This chapter covered Windows services in detail. It began by discussion why services need to be tightened. Services often run in the context of highly privileged service accounts, such as LocalSystem. If attackers can buffer overflow a service, they usually end up with complete control of the machine. This chapter also discussed which services can be disabled and which must be left enabled on a service-by-service basis. Any unneeded service should be removed or disabled, and any remaining services should be tightened if possible. Chapter 8 covers the IP Security protocol.