How can the service security of vista system improve

Whether you use vista system or win xp system, you must always run the service item. Of course, the security of these service items is also crucial, so we are using the process. Don't forget to improve the security of these services, how to improve it? Let's take a look.

1. SCM is responsible for managing services

Services are programs managed by the Service Control Administrator (SCM), which establishes a database containing all installed services while managing each one. The status of the service. Various services usually start automatically when Windows starts, which makes it easy for attackers to attack.

2. The higher the privilege is equal to the higher the security risk

In the previous version of the Windows operating system, most of the services were executed under the local system account with the highest privilege. This means that if the service is compromised, the attacker can cause serious damage to the system because they can manipulate almost all the data in the computer.

3. Vista and Longhorn Server use minimal permissions to execute services

To reduce the risk of being attacked, any permissions that are not needed by the service are cleared. In Vista and Longhorn, many of the services that were performed using local system administrative privileges have now been run with accounts with lower privileges, such as NetworkService or LocalService, and all services are run with the least possible privileges.

4. Vista uses "Isolation" technology to protect services

The isolation technology includes a technique called "session isolation" that prevents users from using the technology. The program is executed in session 0 (this is the first session established when windows starts). Only system services and other applications that are not related to the user process can be executed in this session. This prevents system services from being affected by other applications.

5. Vista generates a Security Identifier (SID) for each system service.

Provide a security identity for each service to differentiate services from each other and allow the operating system to serve Apply windows access control mode. The so-called windows access control mode is to restrict the access rights of users and user groups to restrict different access rights for each different service.

6. In Vista, access control lists (ACLs) can be applied to services

ACLs are a set of access control entries (ACEs). Resources on the network contain a security description of the ACL. The ACL specifies which account or device can access this resource.

7. Vista Network Firewall can create security policies for services

This policy is associated with the SID of the service, allowing you to control how the service accesses the network and prevent it from using the network in an impermissible manner. , such as sending data to the external network and so on. The Vista firewall is included in the service security hardening strategy.