Hi all,
I have noticed that in my application monitor, that alg.exe, svchost.exe, and “system” all have several rules created for them, and I would like to tighten them up. (remove as many as possible)
I have been told elsewhere that I can just disable alg.exe as I don’t use windows firewall (duh) or ICS (not too sure what that is, or whether indeed I need it - what is it? under what circumstances would I need it?)
svchost apparently needs access to windows update, dns lookups, and DHCP.
I’ve had no response as to whether “system” actually needs to access the internet.
Therefore, I thought that perhaps the “horses mouth” was the best place to come :BNC
So, if someone can answer the following, I’d be really grateful.
-
what is ICS? what is it used for, and under what circumstances is it needed to run / access internet?
-
re svchost, what are the actual rules I’d need to set in order to allow only windows update, dns lookups, and dhcp? (Please note: I’m a bit of a dummy when it comes to network type stuff, so please explain in “eeejit speak”)
2a) would the implementation of the above rules only for svchost then stop all the “xxx.exe may be using svchost to connect to the internet”, if scvhost can contact only the above mentioned?
2aI) would one rule for svchost.exe stating “allow (windows update, dns, dhcp) ip’s” followed by a rule allow [exclude ie not the choice below] (any) have the desired effect in stopping communication outside of those addresses without any popups? Or would it just break svchosts access altogether?
( I did say I was a dummy at this stuff)
- does “system” actually need internet access? If so, what for?
Thanks (R)
Microsoft use a variety of different servers to supply downloads and also different geographical locations, for load balancing. Some of the URLs are: