• Create BookmarkCreate Bookmark
  • Create Note or TagCreate Note or Tag
  • PrintPrint
Share this Page URL
Help

Chapter 21. Implementing Windows Vista’s... > Preventing Rogue Services with Windo...

Preventing Rogue Services with Windows Service Hardening

If you could map out the Windows attack surface, the biggest feature in the resulting landscape would be, by far, the system and third-party services that run in the background. Services are a tempting malware target for two reasons. First, most services are “always on,” in the sense that they start when Windows loads and remain running until you shut down the system. Second, most services run with a high privilege level that gives them full access to the system. Malware that manages to get into a computer can use the system services to perform almost any task, from installing a Trojan horse to formatting the hard drive.

To reduce the chance that a malware program could turn a system’s services on itself, Windows Vista implements a new service security technology called Windows Service Hardening. This technology doesn’t prevent malware from infecting a service; that’s the job of Windows Firewall and Windows Defender. Instead, Windows Service Hardening limits the damage that a compromised service can wreak on a system by implementing the following security techniques:


PREVIEW

                                                                          

Not a subscriber?

Start A Free Trial


  
  • Creative Edge
  • Create BookmarkCreate Bookmark
  • Create Note or TagCreate Note or Tag
  • PrintPrint