I would like to know which windows processes and their ports are secure.
Today I opened the Zone & Rule Editor and there were way too many entries, some programs that are no longer installed, duplicates, etc. So I cleaned up the list and set up Zones and Rules for my browsers, mail client and various programs.
My firewall is in interactive mode, thus ESS reports any new/unknown communication.
So far the only process I have been asked for while browsing is SVCHOST
Since this is a very generic service that includes many processes and protocols I don't exactly know to deal with it.
Many users in other forums wrote that this process should be given full permission on anything.
I am not sure about that, so this is how I set it up:
Application: C:\Windows\System32\svchost.exe (Host Process for Windows Services)
Allow: Out TCP&UDP
Local Ports: 80 (HTTP), 443 (HTTPs)
Now my questions:
1. how should I set up the rule for svchost.exe
2. what other processes are safe to allow and how should they be set up (direction, ports, etc.)
Thank you in advance