2.1. Task 2.1: Managing Services

Several attack vectors are aimed at exploiting system services. Services are applications and processes that run at system startup. These services perform many beneficial tasks, such as the Server service (File and Printer Sharing), or the World Wide Web Publishing service, required to run a web server.

Services open doorways, or ports, into a system. It is through these open ports that an attacker can attempt to penetrate your system with known, potential exploits.

Another attack vector on services is aimed at privilege escalation. All processes, including services, must run under the context of a user account. These services have an associated user account that is granted rights and permissions (known as

Get Security Administrator Street Smarts: A Real World Guide to CompTIA Security+™ Skills, Second Edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.