What "services" can I disable yet still keep fdisr working?

Discussion in 'FirstDefense-ISR Forum' started by Horus37, Feb 6, 2007.

Thread Status:
Not open for further replies.
  1. Horus37

    Horus37 Registered Member

    Joined:
    Jan 4, 2007
    Posts:
    328
    I want to disable as many needless services running as I can yet not affect FDISR functionality. Does anyone know?
     
  2. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    17,047
    Horus, if you are talking FDISR services my answer is none. Elsewise I suspect you will be back here with more problems.

    You are on a path of someone else I've watched. That is harding your system and effectively preventing you from using it.

    The most important thing to harden for security purposes is the chair keyboard interface.

    Pete
     
  3. Horus37

    Horus37 Registered Member

    Joined:
    Jan 4, 2007
    Posts:
    328
    No what I mean is xphome software services that you access from the admin account >start>Control Panel>performance and maint>admin tools>services.


    Those services not FDISR services.
     
  4. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    17,047
    Thats what I was talking about. You are more likely to cause yourself pain, then gain. What are you trying to accomplish, and why?

    Pete
     
  5. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    Disabling Windows Services is easy, anybody can do that.
    Knowing the consequences of disabling Windows Services is something else and you have to know exactly what you are doing.

    Since not many users have that knowledge it's risky for them to disable one or more Windows Services.
    So when you start disabling Windows Services, it's on YOUR OWN RISK.

    There are some good and well-known websites, created by people with experience to help less-knowledgeable users, like :
    TweakHound
    http://www.tweakhound.com/xp/xptweaks/supertweaks6.htm
    Which contains alot of information.

    The Elder Geek
    http://www.theeldergeek.com/services_guide.htm

    BlackViper
    http://web.archive.org/web/20041128084144/www.blackviper.com/WinXP/servicecfg.htm
     
    Last edited: Feb 6, 2007
  6. Horus37

    Horus37 Registered Member

    Joined:
    Jan 4, 2007
    Posts:
    328
    Seems like out of the 87 services on automatic or manual only 6 are really needed. So disabling that many services is a bit scarey. I've disabled a few of them. However I'd like to know of the ones recommended by black viper -which is nearly disabling all of them, which do you think are critical for FDISR to keep running correctly?
     
  7. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    17,047
    I don't think you are going to get anyone here to say more than they have. I think the gist of the advice is leave well enough alone.

    Again I have to ask why are you wanting to do this.

    Let me put another way. If you want to play have at it. But if in the process something breaks with FDISR, about the only help we can give you is would be either restore an image(you are nuts if you don't have one), or reinstall Windows.

    Alternatively my answer to what is critical to keep FDISR running. EVERYTHING.
     
  8. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    Horus,
    I don't think you will get a list of these services that can be disabled safely for FDISR and that's what you want.
    Any user with some experience knows that disabling services can cause problems sooner or later.

    Some softwares require that one or more certain services are not disabled. I had that experience already in practice
    when I was testing GreenBorder.
    How are you going to know in advance, that a disabled service will never cause any problem o_O
    When a new software doesn't work, you won't get the idea that it could be caused by a disabled service, because your computer worked fine until then.

    If you disable services, it's on your own risk and each recommendation to do so can be risky for YOUR computer.
    I also disabled services, but that is my personal decision and I will never recommend them to other people.
    The websites I mentioned are just guidelines, but the risk is yours.
     
    Last edited: Feb 6, 2007
  9. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    17,047
    Erik makes an outstanding point. You may switch off a service today, and not see a problem, but six months from now something isn't working right, and you are going to go nuts figuring it out.
     
  10. Horus37

    Horus37 Registered Member

    Joined:
    Jan 4, 2007
    Posts:
    328

    Well I found no problem getting the folks over at the comodo firewall forum to tell me what services are needed for it to work properly, and the folks over at AVast anti virus told me what services they need for their product to work, however no one here knows which services are critical for it to work.

    The obvious reason to disable services is to disable the unneeded ones and make a system more secure, such as remote desktop. I have a good general idea now of which services to keep running. I'd would have figured someone would be as conscious about security as I am and thus want to keep their system lean.

    So far I've disabled a lot of unneeded services, password protected the guest account on xphome-not easy, disabled the screensaver autostart via the registry and the admin accounts, disabled backup, disabled themes etc.
     
  11. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    17,047
    Horus

    All I can say is have at. I am extremely conscious of security, but rather than screw up my system, which I've seen people do, I chose to run a couple of well chosen security apps, use my head about what I do online, and if I want to try something dodgy, us a combination of FDISR, VM machines, and images to just recover when done.

    It's obvious you are doing what you've asked about, but when you encounter problems whether with FDISR or whatever you probably won't get much sympathy here. Also about the only thing people would be able to do to help you is recommend a clean windows install.

    Good luck

    Pete
     
  12. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    Horus,
    If you want to solve your problem once and for all, I suggest to contact Raxco about these required services.
    If Raxco doesn't know, Raxco will ask the developer Leapfrog.
    If Leapfrog/Raxco can't answer your question, nobody will.

    I also disabled Windows Services, but since my experience with GreenBorder, I'm not so enthousiastic anymore regarding disabling Windows Services.
    I don't remember the service anymore, but it was a service that could be safely disabled according the websites I mentioned in my previous posts.

    Although it has nothing to do with Windows Services, I'm also going to be more prudent with removing UNUSED registries, that are installed by Windows and other legitimate softwares.
    Instead of removing these unused registries, I will ignore them in my registry cleaner in the future.

    I read regularly posts about members having problems with softwares. Maybe one of the causes are disabling services and removing unused legitimate registries for cleaning purposes.

    So I fully agree with Peter this time. Disabling services for security reasons is not a very good idea, because it causes OTHER problems and you don't solve problems this way.
     
  13. Horus37

    Horus37 Registered Member

    Joined:
    Jan 4, 2007
    Posts:
    328
    Well so far I've disabled 28 services, put 26 on manual start, and have 30 services on automatic. So far everything works. Most of the stuff to disable is self explanatory or is easly explaned on the internet. I just don't want to disable the function that FDISR uses to do the frozen snapshots with if my Frozen copy archive is on an external USB hdd.

    I have Volume shadow copy on and microsoft shadow copy provider on. You talk of enabling RSS instead of VSS. I'm wondering which service controls RSS? If I get shadow protect in the future I'll want to know since you said that shadow protect wants to use VSS and might conflict with FDISR's use of VSS.
     
  14. Horus37

    Horus37 Registered Member

    Joined:
    Jan 4, 2007
    Posts:
    328
    Well I've disabled 37 services now with no problems with FDISR, comodo, and avast. Besides the obvious volume shadow copy and ms software shadow copy service and the FDISR service I believe I've found one other critical service that needs to be on for it to function. Amazing how many of these services you can turn off without it crippling your computer. With so many of these security holes no wonder viruses and trojans find it easy to make their way in.
     
  15. Horus37

    Horus37 Registered Member

    Joined:
    Jan 4, 2007
    Posts:
    328
    I think I'll list all the services I have turned off yet still have FDISR, power shadow, Avast, and comodo all running fine -accept the export to dvd function.

    Services off:

    Alerter
    application layer gateway
    ati hotkey poller
    clipbook
    computer browser
    error reporting service-oooooooo gasp !
    fast user switching
    human interface device access
    indexing service
    messenger
    net logon
    netmeeting remote
    network dde
    network dde dsdm
    network provisioning service
    NT LM security support
    portable media serial number service
    remote access auto connection manager
    remote access connection manager
    remote procedure call locator
    routing and remote access
    secondary logon
    server
    smart card
    ssdp discovery service
    system restore service
    tcp/ip netbios helper
    telephony
    terminal services
    universal plug and play device host
    web client
    windows firewall /internet connection sharing
    workstation


    All these services are off. I have others not listed that are set on manual.

    Now mind you I don't have to network to work or need any VPN or have an elaborate setup at home. I have a laptop and a desktop and a all in one printer. So having all those services on is not needed and are huge security holes.
     
  16. Leapfrog Software

    Leapfrog Software Leapfrog Management

    Joined:
    Jan 25, 2006
    Posts:
    251
    Location:
    Northern Nevada, USA
  17. cthorpe

    cthorpe Registered Member

    Joined:
    Jun 30, 2006
    Posts:
    168
    Location:
    Texas
    I really don't understand the tone of the posts in this thread. Horus asked a perfectly legitimate question. He didn't ask for judgement on his desire to limit what services start with Windows. Unfortunately, this tone is becoming all too common.

    If you don't disable services in your own installation due to concerns about making things worse, that's fine. But other users do disable services and do see a benefit from doing so. I disable quite a few services on my machines and set quite a few more to manual. In fact, I have a batch file that goes through and sets quite a few services to my liking that I run on any new install. I see a definate improvement in my day to day computing since I use a fairly old machine. I will happily post that information for Horus and anyone else who is interested as soon as I get home from work.

    To me, disabling services is the same as using a program like nlite to slim down your install. Some users see it as just asking for trouble, others see it as a legitimate way to improve their Windows experience. One could even go as far as to say that disabling services is similar to installing 3rd party applications when Windows has similar applications built in. Those applications may cause problems, but in the long run, if you are patient and willing to learn about them, they can be very beneficial.

    Finally, the very nature of Wilderssecurity seems like it should attract users who are interested in how software works, and finding ways to make their computing life easier, more efficient, and more fun. Tweaking software and finding innovative uses for (and ways around limitations of) applications and OS is one way to do so.

    CT
     
  18. King FN Kong

    King FN Kong Registered Member

    Joined:
    Sep 12, 2006
    Posts:
    134
    yeah i agree with cthorpe. looks like the question wasnt really being answered at all. the question was "which services is needed by fdisr" and NOT "should i disable services"

    anyway, on my minimal install which i only use for surfing, i only have event log, rpc, windows audio, nod32, fdisr service on auto.

    looks like fdisr only needs rpc. (i could be wrong though)

    the rest are either manual or disabled.

    good luck.
     
  19. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    cthorpe and King_FN_Kong,
    Disabling services should be a PERSONAL experiment, while the standard advice should be not to do this.
    I don't think that anybody knows for sure which services can be disabled safely and you didn't answer the question either.

    I gave Horus three links to disable services "safely", but that is just an opinion of people, who think they know the answer.
    Until now I couldn't find a list of M$ to disable services safely and M$ KNOWS Windows better than anybody else.
    All these websites give just THEIR opinion about disabling services and each individual has to decide for HIMSELF to follow these recommendations or not, but on his OWN risk.

    For instance, Horus disabled the service "WORKSTATION", but all these websites including Leapfrog's website recommend to keep that service "AUTOMATIC".
    So is it really safe to disable WORKSTATION or not ? Some people will tell you NO and others will tell you YES.
    In this case 4 websites said "NO" and Horus says "YES".
    Which ONE do I have to believe as a reader of this thread ?
    The same question counts for all services.

    Windows isn't just any software, it's an Operating System.
    In the army it's much easier : the one who shouts loudest is always right.
     
    Last edited: Feb 20, 2007
  20. cthorpe

    cthorpe Registered Member

    Joined:
    Jun 30, 2006
    Posts:
    168
    Location:
    Texas
    Here is the batch file I use. It's based on BlackViper's recommendations with a few adjustments. I have never had a problem with ISR working with these service settings. I don't use VSS, as it was much slower on my machine when I originally tested it (yes, even on an untouched service configuration).


    Code:
    sc config alerter start= disabled
    
    sc config alg start= disabled
    
    sc config wuauserv start= disabled
    
    sc config bits start= disabled
    
    sc config clipsrv start= disabled
    
    sc config dnscache start= disabled
    
    sc config ersvc start= disabled
    
    sc config FastUserSwitchingCompatibility start= disabled
    
    sc config helpsvc start= disabled
    
    sc config HidServ start= disabled
    
    sc config cisvc start= disabled
    
    sc config Messenger start= disabled
    
    sc config Netlogon start= disabled
    
    sc config mnmsrvc start= disabled
    
    sc config NetDDE start= disabled
    
    sc config Nla start= disabled
    
    sc config xmlprov start= disabled
    
    sc config NtLmSsp start= disabled
    
    sc config SysmonLog start= disabled
    
    sc config WmdmPmSN start= disabled
    
    sc config RSVP start= disabled
    
    sc config RDSessMgr start= disabled
    
    sc config RpcLocator start= disabled
    
    sc config RemoteRegistry start= disabled
    
    sc config SCardSvr start= disabled
    
    sc config SSDPSRV start= disabled
    
    sc config srservice start= disabled
    
    sc config TapiSrv start= disabled
    
    sc config TlntSvr start= disabled
    
    sc config TermService start= disabled
    
    sc config Themes start= disabled
    
    sc config UPS start= disabled
    
    sc config upnphost start= disabled
    
    sc config WebClient start= disabled
    
    sc config SharedAccess start= disabled
    
    sc config WZCSVC start= disabled
    
    sc config WMIApSrv start= disabled
    
    sc config TrkWks start= demand
    
    sc config dmserver start= demand
    
     
Thread Status:
Not open for further replies.