| | | | | |
Home
Recommended Security Settings for Windows XP System Services
A = Automatic M = Manual D = Disabled | |||||
Name | XP Pro Default | XP Home Default | "Safe" Secure Setting | Recommended Secure Setting | Notes |
Alerter | Disabled | Disabled | D | D |
|
Application Layer Gateway Service | Manual | Manual | M | D | Needed if using ICS (Internet Connection Sharing) |
Application Management | Manual | Manual | M | M |
|
Automatic Updates | Automatic | Automatic | A | A | You can't disable this and still use Windows Update. |
Background Intelligent Transfer Service | Manual | Manual | M | M | You can't disable this and still use Windows Update. |
ClipBook | Disabled | Disabled | D | D |
|
COM+ Event System | Manual | Manual | M | M |
|
COM+ System Application | Manual | Manual | M | M |
|
Computer Browser | Automatic | Automatic | D | D |
|
Cryptographic Services | Automatic | Automatic | A | A | Windows Update errors may occur if this is disabled. |
DCOM Server Process Launcher | Automatic | Automatic | A | A |
|
DHCP Client | Automatic | Automatic | A | D | *CAUTION* You'll have to set your IP Address manually. You'll need to know all your networks settings to do this. Not everyone will be able to disable this and still be able to connect to the Internet or connect to game servers. Do not change this on an ICS gateway. |
Distributed Link Tracking Client | Automatic | Automatic | A | D |
|
Distributed Transaction Coordinator | Manual | Manual | M | D |
|
DNS Client | Automatic | Automatic | A | D |
|
Error Reporting Service | Automatic | Automatic | D | D |
|
Event Log | Automatic | Automatic | A | A |
|
Fast User Switching Compatibility | Manual | Manual | M | D | Will require you to reboot machine to log in as another user. |
Help and Support | Automatic | Automatic | M | D |
|
HTTP SSL | Manual | Manual | M | M |
|
Human Interface Device Access | Disabled | Disabled | D | D | Best to leave this at whatever your value is already set to. Many USB devices use this these days (keyboards, special mice, remotes). You can try disabling this to see if your devices need it or not. |
IMAPI CD-Burning COM Service | Manual | Manual | M | D |
|
Indexing Service | Manual | Manual | D | D | Worthless resource hog that fires up when it feels like it. |
IPSEC Services | Automatic | Automatic | A | D | Required for certain types of VPN connections. |
Logical Disk Manager | Automatic | Automatic | A | M |
|
Logical Disk Manager Administrative Service | Manual | Manual | M | M |
|
Messenger | Disabled | Disabled | D | D | Security risk. |
MS Software Shadow Copy Provider | Manual | Manual | M | M | Leave this at what it is already set to. Your backup program may depend on this. |
Net Logon | Manual | Manual | D | D | Only used in domains. |
NetMeeting Remote Desktop Sharing | Manual | Manual | D | D |
|
Network Connections | Manual | Manual | M | M |
|
Network DDE | Disabled | Disabled | D | D |
|
Network DDE DSDM | Disabled | Disabled | D | D |
|
Network Location Awareness (NLA) | Manual | Manual | M | M |
|
Network Provisioning Service | Manual | Manual | D | D | May be needed in the future for WPS. Not required for home users. AFIK it hasn't been implemented yet. |
NT LM Security Support Provider | Manual | Manual | M | M |
|
Performance Logs and Alerts | Manual | Manual | M | M |
|
Plug and Play | Automatic | Automatic | A | A |
|
Portable Media Serial Number Service | Manual | Manual | M | M | If you have a portable media device and have problems accessing content, return this to Manual. |
Print Spooler | Automatic | Automatic | A | A |
|
Protected Storage | Automatic | Automatic | A | A | Some things may cease to function properly if disabled. Among them: Saved passwords, ssl, s/mime |
QoS RSVP | Manual | Manual | D | D |
|
Remote Access Auto Connection Manager | Manual | Manual | M | M |
|
Remote Access Connection Manager | Manual | Manual | M | M |
|
Remote Desktop Help Session Manager | Manual | Manual | |||