Security: Disabling services, Posix, and OS/2

Posted in Windows XP by Community Submission

Heed the following from Winguides' website:

"Disable OS/2 and POSIX Subsystems (Windows 2000/XP)
To conserve system resources you may want to prevent the Windows session manager (SMSS) from loading any optional subsystems, such as OS/2 or POSIX. This tweak can be used to disable these optional subsystems.

"Warning: Make sure you use REGEDT32 to changes this value. Using Regedit may cause the system to crash.
Open your registry using REGEDT32 and find the key below.

"When the OS/2 and Posix sub-systems are enabled the value called "Optional" will be set to "Posix" or "OS2 Posix". To disable those sub-systems double-click on the "Optional" value and delete the "Posix" data in the window.

"Restart Windows for the change to take effect.

"Note: The benefits of not loading these subsystems can be increased memory and system resources."

Heed also the following from PC Magazines' website:

"  POSIX. Windows XP still ships with a subsystem called POSIX, which allows the use of Unix commands. Disabling POSIX prevents hackers from using Unix commands against your system. Go to Run and type regedt32 (not regedit). Find HKEY_ local_machine\system\currentcontrolset\Control\Session Manager\SubSystems and click on the multistring called Optional in the right-hand pane. By default, the multistring's value will be POSIX; delete that value and leave the space empty (but don't delete the Optional multistring). Then click on the actual POSIX multistring in the same pane. Note that it points to a file in your Windows System32 directory called Psxss.exe. Delete that file using Windows Explorer, use the Registry Editor to delete the POSIX string, and then reboot."

Always back up your registry, and set a System Restore point, before applying these tweaks.

Heed also, from PC Magazines' website: 

" Other services. Unless you need one of them, it's a good idea to disable several services that may open up back doors to your system: NetMeeting Remote Desktop Sharing, Remote Desktop Help Session Manager, Remote Registry, Routing and Remote Access, SSDP Discovery Service, telnet, and Universal Plug and Play Device Host. Go to Control Panel | Administrative Tools and click on the services you don't need and select Stop this service in the left-hand pane."


Free Computer Magazines and eBooks