Blocking svchost.exe to all IP except and

Hi was Looking Connection Stats and svchost.exe

connecting to some IP other than

i want to block all IP except and and windows update websites

my question is;

  1. how to i create a rule in comodo firewall to block everything except that IP address above?

  2. In Component Control Rules there are some files that have spam like company names do i block it?

and sorry for my English as i am from Italy and not much know English (:KWL)

Sorry and I Got 1 Moo Question :BNC

Comodo is in which country Based?

I meant where Comodo Inc Base???

Check out this site for more info about Comodo

If you choose to block svchost.exe in this way, you may end up blocking your internet connection as well, since svchost.exe is used to obtain and maintain your connectivity through DNS and DHCP.

What you want CAN be done, though. You will want to create two rules in Application Monitor for svchost.exe, parent of services.exe.

The first rule will be:

Application: svchost.exe (browse to location)
Parent: services.exe (browse to location)
Action: Allow
Protocol: TCP/UDP
Direction In/Out
Destination IP: the microsoft site, IP range, or hostname you want to allow
Destination Port: Any

The 2nd rule will be:

App: svchost.exe
Parent: services.exe
Action: Block
Protocol: TCP/UDP
Direction: In/Out
Destination IP: Exception(not the following): The same info as for the above rule
Destination Port: Any

You may also want to go to Security/Advanced/Miscellenous, and uncheck the box “Do not show alerts for applicatiosn certified by Comodo.” This will make sure that you receive popups for anything that svchost (or any other application on the Safelist). Be aware,though, that this will greatly increase the number of alerts you receive.


PS: Welcome to the forums!

2nd Rule

I got no Exception Option In the Destination IP

You should have EXCLUDE option.

My apologies; I was working from memory at the time. The correct option, as hilmi notes, is “Exclude” rather than “Exception.”