W_K 1 Posted September 20, 2015 Share Posted September 20, 2015 Hello, I would like to know which windows processes and their ports are secure. Today I opened the Zone & Rule Editor and there were way too many entries, some programs that are no longer installed, duplicates, etc. So I cleaned up the list and set up Zones and Rules for my browsers, mail client and various programs. My firewall is in interactive mode, thus ESS reports any new/unknown communication. So far the only process I have been asked for while browsing is SVCHOST Since this is a very generic service that includes many processes and protocols I don't exactly know to deal with it. Many users in other forums wrote that this process should be given full permission on anything. I am not sure about that, so this is how I set it up: Application: C:\Windows\System32\svchost.exe (Host Process for Windows Services) Allow: Out TCP&UDP Local Ports: 80 (HTTP), 443 (HTTPs) Now my questions: 1. how should I set up the rule for svchost.exe 2. what other processes are safe to allow and how should they be set up (direction, ports, etc.) Thank you in advance kind regards Pete Link to comment Share on other sites More sharing options...
ESET Moderators TomasP 318 Posted September 21, 2015 ESET Moderators Share Posted September 21, 2015 Hello, You should keep the predefined list of the rules as it allows for a safe and troublefree user experience. If you still want to define it yourself, I would generally trust processes digitally signed by Microsoft. In addition, you can set your own rules for the applications you installed. Link to comment Share on other sites More sharing options...
Recommended Posts