Disable dangerous services for xp systems to reduce vulnerability threats

In xp systems, the system usually starts many services by default. These services are basically useless, which not only takes up disk space, but also may cause system security risks. Therefore, users Some unnecessary services can be disabled to ensure system security.

Viewing the service items being enabled

Take Win XP as an example. First, you should use the system administrator account or log in as a user with Administrator privileges, and then in “Run” Enter “cmd.exe”Open the command line window, and then enter “net start” After you press Enter, the system will be displayed.

In order to view the information of each service in more detail, we You can double-click "Services" in "Start → Control Panel & Rarr; Management Tools", or enter "Services.msc" in "Run" to open the Service Settings window

Close , prohibit and re-enable services

The service is divided into three types of startup:

1. Automatic: If some useless services are set to automatic, it will start with the random device, which will be extended System startup time. Services that are usually closely related to the system must be set to automatic.

2. Manual: It will only be started when it is needed.

3. Disabled: Indicates that this service will no longer be started, even if it is needed, it will not be started unless it is modified to the above two types.

If we want to close a running service, just select it and select “stop” from the context menu. But it may also run automatically or manually the next time you start the machine.

If the service is really useless, you can choose to disable the service. Select “Properties” from the context menu and select "Allow" in the "General →Startup Type" list. This service will be completely disabled.

If you need to restart it later, just select "Automatic" or "Manual" or you can start it by command line "net start ? service name?" “net start Clipbook”.

Services that must be banned

1.NetMeeting Remote Desktop Sharing: Allow authorized users to access each other on the network via NetMeeting. This service is not very useful for most individual users, and the opening of the service will also bring security problems, because the service will send the user name in clear text to the client connecting it, and the hacker's sniffing program is very These account information can be easily detected.

2.Universal Plug and Play Device Host: This service is for general plug-and-play devices. There is a security hole in this service, and computers running this service are vulnerable. An attacker who sends a fake UDP packet to a network with multiple Win XP systems may cause these Win XP hosts to attack the specified host (DDoS). In addition, if a UDP packet is sent to the system port 1900, and the address of the "Location" field is pointed to the charging port of another system, it may cause the system to enter an infinite loop, consuming all the resources of the system (required when installing hardware) Manually turned on).

3.Messenger: Commonly known as messenger service, computer users can use it for data exchange in the LAN (transfer Net Send and Alerter service messages between client and server, this service has nothing to do with Windows Messenger. If service Stop, Alerter messages will not be transmitted). This is a dangerous and annoying service. The Messenger service is basically used in enterprise network management, but spammers and spammers often use the service to post pop-up ads under the heading “Courier Service”. And this service has loopholes, and MSBlast and Slammer viruses use it for rapid propagation.

4.Terminal Services: Allows multiple users to connect and control one machine and display desktops and applications on remote computers. If you don't use Win XP's remote control feature, you can disable it.

5.Remote Registry: Enables remote users to modify the registry settings on this computer. The registry can be said to be the core content of the system. Generally, users do not recommend changing it themselves, let alone others to modify it remotely, so this service is extremely dangerous.

6.Fast User Switching Compatibility: Provides management for applications that need assistance under multiple users. Windows XP allows fast switching between multiple users on a single computer, but this feature has a vulnerability. When you click "Start →Logout & Rarr; Fast Switch", enter a user repeatedly in the traditional login mode. When the name is logged in, the system considers it to be brute force and locks all non-administrator accounts. If you don't use it often, you can disable it. Or cancel “Use Fast User Switching" in “Control Panel →User Account →Change User Login or Logout Mode”.

7. Telnet: Allows remote users to log in to this computer and run programs, and supports a variety of TCP/IP Telnet clients, including UNIX and Windows-based computers. Another dangerous service, if started, remote users can log in, access local programs, and even use it to modify network settings such as your ADSL Modem. Unless you are a network professional or your computer is not being used as a server, be sure to disable it.

8.Performance Logs And Alerts: Collect performance data from local or remote computers based on pre-configured schedule parameters, then write this data to a log or trigger an alert. In order to prevent data from being searched by remote computers, it is strictly prohibited.

9.Remote Desktop Help Session Manager: If this service is terminated, Remote Assistance will not be available.

10.TCP/IP NetBIOS Helper: NetBIOS is often used by people under Win 9X for attacks. For users who do not need file and print sharing, this can also be disabled.

Through the various services in the xp system introduced in the above small series, is it better to understand the system, and quickly close the service to close the dangerous vulnerabilities to ensure that the xp system is more secure.