Day 23 - Turning off Unused Services

If it's not installed, it can't be exploited.  It's as simple as that.

Does IIS really need to be running on that server?
Are you using SNMP to monitor that server?
Is File and Print Sharing (or Samba) necessary for that server to perform it's role?

Unused services are a sometimes overlooked avenue of exposure that all too often provides a surface to attack.

But how do you know what is "needed"?

Have you done the research for a file and print server? A web only server?  A mail server?
Do you use a published checklist?

Let us know how -you- know what services you do and don't need.

- Chris Carboni


140 Posts
Oct 23rd 2008

Sign Up for Free or Log In to start participating in the conversation!