Archived from groups: microsoft.public.win2000.security (
More info?)
Most of what you've listed here is not typically running on a Windows system.
Echo, Chargen, Discard, and Daytime are all part of an optional component
called "Simple TCP/IP services." This component is not installed by default,
so if you haven't added it, then these services don't exist, so no disabling
is necessary. Finger, Rstat, Rwall, and Ruser are Unix utilities that are
not present in Windows. SprayD is the server side of a Unix UDP packet-blasting
program used for evaluating performance and is not present in Windows. PCNFSD
is the daemon for NFS, a Unix file-sharing protocol that is not part of Windows.
There are some Windows versions of NFS but it's unlikely you're using it;
if you were, you'd know it. BootPS is a BootP/DHCP server for Unix. It is
not the DHCP server in Windows. TFTP is from tftpd.exe, the TFTP server daemon,
which is present only on Server operating systems. Typically TFTP isn't running
unless you've installed RIS, so again, you probably have nothing to disable.
This list is oddly specific. Why are you asking about them? I'm curious --
is this the output of some vulnerability scanner you ran?
Steve Riley
steriley@microsoft.com
> Dear all,
>
> Does anybody knows how to disable any of the following TCP/IP services
> on
> Windows NT/2000:
> ECHO, CHARGEN, RSTAT, TFTP, RWALL, RUSER, DISCARD, DAYTIME, BOOTPS,
> FINGER,
> SPRAYD, PCNFSD
> I guess i could block the according port for each one, but there must
> be any other way to do it...
>
> Thanks for any suggest..
> Daniel