|
Register | FAQ | Calendar | Search | Today's Posts | Mark Forums Read |
![]() |
|
Thread Tools | Display Modes |
#2
|
||||
|
||||
![]()
LSASS = Local Security Authentication Server Something
![]() It basically handles requests generated by WinLogon and calls the relevant authentication package for the object you are trying to use. Your user profile is then granted access and stored in a security certificate/access token which in turn will be handed to the object requesting authentication. It's really an NT thing, but seems to have crossed the home user path too now that XP is in wide use. Apparently reinstalling service packs can be of use for some reasons....not sure why to be honest. Have you tried limiting what you actually have running in the sys tray? messenger etc may well cause an increase in CPU usage by LSASS. 'Slo
__________________
![]() ![]() |
#4
|
|||
|
|||
![]() Hi
![]() LSASS.exe is responsible for running certain groups of drivers (.dlls) associated with several background services in windows xp. If this file is using a lot of cpu reserve it is probably because it is sitting on quite a few .dlls whilst attempting to launch one or two services. The only way to contol the services that windows runs in the background is to roll up your sleeves and get under the bonnet and configure them one by one You'll find them here: Control Panel / Administrative Tools / double click the last icon "Services" Expand the page to get a clearer view then click once on the first icon "Alerter". In the left hand panel will be a description of what this service does. Now right click the icon and choose "Properties" from the drop down menu, in the center panel next to "Startup type:" is a drop down allowing you to set it to one of three modes, it is here that you can configure each service in turn. here's a tip: LSASS.exe runs Netlogon which on a home pc you should really dissable - unless of course you actually do have your own Domain!! I can post the list of settings that I use but it will take at least 3 posts and I'm not sure if that's permitted? please advise... ![]() ![]() ![]() |
#6
|
|||
|
|||
![]() Just checked mine whilst online it's using 892kb memory 0% cpu
![]() If you use a PC at home and you are NOT on a LAN (network linked to other computers) and you do NOT live in the USA it is perfectly safe to set the following Services in WindowsXP to: Disabled Application Layer Gateway Service Automatic Updates Background Intelligent Transfer Service ClipBook Computer Browser Distributed Link Tracking Client Distributed Transaction Coordinator Error Reporting Service Help and Support Indexing Service Internet Connection Firewall (ICF) / Internet Connection Sharing (ICS) MS Software Shadow Copy Provider Net Logon NetMeeting Remote Desktop Sharing Network DDE Network DDE DSDM Network Location Awareness (NLA) NVIDIA Driver Helper Service Performance Logs and Alerts Portable Media Serial Number QoS RSVP Remote Registry Routing and Remote Access Server SSDP Discovery Service Telnet Terminal Services Uninterruptible Power Supply Volume Shadow Copy Windows Time Windows Zero Configuration You may not have all of these, I am running XP Pro SP1. You will however notice a performance increase if you disable them! ![]() ![]() ![]() |
#7
|
||||
|
||||
![]()
Well, I'm on ADSL and I have a Home Network (up to 8 PC's at any one time) but, even if I had a dial-up I would certainly leave Internet Connection Firewall (ICF) unless I had something similar running. As to the others, some ARE at your discretion, others I just don't know about.
__________________
GEM ![]() |
#8
|
|||
|
|||
![]() Hehe
![]() Oops sorry! I suppose although Windows firewall is about as useful as a chocolate tea pot it's better than nothing... I use ZoneAlarm Pro with my own configuration which makes my machine undetectable (stealth mode). Also I never go online unless I'm hiding my IP behind a proxy server (if you can see it, you have noticed it doesn't read the usual 62.64. ![]() ![]() I need to post the full list of service configs with their descriptions... is that ok? ![]() ![]() |
#9
|
|||
|
|||
![]() This is a guide for information only with plain english descriptions of the services real function. Please make your own mind up over which services to disable on your system.
Alerter Function - Good for big brother corporate networks. Home PCs do not need to send/receive administrative alerts. home PC - Manual - Application Layer Gateway Service Function - Good if the system is a gateway/client on a NAT LAN, also (attempts to) protect nasty script kiddies from turning you and your friends' computers into their pawns in the quest for world domination. XP's Firewall is about as useful as a chocolate Teapot. Disable this service unless you are on a home LAN and use Microsoft's Internet Connection Sharing. home PC - Disabled - Application Management Function - Provides software installation services such as Assign, Publish, and Remove. home PC - Manual - Automatic Updates Function - Allows Windows XP free reign to contact the Microsoft servers and download a whole host of "critical" updates. No thanks Bill, think I can connect to WindowsUpdate by myself home PC - Disabled - Background Intelligent Transfer Service Function - A sneaky way of doing Automatic Updates - Windows XP will judge whether you are using your bandwidth or just sat there motionless looking at your screen. If not it will happily download away. home PC - Disabled - ClipBook Function - "exactly what it says on the tin" Why do you want to share your random cut'n'pastes with your fellow LAN chums? If you feel this is an important contribution to your life leave it on Manual. Otherwise kill this resource eating service! home PC - Disabled - COM+ Event System Function - Kind of like a communication method between different modules in Windows. home PC - Manual - COM+ System Application Function - If COM+ Event System is the car then this service is the driver home PC - Manual - Computer Browser Function - Like it says, needed to keep tracks of computers on your network. If you're on a LAN, leave it to manual, if you're a standalone system then disable it. home PC - Disabled - Cryptographic Services Function - Among other things, this service authenticates WHQL drivers (i.e. for graphics cards) home PC - Manual - DHCP Client Function - Under Windows managed networks DCHP is useful in assigning IP/DNS addresses. home PC - Manual - Distributed Link Tracking Client Function - Good for databases that rely on networked files for updating. Do you share files that lots of people work on? Do you even use NTFS as a home user? home PC - Disabled - Distributed Transaction Coordinator Function - Related to Distributed Link Tracking Client The service sounds like a job title for a pointless middle manager somewhere. For home users it's the same story for our Distributed Transaction Coordinator; going nowhere fast. home PC - Disabled - DNS Client Function - Needed by windows home PC - Automatic - Error Reporting Service Function - When something crashes (quite frequently) and Windows pops up and advises you to tell Microsoft all about it, that is the fruit of this service's loins. One of my pet hates, If something crashes I will scream at the monitor and stamp my feet as I please; I don't need to tell Microsoft that I'm doing it. home PC - Disabled - Event Log Function - Exactly what it says on the tin home PC - Manual - Fast User Switching Compatibility Function - For home users this functions as "switch user" when the logoff option is used. If you want it you can have it. home PC - Manual - Help and Support Function - Description is self-explanitory home PC - Disabled - Human Interface Device Access Function - allows you to use a usb mouse/keyboard in Windows. If you have one set this to automatic home PC - Disabled - IMAPI CD-Burning COM Service Function - Controls the in-built CD-burning software in XP If you don't use the in-built software then disable the service. Incidentally disabling this makes NERO Burning ROM open quicker. home PC - Disabled - Indexing Service Function - Works like an advanced search feature. This can search through files and index keywords for rapid searching. Thanks, but no thanks. If I want to search I will use the "dog feature". Recommended for home PC - Disabled - Internet Connection Firewall (ICF) / Internet Connection Sharing (ICS) Function - Related to Application Layer Gateway Service home PC - Disabled - IPSEC Services Function - Authenticates hosts before transfer of data, Encryption of IP traffic, Prevention of reply attacks home PC - Manual - Logical Disk Manager Function - Updates records to do with hard disk volumes. home PC - Automatic - Logical Disk Manager Administrative Service Function - Related to Logical Disk Manager it is infrequently used home PC - Manual - Messenger Function - Allows network administrators the ability to pop a little prompt on your screen with information. Although hilarious for the first 25 seconds in forcing your non-computer literate friends to think their machine has been hacked into this service is pretty much pointless. home PC - Disabled - MS Software Shadow Copy Provider Function - Like the man said, it allows shadow copying. home PC - Disabled - Net Logon Function - Domain Authentication, if you have a Domain home PC - Disabled - NetMeeting Remote Desktop Sharing Function - Why use the bloated netmeeting when VNC does it about 10 times faster and is free? Recommended for home PC - Disabled - Network Connections Function - Controls your internet connection details basically. home PC - Manual - Network DDE Function - DDE functions are usually restricted to business applications. home PC - Disabled - Network DDE DSDM Function - Related to Network DDE home PC - Disabled - Network Location Awareness (NLA) Function - Installation of some hardware requires usage of RPC. home PC - Manual - NVIDIA Driver Helper Service Function - Provides help and support for NVIDIA graphics cards. Disabling this service seems to significantly reduce the time Windows XP takes to shut down. home PC - Disabled - Performance Logs and Alerts Function - Hardly useful for a home PC now is it? Unless they start assigning the equivalent of 3DMarks I doubt anyone is really interested. home PC - Disabled - Plug and Play Function - Commonly referred to as Plug'n'Pray this service is perhaps one feature of Windows XP worth having. home PC - Automatic - Portable Media Serial Number Function - Quite possibly the most pointless and utterly useless service known to human kind. Why memory is allocated to the retrieval of a needless serial number from your MP3 player is beyond me and I'm sure it's a joke. home PC - Disabled - Print Spooler Function - A must if you have a printer home PC - Manual - Protected Storage Provides protected storage for sensitive data, such as private keys, to prevent access by unauthorized services, processes, or users. Function - Stop those 1337 h4X0)2 skr1p7 |<1dd135 knocking around with your files. Trouble is, if they are already past your firewall you've had it anyway. Leave on Manual just in case. home PC - Manual - QoS RSVP Function - Quality Of Service - quite useful for services that use it used for network balancing and other nifty things to make "your internet experience as wonderful as possible". Quite good then that this service eats 25% of your bandwidth doing it and hardly anything actually makes use of it. home PC - Disabled - Remote Access Auto Connection Manager Function - Makes use of embedded links in programs such as Office, also is used in autodial functions home PC - Manual - Remote Access Connection Manager Function - Involved in dial-up. home PC - Manual - Remote Desktop Help Session Manager Function - Allows incoming Remote Desktop connections. If you don't use this feature of Windows XP (Remote Desktop) then disable this service. home PC - Disabled - Remote Procedure Call (RPC) Function - Needed for some installations nice vague Microsoft description. Leave as manual. home PC - Manual - Remote Procedure Call (RPC) Locator Function - Related to Remote Procedure Call (RPC) home PC - Manual - Remote Registry Function - Allow people to modify local registry settings via remote desktop or similar. Allowing your registry to be edited remotely? Come on.... home PC - Disabled - Removable Storage Function - Zip Drives, USB pens etc... home PC - Manual - Routing and Remote Access Function - used on business networks home PC - Disabled - Secondary Logon Function - allow multiple users on one machine. home PC - Automatic - Security Accounts Manager Function - Related to Secondary Logon home PC - Automatic - Server Function - Supports file sharing and other basic LAN functions. If you're not on a network you don't need this. home PC - Disabled - Smart Card Function - If you don't use smart media, disable this service. home PC - Disabled - Smart Card Helper Function - Related to Smart Card home PC - Disabled - SSDP Discovery Service Function - UPnP = Universal Plug'n'Play If you don't have a LAN then disable this service. home PC - Disabled - System Event Notification Function - Can notify programs such as Outlook when an internet connection is established so that it can send its mail. This service manages a lot of processes home PC - Automatic - System Restore Service Function - Allows "rollback" to previous configurations in order to solve hardware/software problems. home PC - Automatic - Task Scheduler Function - Depends on the individual. Task Scheduler uses a fair amount of resources. Any program I wish to run, I run when I want, not at 4.37am on a Friday morning. home PC - Disabled - TCP/IP NetBIOS Helper Function - Helper for Internet traffic. Useful if you're fascinated by the intrinsic features of TCP/IP. home PC - Disabled - Telephony Function - it starts when a connection is made to the internet. home PC - Manual - Telnet Function - Big Security Hole - If you're not on a LAN this is well worth disabling to bounce those 13 year old hackers. home PC - Disabled - Terminal Services Function - Remote Desktop features.If you disabled Remote Desktop earlier then do the same with this. home PC - Disabled - Themes Function - Most people use the themes home PC - Automatic - Uninterruptible Power Supply Function - Most users (unless you live in California) do not have UPS backups. home PC - Disabled - Universal Plug and Play Device Host Function - You'll need this home PC - Manual - Upload Manager Function - Fundemental to Windows home PC - Automatic - Volume Shadow Copy Function - Set the same as MS Software Shadow Copy Provider home PC - Disabled - WebClient Function - Fundemental to Windows For home PC - Automatic - Windows Audio Function - Fundemental to Windows home PC - Automatic - Windows Image Acquisition (WIA) Function - In-built scanner and camera features.If you don't have a scanner/camera then disable this service. Also if you use a 3rd party image aquisition program then disable this. home PC - Disabled - Windows Management Instrumentation Function - Fundemental to Windows home PC - Automatic - Windows Management Instrumentation Driver Extensions Function - Fundemental to Windows home PC - Automatic - Windows Time Function - Fine if you need to have exactly the same time as the administrator on your network home PC - Disabled - Windows Zero Configuration Function - Wireless networking auto-configuration Wireless unless you have wireless having this resident in memory is pointless. home PC - Disabled - WMI Performance Adapter Function - Provides information about your system to system components that require it. home PC - Manual - Workstation Function - Needed by Windows to provide functionality on the internet. home PC - Automatic ![]() ![]() ![]() |
#10
|
||||
|
||||
![]() is lots of good info on what the services are and which you can turn off in XP at
http://www.blkviper.com/WinXP/service411.htm and http://www.blkviper.com/WinXP/servicecfg.htm Sil PS, also check out harden win2k most should work for XP - well let us know ! ![]() ![]() |
#14
|
|||
|
|||
![]()
AT LAST!!
I've been looking for this thread for ages.Strangley,I've disabled a lot of features that the2ndLoser considers fundamental to Windows. Shall we have a bash at revising the topic? Bloodhound,if you wanted to close some of your ports,this is an English version of the BV guide,and probably safer.. ![]() |
#16
|
||||
|
||||
![]()
see this thread is getting a few more views recently - probably because of the sasser worm exploiting lsass.exe ?
if you're having constant reboots then check a couple of threads: <thread>:lsass.exe 59 second restart and <thread>:Sasser.a & Sasser.b ![]() Sil ![]() |
#17
|
|||
|
|||
![]()
Yesterday I switched from ZA firewall to XP SP2 firewall because of some other issues I had to solve. Today lsass.exe started eating 20% of (Athlon XP 2800+) CPU time.
This was solved when I disabled firewall protection on my IE1394 (firewire) connection to an external HDD. ![]() |
![]() |
Tags |
adsl, audio, cards, connection, dns, feature, files, free, home, internet, line, make, messenger, nat, network, online, player, publish, screen, security, settings, share, sharing, software, tools, virus, windows, wireless, zero, zonealarm |
Thread Tools | |
![]() ![]() |
|
Display Modes | |
![]() ![]() ![]() |
|
|