This particular service controls the way that encryption keys are distributed throughout your organization. As such, this service should be enabled only on designated key distribution servers within a domain. This service allows others to access the server remotely via dial-up networking, and it should be enabled only on designated RAS servers. Generally speaking, default Windows services that are set to Automatic startup are considered critical to the core operating system and must therefore be left enabled.
But there are exceptions to every rule. The idea of disabling core system-level services has always seemed a little strange. Unfortunately, there is no simple reason that I can give you for disabling a number of the services in the above list. Some of the services are used only in specific circumstances and can be disabled in all other environments. Other services represent a double-edged sword in that enabling them has certain risks, but so does disabling them.
Still other services tend to have more obscure reasons. In the sections below, I'll share my thoughts on disabling 15 of the services listed above. Alerter Alerter The Alerter service notifies selected computers and users about administrative alerts. I tend to ride the fence when it comes to disabling Alerter.
This is one of those services that is seldom used, but when it is used, the alerts are nice to have. Microsoft recommends disabling this service, but you should make up your own mind about whether disabling the Alerter service is appropriate for your organization. The Computer Browser service is included in Windows purely for backward compatibility purposes. Therefore, if your network consists solely of Windows and Windows XP computers, you can safely disable this service.
If other operating systems are present, you must leave this service enabled. If the server is a domain controller, or is running SQL Server or any other type of database, you should leave this service enabled. On an additional security note, however, it's possible to initiate a denial of service attack against the Distributed Transaction Coordinator by sending it 20, bytes of null data.
I completely disagree with Microsoft about disabling this service. This will allow traffic that can be encrypted to be encrypted, while allowing other traffic to flow freely. Its main job is to facilitate the sending and receiving of instant messages, but is also used by NetMeeting.
If your business needs will allow you to disable this service, then I recommend doing so. Click on the yellow buttons to the right to move between pages in this area. Click on the yellow buttons at the bottom to move between pages in this area. The information below will be retained as it could be of interest to anyone running older operating systems. The answer seems to be that you can't do this so you need to keep an older system around for these restores.
One of the issues with Open Systems storage is the lack of an operating system based method to manage tapes. This means that applications that use tapes have to develop their own tape management systems, which can be a considerable overhead, and makes it difficult to share tape libraries between applications. RSM made it easy to manage near-line libraries, and the media contained in them. If RSM is installed, it can affect existing applications, as it takes exclusive control of all media changing robots.
Any non-RSM aware applications that use these robots will stop working, and must be changed to use RSM, so you need to discuss RSM support with your third party vendors. RSM uses 'Media Pools' to classify the storage.
Every piece of removable storage must belong to a media pool. Each media pool holds a single type of media that has common management properties. Media pools can be. This means that you can define a very flexible hierarchy of pools to describe and manage your removable media.
There are two types of media pools, System and Application. If you get an error stating, "The message alias could not be found on the network," you are safe. If, for whatever reason, you need the Messenger service running but wish not to have spam popups active, you can disable the particular ports at your firewall. Used for logging onto a Domain Controller. This service is not required on a standalone system, or for a "home" network.
Enables a user to access your computer using NetMeeting. This may create a BIG open door for the unwanted. If you are paranoid about security, disable this function. Even if you were not worried, I would still get rid of it. Required for managing network connectivity. Set to disabled if you have NO network or you do not toy with the configurations a lot.
If your internet connectivity no longer operates after disabling this function, set it back to Automatic! Note: While disabling this service, you will no longer see the system tray icon lower right displayed, even for modem connections. Connectivity, however, still exists even on incoming shared network drives. I have not found a good use for this service. Unless you use remote ClipBook , disable it.
This uses about 1. Manages local system security information on the computer. You need this service if you are running Message Queuing or Telnet server. Collect performance data on a schedule and send the information to a log or trigger an alert. This may be a super geek tool, but I feel that the overhead associated with it is not worth the benefit.
You decide. This service is the heart and soul of the Plug and Play environment. I do not recommend disabling this service, but if you want to, you are on your own. Your sound card is PnP. Retrieves serial numbers from portable music players connected to your computer. I have not really found a good reason to keep this service always running.
I am not aware of anything that actually requires it. Disable it unless something of yours ceases to function properly, such as Windows Media Player and Microsoft's integration with "Digital Rights Management" and copy protection.
Queues up print jobs for later printing. This service is required if you have printers, even if they are network printers. If this does not fit your needs, disable it. You will save about 3. Your printers will still be "installed" if you disable this service, but not visible in the printers folder. After restarting Print Spooler, they will reappear and be available for use. I place this service into manual mode and only start it up when printing is required.
In manual mode, the service will not automatically start at boot time. Allows for the saving of local passwords or even web sites information AutoComplete.
This service is set to Automatic by default. Due to security reasons, I recommend leaving this "feature" disabled to make things all that much more difficult to steal vital information if you do not "save" it. On the other hand, you may need this service to manage private keys for encryption purposes.
If so, leave this service on automatic to ensure the "higher" security settings you choose work. If you disable this service, you will no longer have any of your passwords saved, no matter how many times you click the box. Since my network is not straining under any load, this is rather pointless. Creates a connection to a network when a program requests a remote address. This service may be required for your internet connection.
If things cease to function after disabling this service, put it to automatic. Note: you may require this service for some direct cable or DSL providers and connections, depending on how they implement their logon process. If your Dial-up, cable or DSL internet access no longer functions properly with this service disabled, place this service into automatic. If you use a hardware gateway or router, this service is not required. Creates a network connection. This service is required if you use Internet Connection Sharing.
Note: you may require this service for some cable or DSL providers, depending on how they implement their logon process. This service is rather vital. Practically everything depends on this service to be running. This is also the only service that you should not and will not disable via the Services MMC. If you do, your computer may will become unbootable AND you cannot place this service back to automatic to fix it. Leave it on Automatic and do not change it. If, for whatever reason, the service became disabled and you can no longer boot your system, please read the information here for a way to fix it.
Recent virus activity has prompted me to post additional information regarding Remote Procedure Call and automatic shutdowns.
Please ensure you read all the information I have available to ensure you are not affected by this latest internet threat.
Manages the RPC name service database. I have not found a reason to keep this service running. However, if something on your network breaks after you disable this service, put it back to manual. About 1. This is one of those not needed services. One of the first I disable. If you are paranoid about security, disable this service. Even if you are not or do not care, disable it anyway.
Used for managing removable media. Disable this service if you do not have items like tape backup devices, etc. Normally, this service does not need to be running and you will not miss any of its functionality. If you do not know what RIP is, you do not need this service installed. Allows computers to dial in to the local computer through a modem or other devices to access the local network using a standard or VPN connection.
Unless you require this functionality, disable it for security reasons. Upon enabling this service, "Incoming Connections" icon will be available in the "Network Connections" control panel.
Enables starting processes under alternate credentials. I have never found a reason to keep this service running. I have always considered "Alternate Credentials" someone other than me!
0コメント