*** Extra info: I wouldn't advise diabling the POSIX subsystem. It can come in handy for claiming back a system that has been compromised, in that it can be used to counter hacker-attempts to protect files by using reserved filenames. *** *** Update: I removed the "6.3" section regarding DCOM because it is partially inaccurate *** source: http://www.intersectalliance.com/projects/WinNTConfig/WinNTConfig-6.0.html Windows NT supports a limited number of subsystems, which are groups of utilities which add certain extra capabilities to the NT server or workstation. Unfortunately, the subsystems can also degrade existing NT security, or introduce new security vulnerabilities. 6.1 OS/2 Subsystem The OS/2 Subsystem is required if the server needs to significantly interact with OS/2 Clients. The subsystem introduces a security risk relating to processes which can potentially persist across logins. ie: if a user starts a process then logs out, there is a potential for that process to be accessed by the next user who logs into the system. As the process was started by the first user, it retains that users system privileges. To disable the OS/2 Subsystem, delete the following registry key: Hive: HKEY_LOCAL_MACHINE\SYSTEM Key: CurrentControlSet\Control\Session Manager\SubSystems Name: Os2 6.2 POSIX Subsystem The POSIX Subsystem modifies the Windows NT installation to provide a closer approximation to POSIX standards compliance. Unfortunately, because Windows NT was not designed with POSIX compliance in mind, applications which access files do not generally understand that filenames with different case may be totally separate and distinct files, as opposed to the default Windows NT behavior of assuming the names "TestFile.EXE" and "testfile.EXE" refer to identical files. This feature may allow a user to create a lower-case file within the system path that may be accessed prior to the intended legitimate system file. In other words, the POSIX subsystem makes it possible to create a file with a lower case name which will be found in a search path prior to a file with an upper case name. If the POSIX subsystem needs to be installed, the directory access control modifications identified above for the system root directory tree may reduce the risk somewhat, but similar protections should probably be applied for all directories in the default system and user PATH configuration. To disable the POSIX Subsystem, delete the following registry key: Hive: HKEY_LOCAL_MACHINE\SYSTEM Key: CurrentControlSet\Control\Session Manager\SubSystems Name: Posix