This article was previously published under Q189271
The following list outlines which services are required, as well as thosethat are NOT required, and those that MAY be required, to run InternetInformation Server (IIS) version 4.0 on a secure server. Your particularnetwork or system configuration can change some of the parameters. Forexample, some intranets require WINS and DHCP.
The more services running on a computer, the more entry points theremay be available to malicious attack. A service is a potential entry pointbecause it processes client requests. To help reduce this risk, you shoulddisable unnecessary system services.
NOTE: This is an abridged version of the contents of the security chapterfrom the Internet Information Server 4.0 Resource Kit.
IIS Admin Service
License Logging Service
Remote Procedure Call (RPC) Service
Windows NT Server or Windows NT Workstation
Windows NTLM Security Support Provider
World Wide Web Publishing Service
May Be Required
Certificate Authority (required to issue certificates)
Content Index (required if using Index Server)
FTP Publishing Service (required if using FTP service; it's highly recommended that FTP and Web services run on different servers)
NNTP Service (required if using NNTP Service)
Plug and Play (recommended, but not required)
Remote Access Services (required if you use dial-up access)
RPC Locator (required if doing remote administration)
Server Service (can be disabled, but required to run User Manager)
SMTP Service (required if using SMTP Service)
Telephony Service (required if access is by dial-up connection)
Uninterruptible Power Supply (UPS) (optional; but it is recommended that you use a UPS)
Workstation (optional; important if you have UNC virtual roots)
Not Required by Most Installations
Network DDE & Network DDE DSDM
Network Monitor Agent
NWLink IPX/SPX Compatible Transport (not required unless you don't have TCP/IP or another transport)
Simple TCP/IP Services
TCP/IP NetBIOS Helper
WINS Client (TCP/IP)
Additional recommendation: Do not install application software ordevelopment tools on your server.