Hello Comodo Team and Comodo Community,
I’ve come to the forums looking for assistance about svchost.exe. My question is how should me and others deal with svchost when we get alerts for connection requests from it? Is there a rule setup to help CIS users in dealing with svchost?
I’ve had a couple connection requests recently, a couple were to port 123
18.104.22.168 - China Telecom Zhejiang
This one tried to connect to port 123 and 1900
22.214.171.124 - Hurricane Electric
Here’s a random IP that tried to connect…
126.96.36.199 - Singlehop