I have 2 systems running MSWindows Server 2003 and 2008 respectively.
I have done all the updates.
I am interested in securing them e.g. close all unneeded services.
For example my concern is that if I start shuting down services that I consider as uneedded perhaps a needed service is depended on them
and will have problems.
Is there a tool that helps on this?
E.g. that gives a report and shuts everything down taking care of the dependencies? Or is it manual effort?
Take a look at the SCW - Security Configuration Wizard. For Server 2003 SP1 and Server 2008
If you're behind a firewall you don't necessarily need to go around shutting down any services - especially if you aren't sure if they are needed or not.
Unfortunately there's no automated way of doing what you're mentioning (that I'm aware of) since it depends on what you need the server to do and what roles you'll be expecting of it.
The good news is windows server comes pretty bare bones as it is, you need to add roles to it to benefit from most of the functionality which means that so long as you don't add roles you don't need you should be fine.
Are these public facing web servers? You really should put these guys behind a good firewall regardless.
Check out the baselines from security compliance manager based on the role of your server. See http://blogs.technet.com/b/secguide/archive/2011/06/22/scm-v2-beta-new-baselines-available-to-download.aspx .