I have problems understanding whether I should allow svchost.exe to do all kinds of connections or whether I should give it specific rules. The same goes for the “System” file group.
I know that svchost.exe needs to access port 53 (DNS), so that one is pretty clear. But should I allow it everything or should I create specific rules for these categories?
I’d appreciate a temporary rule-set if anyone have one?