Strange seceurity warning from firewall

	Home Register Search Help Login

Sponsors

Shopping Cart Software
Ecommerce software integrated into Frontpage, Dreamweaver and Golive templates. No monthly fees and available in ASP and PHP versions.

Website Templates
We also have a wide selection of Dreamweaver, Expression Web and Frontpage templates as well as webmaster tools and CSS layouts.

Frontpage website templates
Creative Website Templates for FrontPage, Dreamweaver, Flash, SwishMax

Search Forums

Recent Posts

Todays Posts
Most Active posts
Posts since last visit
My Recent Posts
Mark posts read

Strange seceurity warning from firewall - should I be worried?

View related threads: (in this forum | in all forums)

Logged in as: Guest

Users viewing this topic: none

Printable Version

All Forums >> Community >> Computer Software and Hardware issues >> Strange seceurity warning from firewall - should I be worried?

Page: [1]


womble Posts: 5461 Joined: 3/14/2005 From: Living on the edge Status: offline	Strange seceurity warning from firewall - should I be w... - 1/23/2007 17:04:03 I'm getting some strange error messages from my newly installed firewall, ZoneAlarm (BidDefender got ditched for hogging system resources and generally slowing things down). It's only been installed about a week so it's still asking me constantly what's allowed to access the internet etc., but it's generally very well behaved. I keep getting Security Alert messages (about 20 this evening) from it though that read: quote: The firewall has blocked Internet access to your computer (ICMP Unreachable) from xxx.xxx.x.x Program: Generic Host Process for Win32 Services (xxx.xxx.x.x is the IP address of my router) This is what the ZoneAlarm site has to say about it when I click the "more info" button. Anyone any ideas what this means in plain English and is it something I should be worried about? I've scanned with AVG Anti-Spyware, Spybot S&D, NoAdware and done an In-Depth scan with NOD32, and they're all coming back clear. The router btw is a Netgear, and I've got the wireless network set up with WEP-PSK. Any ideas? _____________________________ ~~ "A cruel god ain't no god at all" ~~


ou812 Posts: 1538 Joined: 1/5/2002 From: San Diego Status: offline	RE: Strange seceurity warning from firewall - should I ... - 1/23/2007 19:38:33 I believe if you go into ZA you should find that "Generic Host Process for Win32 Services" points to a program called svchost.exe This is used by other programs on your system, and if it can't access the Internet then they won't be able either. An older article here, but I believe it still pertains: http://www.pcworld.com/article/id,103781-page,1/article.html?tk=wb110402x Oh, and I let svchost.exe have access too. _____________________________ -brian EnterpriseDB: Enterprise-class relational database management system PostgreSQL: The world's most advanced open source database (in reply to womble)


womble Posts: 5461 Joined: 3/14/2005 From: Living on the edge Status: offline	RE: Strange seceurity warning from firewall - should I ... - 1/23/2007 19:54:11 Thanks Brian - I'll check that out tomorrow when my eyes are open - just realised it's 0.50am here and I've got to be up for work at 7am in the morning... _____________________________ ~~ "A cruel god ain't no god at all" ~~ (in reply to ou812)


bobby Posts: 11394 Joined: 8/15/1969 From: Seattle WA USA Status: offline	RE: Strange seceurity warning from firewall - should I ... - 1/24/2007 0:14:06 If it's blocked access then you don't have anything to worry about... ZA is doing its job. I typically check the box not to notify me about what it blocks on the incoming side. As long as it's not getting in I don't care how often generic software apps try to latch onto my system. _____________________________ If con is the opposite of pro, is Congress the opposite of progress? (in reply to womble)


ou812 Posts: 1538 Joined: 1/5/2002 From: San Diego Status: offline	RE: Strange seceurity warning from firewall - should I ... - 1/24/2007 0:25:40 Good point, bobby. I didn't notice it said inbound from the router to the computer. If so, then yes I would at the very least make it ask me for permission! _____________________________ -brian EnterpriseDB: Enterprise-class relational database management system PostgreSQL: The world's most advanced open source database (in reply to bobby)


BobbyDouglas Posts: 5432 Joined: 5/15/2003 From: Arizona Status: offline	RE: Strange seceurity warning from firewall - should I ... - 1/24/2007 2:57:11 ZA does this kind of stuff all the time. You can pretty much ignore the popups. _____________________________ Arizona Web Design - Mr Bobs Web Design in Arizona The Arizona Web Hosting Challenge (in reply to ou812)


womble Posts: 5461 Joined: 3/14/2005 From: Living on the edge Status: offline	RE: Strange seceurity warning from firewall - should I ... - 1/24/2007 11:15:15 Thanks all. Normally I just trust my firewall to pretty much get on and do whatever it's got to do, but I was just a little concerned with the warning coming up with the IP address of my router. Next time it asks me if I want it to see the warning again I'll just tell it I don't. _____________________________ ~~ "A cruel god ain't no god at all" ~~ (in reply to BobbyDouglas)


Larry M. Posts: 2607 Joined: 2/20/2003 From: Greenville, South Carolina, USA Status: offline	RE: Strange seceurity warning from firewall - should I ... - 1/24/2007 13:24:05 Womble, After repeated svchost.exe errors, I disabled it at start-up by: (1) Control Panel, (2) Admistrative Services, (3) Windows Image Acquisition (WIA) then: (4) Startup type = Disabled and (5) Service Status = Stopped. I associated this error as a conflict between my Belkin Wireless Router and previously installed HP 7410 printer drivers, so this may not be either the fix for your situation or even a recommend fix for anything or anybody else. I will say this approach, however, worked for me. Proceed with caution _____________________________ Larry M. A liberal is a person whose interests aren't at stake at that moment. (in reply to womble)


BobbyDouglas Posts: 5432 Joined: 5/15/2003 From: Arizona Status: offline	RE: Strange seceurity warning from firewall - should I ... - 1/24/2007 13:52:06 I thought svchost.exe was required for startup... _____________________________ Arizona Web Design - Mr Bobs Web Design in Arizona The Arizona Web Hosting Challenge (in reply to Larry M.)


Larry M. Posts: 2607 Joined: 2/20/2003 From: Greenville, South Carolina, USA Status: offline	RE: Strange seceurity warning from firewall - should I ... - 1/24/2007 18:10:43 quote: I thought svchost.exe was required for startup... Bobby, Apparently not In addition to my desktop, I've disabled two companion laptops in the same fashion for the wireless printserv function. The fix was sourced from the MS KB, not from Belkin, not from HP. _____________________________ Larry M. A liberal is a person whose interests aren't at stake at that moment. (in reply to BobbyDouglas)


rdouglass Posts: 9167 From: Biddeford, ME USA Status: offline	RE: Strange seceurity warning from firewall - should I ... - 1/24/2007 21:01:56 quote: svchost.exe My $.02 on the matter paraphrasing a lot: Svchost.exe is a 'generic' application on Win32 OS's that many .DLL's require to operate. Many systems will run more than 1 instance of svchost.exe; in fact, my PC has 4 instances running right at this moment and I'm 99.999% confident my system is 'clean' from malware and virii. Just because svchost.exe is running doesn't mean you have a problem. The reason that you see ZA report it is that outside processes are trying to talk to svchost.exe. That is a common place that many malware and virii can be accessed by others to 'advertize' themselves and their capabilities. And because of that, some people think that if svchost.exe is running, you have a virus. Not true. Frequently the case due to the nature of virii and malware but not 'prima facie' evidence to that fact. I am by no means an expert on it but I do know that just because it's running, really is no proof that there is foul play. And as others have indicated, ZA is doing exactly what it's supposed to do. _____________________________ Don't take you're eye off your final destination. ASP Checkbox Function Tutorial. (in reply to Larry M.)


womble Posts: 5461 Joined: 3/14/2005 From: Living on the edge Status: offline	RE: Strange seceurity warning from firewall - should I ... - 1/25/2007 5:58:54 That makes sense Roger. I checked in the ZA control panel, and it's allowing access for svchost.exe in the trusted and internet zones, and under 'server' for the 'trusted' zone, but not the 'internet' zone. Reading what it said about what the "server" part meant it says, quote: Access: Allows a program to actively retrieve information on the Internet or network Server: Allows a program to passively listen for unsolicited contact from the Internet or network. Very few programs require server rights. I did try to change it the other night but it said (me paraphrasing) "Whoa! Are you sure you want to do that?", so I left it as it was on the grounds that ZA probably knows best. I guess that makes sense though that it's allowing "listening" from my trusted sites and services, but not from any old server out there. Thumbnail Image Attachment (1) _____________________________ ~~ "A cruel god ain't no god at all" ~~ (in reply to rdouglass)


TJolly Posts: 92 Joined: 10/12/2006 From: Cheshire, UK Status: offline	RE: Strange seceurity warning from firewall - should I ... - 1/25/2007 7:00:36 Svchost.exe is part of the windows operating system and should be found in C:\WINDOWS\System32 folder. However, it has also been identified as a backdoor vulnerability if running elsewhere on a system. Svchost.exe (in reply to womble)

Page: [1]

All Forums >> Community >> Computer Software and Hardware issues >> Strange seceurity warning from firewall - should I be worried?

Page: [1]

Jump to: 1

New Messages	No New Messages
Hot Topic w/ New Messages	Hot Topic w/o New Messages
Locked w/ New Messages	Locked w/o New Messages

Post New Thread

Reply to Message

Post New Poll

Submit Vote

Delete My Own Post

Delete My Own Thread

Rate Posts