Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-3487 | 5.068 | SV-18389r1_rule | ECSC-1 | Medium |
Description |
---|
Unnecessary services increase the attack surface of a system. Some services may be run under the local System account, which generally has more permissions than required by the service. Compromising a service could allow an intruder to obtain system permissions and open the system to a variety of attacks. |
STIG | Date |
---|---|
Windows XP Security Technical Implementation Guide | 2012-06-29 |
Check Text ( C-38510r1_chk ) |
---|
Select “Start”. Right-click the “My Computer” icon on the Start menu or the desktop. Select “Manage” from the drop-down menu. Expand the “Services and Applications” object in the Tree window. Select the “Services” object. If services listed below are found, are not disabled (or set to manual in a few cases), and the site does not have documented exceptions for these, this is a finding. Documentable Explanation: Required services should be documented with the IAO. Alerter Background Intelligent Transfer Service (Manual) ClipBook Computer Browser Error Reporting Service Fast User Switching Compatibility Fax FTP Publishing Service IIS Admin Service Indexing Service IPv6 Helper Service Messenger NetMeeting Remote Desktop Sharing Network DDE Network DDE DSDM Routing and Remote Access Simple Network Management Protocol (SNMP) Service Simple Network Management Protocol (SNMP) Trap SSDP Discovery Service Task Scheduler - See separate vulnerability WINSV-000106/V-30037 Telnet Terminal Services Universal Plug and Play Device Host WebClient Wireless Zero Configuration WMI Performance Adapter (Manual) World Wide Web Publishing Service |
Fix Text (F-6001r1_fix) |
---|
Configure the system to disable any services that are not required. |