Changed ZA settings on the recommendations of AVG

It's too ridiculous about some of the PFW(s) that are doing everything under the Sun but be some kind of FW solution.

Duane :)

There's no need to give any of those programs 'Server' rights to the Internet. I would advise just giving them normal outbound access to the Internet, not 'Server', set 'Server' to Deny. Setting Server to Allow in the Internet Zone just let's those programs listen for unsolicited inbound connections, something which they don't need and which you don't want them to have anyway, especially Svchost.Exe.

Svchost.exe is not the one that's listening. It's rather what is using Svchost.exe on its behalf that's listening and is the server program.

Svchost.exe is just the messenger and provides the means for the communications between the client and server applications. You got to know who are the client and server applications and Svchost.exe is not either one of them.

Duane :)

oh.

I have removed their "server" rights. thanks for the tip.

You have increased my heart-beats and have put a smiley. How cruel of you. :)

Now you owe me the answer of my following query as a penance.

please tell me how to find out "WHO" is using svchost.exe to listen to net?

Long

Short

There is another program called PRCview that will help you look inside a running process like Process Explorer and see what is using a given process or what's running with the process.

You can use Active Ports and you can see what's connecting on the TCP/IP and then you use PE or PRCview to see what's running with a given Svchost or any other process you see that's making connections. Yes, you should be aware what Svchost is doing, but it's doing upon the requests of other programs such as O/S programs and non O/S programs, which might be malware programs too for communications. Svchost on it's own is not going to make itself a client or a server program.

You can go ahead and make Svchost a client program as no program on your machine should be acting in a server mode for your peace of mind and you would know if you had to have a program acting in that capacity. But doing it for Svchost means nothing as it's never a program that needs client it's not either one of them. Even what I do use a personal FW, I never mess with Svchost in trying to control it, but you may not have that choice and may have to make some kind of setting with the PFW.

Duane :)

Good move.. In general, most programs don't need 'server' rights. You will know it when one does because it won't work without it. One example might be p2p apps as most of them need to be open to inbound connections.

On that, I must admit that I don't know.. Perhaps try it both ways, and if you see a substantial performance increase allowing server rights then maybe it needs it.

btw, do local servers also need that right?

I use hamster which runs its local pop3/ nntp servers. It downloads mails/news from net and supplies them by local servers to other programs (TB, xananews).

It is working without server rights, but it has recently become very-very slow.

thanks.