| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 47818 | 2004-08-06 12:12:00 | Should I allow this program in ?(Firewalled) | BobM (1138) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 258899 | 2004-08-07 01:33:00 | Thanks for the feedback, using Sygate (free). My humble apologies it is sVchost not sy. I checked it out with Google and it doesn't appear to be a threat,I think Susan B may be correct as to what is happening, Thanks again. |
BobM (1138) | ||
| 258900 | 2004-08-07 02:02:00 | Checking again, each time I get this request it is from a different remote machine number which I guess it wouldn't be if it was an update | BobM (1138) | ||
| 258901 | 2004-08-08 09:34:00 | Hi, I got the very same thing after starting up my new XP program and installing the current version of Zonelarm. I denied access to Generic Host and this is what followed as near as I can remember. That night I noticed the Zonealarm icon was churning away when nothing was running online. I took a look at the Zonealarm overview page and at the top of the page where running programs are shown as little icons there were two little grey icons representing Generic Host Processes etc. one of which was busily flashing away. On the next startup I was notified that there were some patches etc ready to be installed. In the end I said yes and the stuff was installed. I continued to deny access to the downloads every night but was ignored and the downloads continued. Finally I went into ZA and put crosses in every box for Generic Host etc. and relaxed..until the next day when I went to go online and couldn't. Connection to Clear was ok but that was all. No browser..no e-mail..no news groups. After suffering one of those cold sweats, I went back int ZA and took out all of the crosses against Generic Host and bingo. back in business. So it seems that I have lost a bit of control over my machine. There was an option to look at what the downloads were and they looked like a collection of MS patches. Maybe it's time for another firewall..a shame because I've been very comfortable with ZA. One other thing...I have a vague memory of seeing a note somewhere during the install of ZA to the effect that ZA have some sort of agreement with MS but I can't be specific about that. Any more opinions on this would be welcoe....Cheers Ken. |
paradox (1082) | ||
| 258902 | 2004-08-08 11:22:00 | > I checked it out with Google and it doesn't appear to be a threat I would disallow that one from coming in if it were me . What I do is keep my svchost . exe blocked with my Outpost firewall until I hear of updates being available or decide to check myself, either by allowing svchost . exe to run and watch where it goes or by going to the MS Update page and having a look . Paradox: It is strange that you lost access to the internet after blocking all your generic host processes . That must confirm what tweak'e said but I haven't experienced that myself with Outpost nor Kerio . Have not used ZA for years . It is a bit of a mystery really, because I cannot see any generic host processes or svchost . exe things in my logs that might indicate that Outpost is allowing the essential ones to run in order for me to get on the internet . Maybe Kerio and Outpost just "do it" and don't record it? You could try experimenting by blocking them all then allowing each one by one to see which is required to get on the internet and which ones to block to prevent the updates, just out of interest . :-) |
Susan B (19) | ||
| 258903 | 2004-08-08 11:46:00 | svchost is used by a few MS processes. not sure if blocking it will effect users of external adsl modems. however ZA lets it through and disallows sever by deafult. every time i have tried to connect (dailup) with svchost block i found i could not connect to the isp. | tweak'e (174) | ||
| 258904 | 2004-08-08 13:49:00 | Why not make life easy for yourself and just allow windows components access? I do and have never regretted it. Vince | Vince (406) | ||
| 258905 | 2004-08-08 14:16:00 | Vince unless there is a reason eg Kaaza you don't want remote PC automatically connecting to your PC so it is better blocked. Turn off any services you do not require and this will stop some traffic. |
mikebartnz (21) | ||
| 258906 | 2004-08-08 14:23:00 | >Paradox: It is strange that you lost access to the internet after blocking all your generic host processes. I have a feeling that it is to do with certain services running. |
mikebartnz (21) | ||
| 258907 | 2004-08-08 14:39:00 | I'm using Kerio as well Susan. I found that if you block all Microsoft services (including svchost, lsass, winlogon) from accessing the net, you can continue on as normal without any problems so far. Haven't tried it with Windows update or anything yet, but looks good so far. I'm on a router with Woosh. | kiki (762) | ||
| 258908 | 2004-08-08 16:27:00 | > Vince unless there is a reason eg Kaaza you don't > want remote PC automatically connecting to your PC so > it is better blocked. > Turn off any services you do not require and this > will stop some traffic. I didn't write that well. I was making bread by hand and had to go and give it it's second kneading at the time. I don't allow server rights to anything, but permit Windows components access to the net to keep them happy. I find that something like Windows Explorer or the Calculator?! will ask once and be happy with one time permission even if I'm not online at the time!? I give them a"?" in Zone Alarms 'Program Control' and they never seem to ask again, or seldom at least. Vince |
Vince (406) | ||
| 1 2 | |||||