Results 1 to 3 of 3

Thread: Firewall alert svchost.ext blocked outgoing -- poor internet connection

  1. #1
    gandydancer Guest

    Default Firewall alert svchost.ext blocked outgoing -- poor internet connection

    Vers: Zone alarm free, ver 6.1, windows XP pro

    If you know quick answer, excuse extensive narrative. I think "option 2" at end is what I need to do, but I want to be sure. Thanks in advance

    Question: How can I allow better internet access without compromising my security? I've found some options. Would option #2 at the end of this post be my preferred option, or something else? (I've looked at other posts, and they didn't directly address my question.)

    I've been having problems consistently connecting to the internet since I've installed zone alarm. I installed zone alarm shortly after reformatting all hard drives and reinstalling my operating system. My system should be clean of viruses, trojans. I did not reconnect to the internet, after the reformat and reload, until I'd installed anti-virus software and zone alarm. The only exception was when I was downloading Windows XP updates early in the reload process.

    I wish to improve my connectivity without compromising my security. I will first tell you the blocking message, then my system configuration, and then ask the best way to improve my access.

    I get the following blocking message (IP addresses camouflaged for security reasons):

    Alert/Log message:
    Description: "Packet sent from rrr.sss.ttt.vvv (UDP port nnnn) to rrr.sss.ttt.uuu (DNS) was blocked"
    Type: Firewall
    Program: Svchost.exe
    source IP: rrr.sss.ttt.vvv:nnnn, where rrr.sss.ttt.vvv is the IP address of my computer and nnnn is a port number that varies
    destination IP: rrr.sss.ttt.uuu:53, where rrr.sss.ttt.uuu is the IP address of my router
    Direction: outgoing
    Action: Blocked
    Source DNS: the name of my computer on the network
    Destination DNS: usually blank

    System configuration:
    Windows XP Pro, connected to a router, which is connected to a DSL modem.
    According to my router software, my computer is assigned IP address rrr.sss.vvv
    According to my router software, my router's LAN address is rrr.sss.ttt.uuu
    My router is set up to be used as a DHCP server (whatever the heck that means)
    My router WAN TCP/IP connection (IP address, DNS address, etc) is set to the values specified by my ISP
    My computer's TCP/IP connections are set to "obtain IP address automatically" and "obtain DNS address automatically"
    I have only the one router, which is sometimes connected to more than one computer. The computers are not set up to share resources
    According to zone alarm, IP address rrr.sss.ttt.vvv is an adapter subnet entry, in the internet zone

    Question: How can I allow better internet access without compromising my security? I've found some options. Would option #2 be my preferred option, or something else?

    option 1: Set internet zone security to "Med" instead of "High". This works, but I'm concerned about compromising security

    option 2: try adding the firewall log entry to the trusted zone, by using the "add to zone" button. I have not actually done this yet. (rrr.sss.ttt.vvv is already listed as a trusted zone. rrr.sss.ttt.uuu is not.) If the entire internet is not a trusted zone, why would rrr.sss.ttt.uuu be trusted, if it is the IP for accessing the internet?

    option 3: Change the svchost.exe access permissions from "Access: trusted and internet =yes; Server Trusted=yes; server internet=blocked" to a setting where "server internet=ask" or "server internet=yes". This sounds like it dangerously compromises security, from what I saw in one post.

    Operating System:Windows XP Pro
    Product Name:ZoneAlarm (Free)
    Software Version:6.0

  2. #2
    rediranch Guest

    Default Re: Firewall alert svchost.ext blocked outgoing -- poor internet connection



    I would do option 2 with the ip range of 192.168.x.0 thru 192.168.x.255, then, go to this site and test your system - click on ALL SERVICE PORTS.


    I have my ZA set to medium - always do - and all my ports except 1 show 'stealth' where the 1 is closed.




  3. #3
    blacksoth Guest

    Default Re: Firewall alert svchost.ext blocked outgoing -- poor internet connection

    I also have my ZA set to medium but since the update, it blocks every outgoing attempt to access the internet.
    Using a lower security setting has not worked in my case.
    Did you do anything to your ZA settings?

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •