Hi, for some weird reason CIS FW always asks for permission on svchost.exe. I currently have utorrent running (with 257 torrents… 4 are only active with ~10kbit/s upload & download) and CIS shows me 421 outbound & 50 inbound connections. 90% of that is done by svchost.exe & utorrent.exe.
On my laptop I have uTorrent running as well with CIS FW… it’s just 10 inbound connections and 3 outbound connections (4 total torrents and 1 active one). svchost.exe has’t even one open connection.
Why are there so many on my home-server?
No svchost.exe rule-set… never had one and never needed one… it’s a trusted process which CIS handles itself?
It’s pretty much the same configuration as on my laptop… still my home-server has like 400-500 connections opened and my laptop only 20-50.
Thanks
@edit: Could I simply block the svchost.exe and just allow certain port which it will need on windows 7 prof x64? If yes, which ports should I allow?
Ye I already saw those topics. The weird thing is: On my laptop I have IPv6 enabled as well but still won’t get 200 svchost.exe connections ?
btw I always used this guide for creating the utorrent.exe rule:
https://forums.comodo.com/guides-cis/firewall-tutorial-for-utorrent-with-comodo-internet-security-t15677.0.html
It allows less ports than guide you linked (port 1-1024 are disallowed) but the rest should be the same?
Thanks
@edit: uTorrent offers an option (in “advanced”) to disable incoming IPv6… I guess this won’t have any effect as my problem is an outgoing connection ?
You could always download CurrPorts or Process Hacker where it shows the individual hosted processes that are in use. Doing this will show you the real service behind the connections.
btw I always used this guide for creating the utorrent.exe rule:
https://forums.comodo.com/guides-cis/firewall-tutorial-for-utorrent-with-comodo-internet-security-t15677.0.html
It allows less ports than guide you linked (port 1-1024 are disallowed) but the rest should be the same?
I do actually stipulate not using privileged ports for outbound connections in that tutorial, and I could update it for inbound as well.
[at]edit: uTorrent offers an option (in "advanced") to disable incoming IPv6.. I guess this won't have any effect as my problem is an outgoing connection ?
I don’t believer net.disable_ipv6 will do what you believe. If you want to disable tunneling (it is reversible) use the method i describe in the links above.
