Extraneous Services as a Security Threat
Common sense dictates that the more services available on a server, the greater the opportunities for possible attack. Thus, a minimalist approach to system administration can be a positive security action. Remove unneeded services and applications from all systems. For instance, some unused subsystems may not have any known security holes yet, but may leave the system vulnerable without careful monitoring.
In most environments, for example, the POSIX and OS/2 subsystems serve little or no value. However, because they communicate with the Windows 2000 Executive mode, they can create a program or command that does significant damage. Therefore, unless a clear requirement exists, remove the POSIX and OS/2 subsystems by removing the strings "OS/2" and "POSIX" from the Registry key using the Registry Editor. The modification should be made on the Registry tree level HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager\Subsystems \Optional.
In the next edition of this series, we will examine physical computer security, and the use of auditing tools to monitor and prevent breaches.