Re: Windows XP Services Best Practice



Why not the Microsoft security guides as these days they are the same thing ;-)

First and foremost you are running them without admin rights...correct? If not... you can shut off services all you want but it won't help as much as non admin will.

Francisco Pecorella wrote:

Vic,

I think you can use the NIST Security Configuration Checklists Repository, specifically

Windows XP Security Guide
http://checklists.nist.gov/repository/1007.html

Windows XP Security Checklist
http://checklists.nist.gov/repository/1057.html

Windows 2003/XP/2000 Addendum
http://checklists.nist.gov/repository/1057.html

--
Regards,
FP
----- Original Message ----- From: "Vic Brown" <vabrown@xxxxxxxxxxxxxx>
To: <focus-ms@xxxxxxxxxxxxxxxxx>
Sent: Sunday, June 04, 2006 10:58 PM
Subject: Windows XP Services Best Practice


Anyone has a useful link with with information about what XP Pro SP2 services should be "disabled" on enterprise desktops according to "best" practice? Basically I'm looking for something that has the service name, functionality, security implication, and best practice recommendation. Desktop users are only running an office suite.

TIA
--
http://ccopanama.org





----------------------------------------------------------------



---------------------------------------------------------------------------

---------------------------------------------------------------------------




---------------------------------------------------------------------------

---------------------------------------------------------------------------




--
Letting your vendors set your risk analysis these days? http://www.threatcode.com
The SBS product team wants to hear from you:
http://msmvps.com/blogs/bradley/archive/2006/05/18/95865.aspx


---------------------------------------------------------------------------
---------------------------------------------------------------------------



Relevant Pages

  • REPOST of Re: [opensuse] OpenSuse 11
    ... This is a repost of my response to something which Aaron stated - as an expert on Widows security - and which he has apparently chosen to totally ignore because it doesn't suit him. ... Do they run as admin or user? ... The many back-doors in Windows are *NOT* accidental. ... ZoneAlarm, for example, is one such security applications. ...
    (SuSE)
  • [NT] Cumulative Security Update for Internet Explorer (MS04-025)
    ... Get your security news from a reliable source. ... * Microsoft Windows NT Workstation 4.0 Service Pack 6a ... Navigation Method Cross-Domain Vulnerability ...
    (Securiteam)
  • [Full-Disclosure] Dcom.c - (Shutting it down on 5,000 systems) - a Paul Schmehl Post
    ... If you're an admin and haven't touched this one ... clown...cause they analyze security threats and take actions. ... hasn't entered the Windows world in a secure implementation (that I'm ... A fantasy world exists on every campus where the belief is ...
    (Full-Disclosure)
  • Re: [opensuse] OpenSuse 11
    ... My parents have pulled off such a feat -- they've never had any security issues, and of the people I know, they are the least computer literate. ... Do they run as admin or user? ... The matter of Windows having deliberate in-built backdoors has been mooted for quite some time. ... ZoneAlarm, for example, is one such security applications. ...
    (SuSE)
  • [NT] Vulnerability in HTML Help Allows Code Execution (MS05-001)
    ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... Get your security news from a reliable source. ... * Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service ...
    (Securiteam)