Ten XP Services to Turn Off

As long as Microsoft Windows has been a network capable operating system, it has come with quite a few services turned on by default, and it is a good idea for any security conscious user of Microsoft products to shut down any of these that they are not using.

If you are running Microsoft Windows XP on your desktop system, you should consider turning off the following services, it may surprise you as to what is running without your knowledge.

IIS – Microsoft’s Internet Information Services provide the capabilities of a Webserver for your computer.

NetMeeting Remote Desktop Sharing — NetMeeting is primarily a VoIP and videoconferencing client for Microsoft Windows, but this service in particular is necessary to remote desktop access.

Remote Desktop Help Session Manager – This service is used by the Remote Assistance feature that you can use to allow others remote access to the system to help you troubleshoot problems.
Remote Registry – The Remote Registry service capabilities are frightening to consider from a security perspective. They allow remote users to edit the Windows Registry.

Routing and Remote Access – This service bundles a number of capabilities together. It is rare that any of them should be necessary for a typical desktop system such as XP, however, so they can all conveniently be turned off as a single service. Routing and Remote Access provides the ability to use the system as a router and NAT device, as a dialup access gateway, and a VPN server.

Simple File Sharing – When a computer is not a part of a MS Windows Domain, it is assumed by the default settings that all filesystem shares are meant to be universally accessible. In reality, we would only want to provide shares to very specific, authorized users. Simple File Sharing, which only provides blanket access to shares without exceptions, is not what we want to use for sharing filesystem resources. It is active by default on both MS Windows XP Professional and MS Windows XP Home editions. This cannot be disabled on XP Home. On XP Professional you can disable it by opening My Computer > Tools > Folder Options, clicking the View tab, and unchecking the Use simple file sharing (Recommended) checkbox in the Advanced settings.

SSDP Discovery Service – This service is used to discover UPnP devices on your network, and is required for the Universal Plug and Play Device Host service (see below) to operate.

Telnet – The Telnet service is a very old mechanism for providing remote access to a computer, most commonly known from its use in the bad old days of security for remote command shell access on Unix servers.

Universal Plug and Play Device Host – Once you have your “Plug and Play” devices installed on your system, it is often the case that you will not need this service again.

Windows Messenger Service – Listed in the Services window under the name Messenger, the Windows Messenger Service provides “net send” and “Alerter” functionality. It is NOT related to the Windows Messenger instant messaging client, and is not necessary to use the Windows Messenger IM network.

On your system, these services may not all be turned on, or even installed. Whether a given service is installed and running depends on whether you installed the system yourself, whether you are using XP Home or XP Pro, and from which vendor you got your computer if Windows XP was installed by the vendor.

With the exception of Simple File Sharing, all of the above listed services can be disabled from the same place. Simply click on the Start button, then navigate to Settings > Control Panel, open Administrative Tools, and from there open the Services window. To disable any service in the list, double-click on its entry in that window and change the Startup type/setting.

Generally, you should change services you are turning off for security purposes to ‘Manual’ and if your system is running smoothly you can then change the setting to ‘Disabled’. When in doubt about whether a given service is necessary for other services, check the Dependencies tab in the service’s settings dialog.

This is not a comprehensive list of everything running on your computer that you may want to turn off. It is simply a list of ten items that you do not need to have running, and constitute a security vulnerability if left running.

Most users will never have use for the services in this list, once the computer is up and running. Other services may be disabled without ill effect as well, though you should research each item in the complete services list before you disable it to ensure that you actually do not need it running.

Some of them are quite critical to the normal operation of your system, such as the Remote Procedure Call (RPC) service.

Every running but unused service on your machine is an unnecessary security risk. If a service is not important for authorized users and basic system functionality, turn it off.

I also turn the Windows Automatic Updates in Control Panel\ Administrative Tools\Services to MANUAL as they are nothing more than knee-jerk reactions to Microsoft’s usual bungling. I have seen PC’s with up to 1GB of these Hotfixes, Patches and Updates. All they do is slow down the computer to a crawl. Those that are actually necessary for the system WILL NOT have a Remove button on them in the Add-Remove Program.

Security hotfixes are necessary and you don’t want expose your PC to the Internet with an unpatched system. Hotfix itself is not a problem. The problem is the ‘Hotfix Uninstaller’. They do consume a lot of disk space over time. One great tool to remove all of these junk files is a utility called CCleaner.