![]() Network Policy Server - Automatic (Delayed Start) Virtual Machine Management Service - Automatic ![]() Hyper-V Networking Management Service - Automatic Hyper-V Image Management Service - Automatic Windows Presentation Foundation Font Cache 3.0.0.0 - Manual Kerberos Key Distribution Center - Automatic These major roles may include sub-roles not addressed here.Īctive Directory Certificate Services - AutomaticĪctive Directory Domain Services - AutomaticĪctive Directory Web Services - Automatic The following services for roles are addressed in the Microsoft Windows Server 2008 R2 Security Guide, Windows Server 2008 R2 Attack Service Reference.xlsx. WinHTTP Web Proxy Auto-Discovery Service - Manual Windows Update - Automatic (Delayed Start) Windows Remote Management (WS-Management) - Automatic (Delayed Start) Windows Management Instrumentation - Automatic Windows Driver Foundation - User-mode Driver Framework - Manual System Event Notification Service - Automatic Special Administration Console Helper - Manual Software Protection - Automatic (Delayed Start) Smart Card Removal Policy - Automatic (Manual is the default) Secure Socket Tunneling Protocol Service - Manual Resultant Set of Policy Provider - Manual Remote Procedure Call (RPC) Locator - Manual Remote Desktop Services UserMode Port Redirector - Manual Remote Access Connection Manager - Manual Remote Access Auto Connection Manager - Manual Problem Reports and Solutions Control Panel Support - Manual Portable Device Enumerator Service - Manual Network Store Interface Service - Automatic Microsoft Software Shadow Copy Provider - Manual Microsoft iSCSI Initiator Service - Manual Microsoft Fibre Channel Platform Registration Service - Manual Link-Layer Topology Discovery Mapper - Manual KtmRm for Distributed Transaction Coordinator - Manual Internet Connection Sharing (ICS) - Disabled IKE and AuthIP IPsec Keying Modules - Manual Health Key and Certificate Management - Manual This can be used as a basis for documenting the services necessary.Īpplication Layer Gateway Service - Manualīackground Intelligent Transfer Service - Manualĭesktop Window Manager Session Manager - Automaticĭiagnostic Policy Service – Automatic (Delayed Start)ĭistributed Link Tracking Client - Automaticĭistributed Transaction Coordinator - Automatic (Delayed Start)Įxtensible Authentication Protocol - Manualįunction Discovery Provider Host - Manualįunction Discovery Resource Publication - Manual The following tables list the default services for a baseline installation and those for common roles as a reference. Services for Windows Server 2008 R2 roles are managed automatically, adding those necessary for a particular role. Respond to any User Account Control prompts. The following can be used to view the services on a system: If the site has not documented the services required for their system(s), this is a finding. Individual services specifically required to be disabled per the STIG are identified in separate requirements. Exceptions for individual systems should be identified separately by system. Services common to multiple systems can be addressed in one document. The Site’s list will be provided for any security review. Organizations will develop their own list of services which will be documented and justified with the IAO. Required services will vary between organizations, and on the role of the individual system. Windows Server 2008 R2 Member Server Security Technical Implementation Guide Compromising a service could allow an intruder to obtain system permissions and open the system to a variety of attacks. Some services may be run under the local System account, which generally has more permissions than required by the service. This will force the recent changes made to the GPO.Unnecessary services increase the attack surface of a system. In the Command Prompt, type gpupdate force and hit enter. To do this, type cmd in the Windows search bar, right-click on Command Prompt, and select Run as Administrator. Select Enabled and click Apply and OK to save the changes.Ĭlose the Group Policy Editor and open Command Prompt as administrator.In the Settings section, locate and double-click on Allow users to connect remotely by using Remote Desktop Services.In the Group Policy Editor, navigate to the following location: Computer Configuration\Administrative Templates\Windows Components\Remote Desktop Services\Remote Desktop Session Host\Connections.On Windows 10 Home Edition, you will need to enable GPE manually before you can access the tool. Here, you will have to manually enable the service using Group Policy Editor. If the issue persists, a Group Policy Object may be blocking the connection to your local computer.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |