I’m trying the latest CIS free version under Win Vista SP1 patched to latest level and I found something weird in firewall events:
when blocking e.g. UDP communication it is writing as application “Windows Operating System”. Is there a way how to find out which executable is being blocked (as log with this kind of application description is not usable at all)?
please see the screenshot. it looks like it is not communicating with wouter …1 only, but also with other PCs. SO I’m confused why it writes out for IP where is …2 or …3 Windows operating system