w7 and xp , which services did you shut down?

Hi

I'm curious to know which services did you shut down (disable or set to manual) under windows 7 and xp (guess still alive)

thanks
cheers

 

Personally, I like to go with the Black Viper's advice. Under the "Popular Content".

http://www.blackviper.com/

 

i opened this thread here
https://www.wilderssecurity.com/forumdisplay.php?f=48

don't why in in the anti malware software

i know black viper
but i would like to share with the wilders security forum their setup

thanks

 

You could also have a look on this poll
https://www.wilderssecurity.com/showthread.php?t=308856

Myself (7x64), I like to use Win Club's SMART as a start and gradualy tweak its settings for my particular needs.

 

I don't touch anything.... I believe that Win 7 will shut down unneeded services automatically as it sees fit, so not much need to mess with them.

 

On WinXP, I haven't shut down any Services.

____________________________________
If I don't tweak it, it won't break

 

Same here too.

 

None. Service tweaking only has to potential to cause problems with no benefits.

 

Well that's obviously not true lol

I disabled the printer spooler since I never print with this computer.

Disabled Remote Registry because it's silly.

Disabled Windows Search.
Disabled NetBIOS Helper
Disabled Workstation
Disabled Server
Disabled Windows Event Log
Disabled Computer Browser
Disabled BitLocker Drive Encryption
Disabled AxtiveX Installer
Disabled Routing and Remote Access
Disabled Net.TCP Port Sharing Service

 

I don't see any reason for anyone to have Remote Registry turned on unless they are in a work environment that requires it.

It's nothing but a nice gaping wide security hole.

 

None

 

W7

Computer Browser
Distributed Link Tracking Client
Function Discovery Resource Publication
HomeGroup Provider
Media Center Extender Service
Offline Files
Server
SSDP Discovery
TCP/IP NetBIOS Helper
UPnP Device Host
Windows Media Player Network Sharing Service
Remote Registry
Print spooler
NetTcpPortSharing

From this tweaking guide

 

How so?


----
rich

 

It's network access to system components and there's no real reason for a home user to need this.

Fairly certain there have already been exploits in the past. Really, if I don't need a service I don't want it running.

 

I too disable every service that isn't needed. The speed of the system gets considerably faster and the landscape for new exploits is reduced (as proved by several "workarounds" for past vulnerabilities).

I remember seeing an official Microsoft recommendation for doing things that way, just forgot where.

 

There are certainly gains to be made in tweaking services.

Whether a new computer today will see those benefits can only be seen on a case by case basis. Older machines, like when XP first came out, were very easy to tell the difference, esp. considering they only had 256 or 512mb or ram back then.

Some advantages of tweaking services do not lie only in hardware performance (general speed increases) but may come in the form of user likes/dislikes. Search services are one example, as are help service, which I always turn off because I despise the windows help system.

Some people turn services off to close open ports, which could be a good thing, depending on many factors. If you were going to be in a foreign network, it is hard to argue that limiting your open ports is a bad thing.

All in all though, most people (not necessarily meaning people who frequent places like this) don't understand what a service is, let alone how they have dependencies or how to solve problems when they have turned services off. They are best off to just leave things alone. But, on the other side of the coin, if you learn a bit about the services, they are not voodoo magic, but actually quite easy to manage. It just takes learning to understand which one does what so you can pinpoint problems. Since I have been messing with services since win2k, I know most of them well. Vista/7 introduced some learning for me, which I have not completely learned, but once you are familiar with services in general, it doesn't take long to figure out new ones really. The networking services in 7 being an exception to that IMO.

The best examples of positive benefits of managing services are:

Computer Browser service - on a windows network, one computer will be the browse master, which is what this service is about. If you have a server, say win2k, and a workstation, say win7, there is an election process to see who will be the browse master. Newer OS gets the call, which in this case would make the workstation the browse master. That is not what you want, so you would turn off the browse services and set it in the registry (or something of that nature, been years now since I messed with that, and it may have changed). Not much of a problem in a home network, but there are "browse elections" that take place, and back in the day, they could be problematic for reasons I have forgotten

Server service - this service, when it is off, stops your shares from being shared. I usually turn it on manual (off) and only enable it when I want to share something. A very handy feature, as I can set my laptop up so that if I go somewhere and attach to a foreign network, my shares are not usable. If I desire to share something, a quick run command of "sc start lanmanworkstation" or "net start server" is all that is needed to get things going.

Sul.

 

w7 and xp, which services did you shut down?

Spot on!
After spending months in Tweaking (= Disabling/Enabling Services),
I saw No substantial benefits...

 

I dont adjust any services. It has been stated many times that it isnt going to make a major difference and later on you may need the service and wonder why it isnt working and then have to do some uneeded trouble shooting. if your computer is running slow upgrading it is a much better option than adjusting services.
Windows 7 has alot of the services on trigger start and stop anyway. Windows 8 will have even more services on trigger start and stop.

@sully you dont need to adjust the last two services you listed on vista or 7. you simply mark the new found network as public and windows wont share your files.

 

What bother? It takes like 30 seconds to do this.

There's the potential security benefits - though I don't really worry to much about that. And I'll save a bit of RAM usage on startup.

Multiple services that I've turned off have had exploits in the past. Network Registry and Computer Browser are the two that come to mind, print spooler as well actually.

I don't need a single one of those services... ever. I just don't use my computer for those things. So I disable them and save myself 10MB of RAM or however much it is and my computer is now however much more secure.

 

I did not know that was the difference. Thats interesting. I have been used to keeping the server service on manual for so long, I had not paid attention.

Thanks for that tip.

Sul.

 

Touchy subject

It's never done me any harm, & in FACT it can be Very beneficial to disable certain services you don't Actually need. Just a few for eg: if you don't need them.

Remote Registry - Don't leave it open to possible abuse.

Print Spooler - This has been a vector that a number of Rootkits used.

Sure the above two examples still require you make some mistake & let something in, if you don't have common sense and/or good security in place. But still **** can/does happen sometimes !

Here's mine on XP/SP2 Home

 

He doesn't know, he turned off the log.

Despite "not needing" these services or freeing up an insignificant amount of RAM or closing a security hole that will never ever get exploited anyway there is nothing to be gained here. I ran several test on this a couple of years ago and any benchmark you can run on a system gets the same score or lower with services disabled.

Bottom line as far as I am concerned if you want more RAM buy more RAM. If you want a faster machine buy a faster machine. Service tweakers are the guys that end up starting threads with "my this or that doesn't work" because they forgot they disabled something they thought they didn't need. We had a guy that tried this on one of our web servers here. He though he was speeding it up. Took me half a day to get it to serve web pages again. He is gone now.

To each his own, it is your machine but I hope any onlookers aren't caught up in the idea that it will make their machine perform significantly better by tweaking services, especially if they don't know what those services do.

 

lol "If you want a faster machine don't turn off useless utilities, spend money!"

Nice.

I also like the "not needing" in quotes. I understand each one of the services I've disabled. I understand their dependencies and what they do and do not do.

Is tweaking dangerous? Yes, if someone who doesn't know what they're doing just follows some random guide on an internet they are very likely to run into issues.

Otherwise, if the person understand each services, there's no reason they shouldn't turn off the useless ones.

Reducing attack surface is basically security 101. In CompTIA classes one of the first things you'll learn (I suppose this depends on the instructor) is that if you don't need a service you need to stop that service. This goes double (or triple!) for servers.

http://www.commonexploits.com/?p=168
http://technet.microsoft.com/en-us/security/bulletin/MS10-061
http://technet.microsoft.com/en-us/security/bulletin/ms08-067
http://technet.microsoft.com/en-us/security/bulletin/ms00-040


So you enjoy needlessly using an extra 20-30MB of RAM and having known exploitable code running. I'll enjoy having that 20-30MB of RAM used for caching and having a reduced attack surface.

Like you said, to each their own.