Check for Unnecessary Services

Issue

Services that are listed in the security report are contained in the Services.txt file and were found to be installed on the scanned computers. The state of each of these services (enabled or disabled) is listed in the Results Details page. The user should determine whether the services found to be installed or running are necessary. If unnecessary, they should be disabled. For example, if the Telnet service is found to be installed and enabled, but users are not required to remotely connect through Telnet to that specific computer, this service should be disabled.

The Services.txt file, included with Microsoft® Baseline Security Analyzer (MBSA) in the installation folder, can be edited such that the tool will check the status of each service listed in the file. To add or change services from the default list, edit the Services.txt file with Notepad or Microsoft Word and type the service name for each service you would like to scan. The service names can be found by viewing the properties of a service in the Services Control Panel applet.

Solution

Use the Services Control Manager to disable the running services that the user confirms should not be running on the computer. Services that are enabled but not required can pose a security risk to the computer.

Important:

• If you are running Small Business Server (SBS), there are services listed in MBSA that are core to your server functionality. These are the Simple Mail Transport Protocol (SMTP) and World Wide Web Publishing services. Do not disable these services on computers running SBS.

Instructions

To disable services in Windows® Server 2003, Windows XP, or Windows 2000

1. Open the Control Panel.
2. Double-click Administrative Tools, and then click Services.
3. Double-click the service that you want to disable.
4. Click Stop to stop the service.
5. Under Startup type, click Disabled.

To disable services in Windows NT® 4.0

1. Click Start, point to Programs, click Settings, and then click Control Panel.
2. In Control Panel, double-click Services.
3. Double-click the service that you want to disable.
4. Click Stop to stop the service.
5. Under Startup type, click Disabled.

©2002-2004 Microsoft Corporation. All rights reserved.