Essential versus nonessential services for a Windows Web server
Use this security checklist to harden your IIS Web server.

by Michael Cobb
This list is a companion piece to the Secure Web server installation portion of SearchSecurity.com's Intrusion Defense School lesson on Web attack prevention and defense. Check out the companion primer, Insider's guide to Web server security.
Nonessential services | Essential services |
Alerter | COM+ Event System |
ClipBook Server | Event Log |
Computer Browser | IIS Admin Service |
DHCP Client | IPSEC Policy Agent |
Distributed File System | Logical Disk Manager |
Distributed Link Tracking (Client and Server) |
Network Connections |
Distributed Transaction Coordinator | Performance Logs and Alerts |
DNS Client |
Plug and Play |
FTP Publishing Service (unless FTP services required) |
Protected Storage |
Licensing Logging Service | Remote Procedure Call (RPC) |
Logical Disk Manager Administrator Service | Remote Registry Service |
Messenger | Security Accounts Manager |
Net Logon* | System Event Notification |
Network DDE | Uninterruptible Power Supply |
Network DDE DSDM | Windows Management Instrumentation |
Print Spooler | WMI Driver Extensions |
Remote Registry Service | World Wide Web Publishing Service |
Removable Storage | |
Remote Access Connection Manager | |
Routing and Remote | |
Access RPC Locator (unless remote administration required) |
|
RunAS Service | |
Server Service (unless SMTP or NNTP required) |
|
Task Scheduler
|
|
TCP/IP NetBIOS Helper
|
|
Telephony
|
|
Telnet
|
|
Windows Installer
|
|
Windows Time
|
|
Workstation*
|
|
* Services required if running as part of a Windows domain for an intranet.
Security School |
Download a PDF version of Essential versus nonessential services for a Windows Web server Check out the companion primer, Insider's guide to Web server security |