settings for system and svchost

hello community,

up to some days i had installed the sunbelt firewall…

Now, I tried COMODO! a great firewall…

are these settings (system and svchost) ok?

Thanks

[attachment deleted by admin]

Mine is actually just set to custom. SVChost is part of Windows. My rules says “allow IP in From IP To IP Any Where Protocol IS Any”.

Whats with the System entry. I have mine blocked and was told to. I actually have no idea what that entry is.

the system entrys are trusted network zones.

nvidia and virtual dvb-s are these trusted zones.

incoming connections for system and svchost.exe should be blocked unless the source is known to be safe (e.g. from your trusted network)

i thought “Block and Log all unmatching Requests” will do this!?

so incoming requests for system and svchost.exe will be blocked with my settings

ok think this setting ist secure!?

“Allow UDP out From Ip any to ip 192.168.172.1 where source port is any and destination port is 53”
IP 192.168.172.1 is my router…

Do you confirm that these setting is secure?

This relies on the security of the DNS server obtained automatically by your router through your connection. Better is to define a set of trusted DNS servers under “my network zones”. Call them DNS, for example, use them in your NIC instead of whatever your ISP might give you, and change the rule to:
allow/udp/out/any/DNS/any/53
If you never connect wirelessly away from your ISP and are sure they will never be hacked, trusting them if fine. :slight_smile:
But your inbound response is allowed by the SPI rules in CFP3 no matter what the server.

Yes, it does. I was replying to Vettetech.

??? (:SHY)

kann jemand auf deutsch weiterhelfen?
Post kann dann auch ins deutsche Forum verschoben werden.

edit: Do you confirm that my setting is secure?