What is a windows service?
Microsoft Windows services, formerly known as NT services, enable you to create long-running executable applications that run in their own Windows sessions. These services can be automatically started when the computer boots, can be paused and restarted, and do not show any user interface. These features make services ideal for use on a server or whenever you need long-running functionality that does not interfere with other users who are working on the same computer. You can also run services in the security context of a specific user account that is different from the logged-on user or the default computer account.
To document all the services currently installed:
What these services stand for?
Microsoft Windows services, formerly known as NT services, enable you to create long-running executable applications that run in their own Windows sessions. These services can be automatically started when the computer boots, can be paused and restarted, and do not show any user interface. These features make services ideal for use on a server or whenever you need long-running functionality that does not interfere with other users who are working on the same computer. You can also run services in the security context of a specific user account that is different from the logged-on user or the default computer account.
Note:
1) Before changing any of the default values, it is a good advice to understand more about the services for which you are going to change the defaults.
1) Before changing any of the default values, it is a good advice to understand more about the services for which you are going to change the defaults.
2) It is inadvisable to disable a service without being aware of the consequences, always start by setting the service to manual, reboot and test for any problems.
3) A service set to manual may be automatically restarted if another service is dependent on it. A service set to disabled will not restart even if it's required to boot the machine!
Stopping or disabling a service will generally save a small amount of memory and will reduce the number of software interrupts (cpu message queue.) The main reason for tinkering with services is to harden the system against security vulnerabilities. Disable everything that you don't need or use - then any future problems with those services cannot affect the machine.
To document all the services currently installed:
SC QUERY state= all |findstr "DISPLAY_NAME STATE" >my_services.csv
Some XP services communicate and send data directly to Microsoft, this is not generally something to lose sleep over. Managing the running of these services may be a consideration if confidentiality/anonymity is highly important to you.
Removing a service completely
To delete a service, you may be tempted to hack the registry settings under (HKLM/SYSTEM/CurrentControlSet/Services) this is not a reliable or recommended method, far better is to use the SC command:
SC delete NameofServiceTodelete
In my latest post, I have written about SC Command in detail.
Enable or Disable Ports
Many services and applications rely on the use of a specific PORT - to determine if a particular port is enabled for use, review the list of Service names and port numbers held in the "services" file ('windows\system32\drivers\etc\services'). Installing a good firewall is the easiest way to manage this
Many services and applications rely on the use of a specific PORT - to determine if a particular port is enabled for use, review the list of Service names and port numbers held in the "services" file ('windows\system32\drivers\etc\services'). Installing a good firewall is the easiest way to manage this
No comments:
Post a Comment