Turn Off Unnecessary Services
ON THIS PAGE:
When talking about computers, "services" generally refer to programs that listen for and respond to network traffic. Other services allow direct access to your computer. Examples include:
- Web servers, file servers, FTP servers, email and proxy servers
- Remote access programs such as Remote Desktop
- Open ports
- Allowing others open access to your computer and your files (this includes guest accounts, which shold be disabled)
- Many computer break-ins are a result of people taking advantage of security holes or problems with these programs.
- The more services that are running on your computer, the more opportunities there are for others to use them, break into or take control of your computer through them.
If you need assistance determining what services your computer is running or determining whether they are appropriate, contact the ITS Support Center.
In general, services are necessary if:
- There's a clear University business or educational need for them
- They are generally appropriate given your role at the University
- They don't allow anonymous access or guest access to your computer or files unless there is a specific business need to do so (this is normally controlled with file sharing settings)
- Introduce a security risk
- Interfere with other University resources or the network
- Create an excessive burden on campus infrastructure or resources
Services creating any of the harmful conditions above are subject to blocking or disconnection from the campus network per ITS' Procedures for Blocking Network Access.
A specific example of an unnecessary, and frequently disruptive service that must be disabled is open recursive DNS service. An open recursive DNS server is one which allows recursive DNS queries to be issued from off campus. Attackers can use open recursive DNS to flood a target system with DNS response traffic. This is called an amplification attack and is a type of Distributed Denial of Service (DDoS) attack. UC Santa Cruz DNS has been used in this type of attack.
To prevent the use of UCSC servers in these attacks, UCSC system administrators must disable open recursive DNS services. Any open recursive server identified on the campus network will be considered a security risk subject to immediate disconnection per ITS' Procedures for Blocking Network Access.
The ITS Network Operations Center operates a set of highly reliable, fast, and secure recursive name servers, and we recommend all campus users make use of these systems rather than local, departmental versions of the same. These servers are:
- ns1.ucsc.edu (22.214.171.124)
- ns2.ucsc.edu (126.96.36.199)
If you believe you need to run a non-open, recursive DNS service and cannot use the servers ITS offers, please be sure to follow the advice given in: https://www.us-cert.gov/ncas/alerts/TA13-088A
If you have any questions about this requirement, please contact email@example.com
- Disable Bluetooth, wireless & IrDA (infrared) when you're not actively using them
- Periodically go through the device's list of allowed wireless services and delete ones no longer needed (usually found under network, wireless, or airport settings)
- Set your device to "ask" before connecting to unknown wireless networks
- Disable or remove applications (apps) and plug-ins that you don't actively use
- Contact the ITS Support Center if you would like your computer configured to meet these requirements. If you have questions, contact the Support Center or your ITS Divisional Liaison.
- Contact firstname.lastname@example.org with questions about DNS requirements.
Rev. Nov 2014