I've found TheElderGeek.com's guide to services useful.
My definition of svchost.exe is that it's a process which supports plug-in service DLLs. You see multiple svchost processes to mitigate the effects if one service running in a host process crashes, and so that different services can run using different credentials (and hence privileges).
Currently I have six svchosts running, three of which run as LocalSystem, two as Network Service and one as Local Service. One of the LocalSystem hosts is running Terminal Services and DCOM Launcher; another is running HTTP SSL for the HTTP.SYS driver (new in Server 2003 and XP SP2); the third runs most other services. One of the Network Service hosts runs RPCSS, the Remote Procedure Call subsystem while the other runs DNS Client. Finally the Local Service host runs the TCP NetBIOS Helper, the Remote Registry service, the Universal Plug-and-Play listener, and the WebDAV client.
'Scuse me, just going to turn off Remote Registry, I don't need that.
No comments:
Post a Comment