up resources)Messanger (The one that looks for network messaging from a network server not MSN Messenger)NetMeeting Remote Desktop Sharing (I don't use it so it should not be running)NVIDIA Driver Helper (Installed by the NVDIA's Display drivers and really not needed)Portable Media Serial Number Service (Basically helpful only if you have portable media)Remote Desktop Help Session Manager (Same as Netmeeting I don't use it it should not be running)Remote Registry (Ya I 'll let anyone remotely into my registry... NOT!)Smart Card (Manages Smart cards. I don't have any need for this)Smart Card helper (See above)SSDP Discovery Service (Part of the UPNP problem)Telnet (I don't use telnet and it is a security risk for it to be listening for connections)Universal Plug and Play Device Host (My Linksys Router is my only UPNP device and I can admin it myself)Wireless Zero Configuration (Helpful for WiFi if you have it. I prefer not broadcasting my network to anyone listening so I am all wired)WMI Performance Adapter (Not really needed)Now I must mention that I have not had any issues with this PC since changing these services. I have rebooted a few times and really don't see any preformance advantages except the PC is quicker to the point of runable after booting it (the total startup time from OFF to useable). Also very important. Turning off the wrong service can make your PC unusable. It will not boot if one of several services are set to disable. Please be careful if you change the settings. By the way I also run Norton Internet Security Professional w/ NAV and Ad-Aware 6. I will have to wait and see if the other security apps can be trusted before I use them on my PC.ChrisP.S. Is it just me or is someone else annoyed at Ad-Aware thinking that Cookies are bad. This site uses a cookie that I rather like to have left on my system.

[dryhumor]

Thanks, Chris.I have the same items, plus several others, disabled on my XP Home system. I think I disabled around 35 services. Been this way since last Dec, with no ill effects.I no longer use Ad-aware; just Spybot Search & Destroy, which has a setting for "single excludes". I don't recall if Ad-aware has one or not.Al

[GolfProRM]

With Ad-aware, if something is deemed "spyware" you can right click on it and add it to the ignore list... This works quite well for cookies that you want to keep.

[Guest LilBambi]

You can use the ignore list for Ad-aware for Eudora's ad-sponsored full version of their email program as well if you don't mind their ads and the fact that they use cydoor.

[ASMx4]

Terrific thread folks. Just an endorsement of the tips/service settings being posted here.Been running terminal/ftp server behind a befs41 for about a year with no security issues. (Linklogger shows the pounding the router gets everyday). Blkvipers EXCELLENT info, spybotsd/avg/tds and zonealarm to manage whats going OUT, help run a reasonably tight ship, even with those holes pokeing through.ps. don't forget to clean up after yourselves...NTRegopt.exeRegscrubXP

[Guest ThunderRiver]

It's not "necessary" to have your time synchronized as it's purely for your benefit.  Personally, I wish the other Windows OS's had this feature built in as my ME machine at work is constantly losing time (although sometimes it'll gain time too)...  Had to install a 3rd party program to manage it....  Love that it's built into XP...  Not a necessary feature, just handy

I ran a computer for a year with the wrong date on - just cleared the box for synchronizing the clock. It had no effect on the computer. Updates still came through when I wanted them. Some software, however, is tied into the calendar to determine if the copy is still legitimate.

Remember that it is a time synchronize, so even if you have a wrong date, chances are, it won't change it for you. It only update your time, so that it will stay accurate. You need to help it abit with date and year

[lestatlioncoeur]

I found an extremely helpful site for configuring services on Windows 2K, or XP Home, or XP Pro. Black Vipers SiteI think anyone interested in tweaking XP to run like a Hot Rod should download the services configuration file and print it out as a reference llc

[Guest ThunderRiver]

Thanks, but the link is already listed in earlier threads

[Prelude76]

You don't really have to synchronize it. It is just that every few weeks, a few seconds will go off..and then after a few months, a few minutes will go off. So it is up to you. It also depends on how much you rely on the PC. It only takes less than 1 minute to update itself anyway.

this is one of my biggest pet peeves about computers. we have multi gigahertz processors with 1 gig of memory and enough horsepower to run photo-like quality games, yet it cannot compare to a $10 CASIO when it comes to counting time. instead of coming up with ways to auto-update time, they should FIX the simple time issue at the processor level!i dont auto-update time. it saves me one XP service (windows time) and makes me shave my head in disgust as I manually set the time that always looses about 10 minutes each month. i wonder if at MIT (time update), they have millions of dollars of supercomputers all hooked into one Swiss-made wrist watch that keeps the cray-powered computers up to date?