Secure Windows Services Configuration

I just spend most of the morning installing Windows XP on a computer system. While the installation itself takes some time, the configuration afterwards is surely the most time consuming part of the process. Windows XP comes with many services enabled that are usually not needed by most users. Some of these may even give hackers an opening to attack the computer system.One of the first tasks after the installation of a Windows system is therefore to tighten up the operating system's services.

This can be done manually. If you have installed a lot of Windows operating systems you know the process in and out. If you are a new inexperienced user you might want to use a software for that task. A good and reliable program for that task that is compatible with both Windows 2000 and Windows XP is Configure NT.

Update: Configure NT is no longer available. We suggest you use a program like Easy Service Optimizer instead for the process.

Configure NT

Configure NT is a a batch script that you can run to secure Windows services with minimal effort. It comes with several switches that depend on the configuration of the current operating system. The program will prompt for user input after installation, the available choices are:

• (1) LAN This switch tries closing all open Ports. Some services ("automatic updates", "scheduler") and SMB will remain unchanged. Use this option if you still need network drives or -printer.
• (2) Standard Other than (1), SMB will be deactivated. On W2K-systems all ports are being closed. On WinXP you must disable the scheduler to close all ports. Some services ("automatic updates", "scheduler") will remain unchanged.
• (3) ALL Does make all changes as recommended on www.ntsvcfg.de. So all services + SMB are being disabled. (this option is recommended to "harden" your workstation)
• (4) Restore Restore the last changes made. A warning message might appear during writing to the registry. Please ignore this message by clicking OK.

Option 1 is probably the option that most users should start with to secure their Windows Services. The website contains additional information and a checklist to verify that the system has been secured. Advanced users will probably still use the manual approach as they have more control over the Windows Services configuration.

Verdict

Configure NT is handy script for Windows that provides you with the means to change the configuration of an operation system in regards to security quickly. Since it is offered as a batch script, you may open it in any plain text editor to audit the script before you run it to make it is legitimate.

Advertisement