What type of applications need "allow IP in"?

I mean, as a general rule, what type of applications need to be allowed in “IP in”?
What does “allow IP in” mean?

I use eMule and I understand that p2p applications need that rule to be set because, let’s say, “some PC” needs to “contact” me (via TCP or UDP) to let me know that he/it needs a particular file that i am sharing and so I need to let that connection “in” to let my PC and his PC communicate.

But, is “allow IP in” only useful for p2p applications (eMule, torrent) or is it useful for other?

Can we say that, apart from this kind of application, a good rule is never allow “IP in”?
What do I risk allowing “IP in” for a “malicious application”?

Strictly speaking there are no applications that need ‘IP’ in or out, as all applications use just one or more or the available transport protocols in conjunction with IP, which is a network layer protocol. IP is actually a protocol - Internet Protocol - and is part of the TCP/IP suite of protocols, under CIS, however, it can be use to indicate any of the available protocols or a specific protocol.

With regard to applications that need specific rules for inbound access, typically these are ‘server’ type applications, such as web/ftp, print/file, p2p, media etc. When creating Global rules for these types of application, it helps to need to know which transport/network protocol(s) - they typically use. For example, If you run a web server, people will need to connect to that server over TCP. When you create rules to allow others on your LAN access to files and printers, you need to allow TCP, UDP and ICMP. Psp applications use both TCP and UDP.

Thanks :-TU

So in a “standard and standalone PC” with no p2p programs, or shared files/printers or LANs, no particular use as server, etc. etc. any request about an “IP in” connection (system, svchost, or other system files) should be regarded as very suspicious?

I’d need to know more about the request to comment.

OK, so let us be more specific and make a practical example.

I am playing a game, Trackmania United that is a “racing cars” online game.
I have Trackmania.exe on my PC and I play against other users.
The track, we are driving on, is on a server.

Does the server need to make “TCP in” connections with me? No.
I have no requests by the server. I play regularly, make my time, my time is taken into account for the online “time list”.

At a certain point I read a message “trackmania.exe is receiving a TCP connection from … etc. etc. etc.”

What does it mean?

The question is simpler than you think :wink: (that’s why I posted it in this “General” section of the Board)

I am a newbie
Why does a program try to connect to my PC?
What can he do if I allow that connection?

If I allow the incoming connection to trackmania.exe, does it mean that the “external IP” (=whoever is connected to that IP address) can enter my PC exploiting what trackmania.exe allows him to do?

Can the “external IP” only use the functions pertaining to the program that is receiving that “IP in” connection?

Trackmania appears to contain a ‘car sharing’ capability the runs over a p2p type link on port 2350, which I imagine is what you’re seeing.

Why does a program try to connect to my PC?

You need to find out the program requirements. a number of games use p2p type capabilities.

What can he do if I allow that connection?

Not a great deal, as the only process people will be able to connect to is the one listening on that port.

If I allow the incoming connection to trackmania.exe, does it mean that the "external IP" (=whoever is connected to that IP address) can enter my PC exploiting what trackmania.exe allows him to do?

See above.