Does it mean that FTP is installed on your Windows NT server if the FTP.exe file is present in the winnt\system32...
folder? The same applies to the other programs like rasadmin.exe, rasphone.exe, Telnet and TFTP. Does its mere presence mean that an intruder can use some of these programs in his/her attempts to compromise the box?
You said NT not 2000, so that will be my first assumption. But this doesn't matter in respect to the OS. Most definitions can be found on the Internet.
Because an .exe file exists on a hard drive or folder does not mean the service is running. If that were so we would be in much deeper Windows/Microsoft despair than we are now. I have seen companies where they do remove these .exe files that you have mentioned and for good reason. These services are not running, but if a worm or malicious code were to get on those machines it could execute or run those applications; then and only then would the services be running.
Another thought on FTP is that when you install IIS or PWS (2000 Pro) it does start some of these services as default, thus you must be aware of what is running. The easiest way to establish the services that is running is view the task manager. Press Ctrl-Alt-Delete and choose task manager. I have heard of malicious code programs (worms, viruses, Trojans, etc) that will not appear in this window, but this is not a real concern if you are running a valid and current antivirus application.
When you do find services that you don't recognize, do not terminate this service until you can establish what the service is used for in the OS or other applications. A great example of this is antivirus and software firewalls. If you terminate certain services then those application will not work.
If you need help with fine tuning services, visit these resources: http://www.techspot.com/tweaks/win2k_services/index.shtml
Or if you need help with default Windows 2000 services, check out these resources on Microsoft: http://www.microsoft.com/windows2000/techinfo/howitworks/management/w2kservices.asp
As for otherwise unknown services I would recommend using a search engine such as Google by simply typing the file .exe into the search and usually you will find something that helps.
For more info on this topic, please visit these SearchSecurity.com resources:
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.