• RSS
  • Twitter
  • FaceBook

Security Forums

Log in

FAQ | Search | Usergroups | Profile | Register | RSS | Posting Guidelines | Recent Posts

Svchost

Users browsing this topic:0 Security Fans, 0 Stealth Security Fans
Registered Security Fans: None
Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> Spyware // Adware // Trojans Discussion

View previous topic :: View next topic  
Author Message
Venom
Just Arrived
Just Arrived


Joined: 10 Apr 2009
Posts: 0


Offline

PostPosted: Fri Apr 10, 2009 12:06 pm    Post subject: Svchost Reply with quote

I would really like to know, why has svchost.exe been for so long dismissed as not a security hole in Windows, when any program can use svchost.exe to send information over the internet ?
I have been suspicious of svchost for a long time but everytime I looked it up on security forums the usual answer would be oh thats just a neccessary part of Windows its fine to allow that to access the internet.
Well all for all those years I was using XP I really didnt think so and at long last, I discovered in the help file in Windows Vista firewall, Microsoft advises against making a rule to allow svchost.exe through its firewall as that would be a security hole.
In Vista's firewall you have the options to allow each individual service that uses svchost, internet access, only when neccessary without giving svchost.exe itself actual internet access.
Well how about that, all those years all those millions of people letting svchost open all those connections to the internet not really knowing why, just that on forums people say oh yea thats ok its part of Windows.
So now it is apparent svchost should not be allowed through a firewall, what about all the XP users who have no choice but to either block svchost altogether thereby interfering with all kinds of functionality, or just resign themselves to the fact that for all their trouble buying internet security products, they just gonna have to allow svchost.exe internet access and let any malware that wants to send information over the internet to do so by calling a windows service to do it via svchost?
Likewise all the Vista users who havent yet figured out how to set up outbound packet filtering rules and is using a half assed firewall solution like zone alarm which asks "do you want to allow svchost to access the internet yes no ?" They cant say no without blocking neccessary functionality either.
Back to top
View user's profile Send private message
Display posts from previous:   

Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> Spyware // Adware // Trojans Discussion All times are GMT + 2 Hours
Page 1 of 1


 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

Community Area

Log in | Register