w7 and xp , which services did you shut down?

Discussion in 'other software & services' started by mantra, Dec 5, 2011.

Thread Status:
Not open for further replies.
  1. mantra

    mantra Registered Member

    Joined:
    Jan 25, 2005
    Posts:
    5,124
    Hi

    I'm curious to know which services did you shut down (disable or set to manual) under windows 7 and xp (guess still alive)

    thanks
    cheers
     
  2. henryg

    henryg Registered Member

    Joined:
    Dec 13, 2005
    Posts:
    293
  3. mantra

    mantra Registered Member

    Joined:
    Jan 25, 2005
    Posts:
    5,124
  4. ruinebabine

    ruinebabine Registered Member

    Joined:
    Aug 6, 2007
    Posts:
    1,097
    Location:
    QC
  5. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    7,779
    I don't touch anything.... I believe that Win 7 will shut down unneeded services automatically as it sees fit, so not much need to mess with them.
     
  6. Rmus

    Rmus Exploit Analyst

    Joined:
    Mar 16, 2005
    Posts:
    3,943
    Location:
    California
    On WinXP, I haven't shut down any Services.

    ____________________________________
    If I don't tweak it, it won't break
     
  7. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    17,040

    Same here. Never know when it may break something, and then you have to dig for a long while to figure out what is going on. Just not worth it to me.

    Pete
     
  8. SweX

    SweX Registered Member

    Joined:
    Apr 21, 2007
    Posts:
    6,429
    Same here too.
     
  9. xxJackxx

    xxJackxx Registered Member

    Joined:
    Oct 23, 2008
    Posts:
    4,047
    Location:
    USA
    None. Service tweaking only has to potential to cause problems with no benefits.
     
  10. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    Well that's obviously not true lol

    I disabled the printer spooler since I never print with this computer.

    Disabled Remote Registry because it's silly.

    Disabled Windows Search.
    Disabled NetBIOS Helper
    Disabled Workstation
    Disabled Server
    Disabled Windows Event Log
    Disabled Computer Browser
    Disabled BitLocker Drive Encryption
    Disabled AxtiveX Installer
    Disabled Routing and Remote Access
    Disabled Net.TCP Port Sharing Service
     
  11. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    I don't see any reason for anyone to have Remote Registry turned on unless they are in a work environment that requires it.

    It's nothing but a nice gaping wide security hole.
     
  12. Boost

    Boost Registered Member

    Joined:
    Feb 2, 2007
    Posts:
    1,293
    None :thumb:
     
  13. Nanobot

    Nanobot Registered Member

    Joined:
    Jun 23, 2010
    Posts:
    237
    Location:
    Neo Tokyo
    W7

    Computer Browser
    Distributed Link Tracking Client
    Function Discovery Resource Publication
    HomeGroup Provider
    Media Center Extender Service
    Offline Files
    Server
    SSDP Discovery
    TCP/IP NetBIOS Helper
    UPnP Device Host
    Windows Media Player Network Sharing Service
    Remote Registry
    Print spooler
    NetTcpPortSharing

    From this tweaking guide
     
  14. Rmus

    Rmus Exploit Analyst

    Joined:
    Mar 16, 2005
    Posts:
    3,943
    Location:
    California
    How so?


    ----
    rich
     
  15. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    It's network access to system components and there's no real reason for a home user to need this.

    Fairly certain there have already been exploits in the past. Really, if I don't need a service I don't want it running.
     
  16. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    17,040

    Okay so exactly what benefit did you see to make it worth the bother?
     
  17. guest

    guest Guest

    I too disable every service that isn't needed. The speed of the system gets considerably faster and the landscape for new exploits is reduced (as proved by several "workarounds" for past vulnerabilities).

    I remember seeing an official Microsoft recommendation for doing things that way, just forgot where.
     
  18. Sully

    Sully Registered Member

    Joined:
    Dec 23, 2005
    Posts:
    3,719
    There are certainly gains to be made in tweaking services.

    Whether a new computer today will see those benefits can only be seen on a case by case basis. Older machines, like when XP first came out, were very easy to tell the difference, esp. considering they only had 256 or 512mb or ram back then.

    Some advantages of tweaking services do not lie only in hardware performance (general speed increases) but may come in the form of user likes/dislikes. Search services are one example, as are help service, which I always turn off because I despise the windows help system.

    Some people turn services off to close open ports, which could be a good thing, depending on many factors. If you were going to be in a foreign network, it is hard to argue that limiting your open ports is a bad thing.

    All in all though, most people (not necessarily meaning people who frequent places like this) don't understand what a service is, let alone how they have dependencies or how to solve problems when they have turned services off. They are best off to just leave things alone. But, on the other side of the coin, if you learn a bit about the services, they are not voodoo magic, but actually quite easy to manage. It just takes learning to understand which one does what so you can pinpoint problems. Since I have been messing with services since win2k, I know most of them well. Vista/7 introduced some learning for me, which I have not completely learned, but once you are familiar with services in general, it doesn't take long to figure out new ones really. The networking services in 7 being an exception to that IMO.

    The best examples of positive benefits of managing services are:

    Computer Browser service - on a windows network, one computer will be the browse master, which is what this service is about. If you have a server, say win2k, and a workstation, say win7, there is an election process to see who will be the browse master. Newer OS gets the call, which in this case would make the workstation the browse master. That is not what you want, so you would turn off the browse services and set it in the registry (or something of that nature, been years now since I messed with that, and it may have changed). Not much of a problem in a home network, but there are "browse elections" that take place, and back in the day, they could be problematic for reasons I have forgotten :(

    Server service - this service, when it is off, stops your shares from being shared. I usually turn it on manual (off) and only enable it when I want to share something. A very handy feature, as I can set my laptop up so that if I go somewhere and attach to a foreign network, my shares are not usable. If I desire to share something, a quick run command of "sc start lanmanworkstation" or "net start server" is all that is needed to get things going.

    Sul.
     
  19. PJC

    PJC Very Frequent Poster

    Joined:
    Feb 17, 2010
    Posts:
    2,959
    Location:
    Internet
    w7 and xp, which services did you shut down?

    Spot on! :thumb:
    After spending months in Tweaking (= Disabling/Enabling Services),
    I saw No substantial benefits...;)
     
  20. lodore

    lodore Registered Member

    Joined:
    Jun 22, 2006
    Posts:
    9,006
    I dont adjust any services. It has been stated many times that it isnt going to make a major difference and later on you may need the service and wonder why it isnt working and then have to do some uneeded trouble shooting. if your computer is running slow upgrading it is a much better option than adjusting services.
    Windows 7 has alot of the services on trigger start and stop anyway. Windows 8 will have even more services on trigger start and stop.

    @sully you dont need to adjust the last two services you listed on vista or 7. you simply mark the new found network as public and windows wont share your files.
     
  21. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    What bother? It takes like 30 seconds to do this.

    There's the potential security benefits - though I don't really worry to much about that. And I'll save a bit of RAM usage on startup.

    Multiple services that I've turned off have had exploits in the past. Network Registry and Computer Browser are the two that come to mind, print spooler as well actually.

    I don't need a single one of those services... ever. I just don't use my computer for those things. So I disable them and save myself 10MB of RAM or however much it is and my computer is now however much more secure.
     
  22. Sully

    Sully Registered Member

    Joined:
    Dec 23, 2005
    Posts:
    3,719
    I did not know that was the difference. Thats interesting. I have been used to keeping the server service on manual for so long, I had not paid attention.

    Thanks for that tip.

    Sul.
     
  23. CloneRanger

    CloneRanger Registered Member

    Joined:
    Jan 4, 2006
    Posts:
    4,833
    Touchy subject :D

    It's never done me any harm, & in FACT it can be Very beneficial to disable certain services you don't Actually need. Just a few for eg: if you don't need them.

    Remote Registry - Don't leave it open to possible abuse.

    Print Spooler - This has been a vector that a number of Rootkits used.

    Sure the above two examples still require you make some mistake & let something in, if you don't have common sense and/or good security in place. But still **** can/does happen sometimes !

    Here's mine on XP/SP2 Home

    serv.gif
     
  24. xxJackxx

    xxJackxx Registered Member

    Joined:
    Oct 23, 2008
    Posts:
    4,047
    Location:
    USA
    He doesn't know, he turned off the log. :D

    Despite "not needing" these services or freeing up an insignificant amount of RAM or closing a security hole that will never ever get exploited anyway there is nothing to be gained here. I ran several test on this a couple of years ago and any benchmark you can run on a system gets the same score or lower with services disabled.

    Bottom line as far as I am concerned if you want more RAM buy more RAM. If you want a faster machine buy a faster machine. Service tweakers are the guys that end up starting threads with "my this or that doesn't work" because they forgot they disabled something they thought they didn't need. We had a guy that tried this on one of our web servers here. He though he was speeding it up. Took me half a day to get it to serve web pages again. He is gone now.

    To each his own, it is your machine but I hope any onlookers aren't caught up in the idea that it will make their machine perform significantly better by tweaking services, especially if they don't know what those services do.
     
  25. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    lol "If you want a faster machine don't turn off useless utilities, spend money!"

    Nice.

    I also like the "not needing" in quotes. I understand each one of the services I've disabled. I understand their dependencies and what they do and do not do.

    Is tweaking dangerous? Yes, if someone who doesn't know what they're doing just follows some random guide on an internet they are very likely to run into issues.

    Otherwise, if the person understand each services, there's no reason they shouldn't turn off the useless ones.

    Reducing attack surface is basically security 101. In CompTIA classes one of the first things you'll learn (I suppose this depends on the instructor) is that if you don't need a service you need to stop that service. This goes double (or triple!) for servers.

    http://www.commonexploits.com/?p=168
    http://technet.microsoft.com/en-us/security/bulletin/MS10-061
    http://technet.microsoft.com/en-us/security/bulletin/ms08-067
    http://technet.microsoft.com/en-us/security/bulletin/ms00-040


    So you enjoy needlessly using an extra 20-30MB of RAM and having known exploitable code running. I'll enjoy having that 20-30MB of RAM used for caching and having a reduced attack surface.

    Like you said, to each their own.
     
Loading...
Thread Status:
Not open for further replies.