Re: svchost.exe connect port 80 and 443

From: Duane Arnold (notme_at_notme.com)
Date: 02/23/04

• Next message: Solbu: "Re: port 80 open, how...."
• Previous message: Duane Arnold: "Re: Using Old OS for Security"
• In reply to: Big Will: "Re: svchost.exe connect port 80 and 443"
• Next in thread: Big Will: "Re: svchost.exe connect port 80 and 443"
• Reply: Big Will: "Re: svchost.exe connect port 80 and 443"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: Mon, 23 Feb 2004 12:20:36 GMT

> >

> I disagree with that. At times, svchost.exe will try to connect for

> no

> apparent reason, and I'll kill it. Furthermore, because I still use

> Plug-and-Play (for Windows Sound purposes) I simply block svchost when

> it tries to connect on TCP 1900. If a communication is remotly

> initiated, and I don't know why it's being remotely initiated, then I

> block it, even if it's svchost.exe. If some apps stop working then,

> then I'm that much the wiser about that particular remote IP address and

> what it has to do with my PC. I wouldn't say blocking svchost.exe from

> accessing the internet is killing the messenger, just blocking him from

> delivering his message.

>

Big Will if I thought you knew what you're talking about I would listen. You
don't know. SVChost.exe never tries to do anything on its own. Some program
element on the machine makes the requests to svchost to do its bidding. Now
whether that be some third party program element on the machine, a Trojan,
spyware or the O/S itself making the request, some program element on the
machine makes the requests. The svchost has many functions that many program
elements will call upon svchost to do and communications is just one of
them. That's why there can be several svchost.exe running on the machine
doing various tasks.

One more time, you do not know what you're talking about when it comes to
svchost.

Duane :)

---

• Next message: Solbu: "Re: port 80 open, how...."
• Previous message: Duane Arnold: "Re: Using Old OS for Security"
• In reply to: Big Will: "Re: svchost.exe connect port 80 and 443"
• Next in thread: Big Will: "Re: svchost.exe connect port 80 and 443"
• Reply: Big Will: "Re: svchost.exe connect port 80 and 443"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Re: svchost.exe connect port 80 and 443 ... > element on the machine makes the requests to svchost to do its bidding. ... > whether that be some third party program element on the machine, a Trojan, ... connections (like when svchost tries to connect to internet on port ... (comp.security.firewalls) Re: svchost.exe connect port 80 and 443 ... Some program element on the machine makes the requests to ... The svchost has many functions that many program elements ... Nothing unsolicted is coming in unless I open the ports to ... application and it's the COM+ server and the SQL Server Cluster not ... (comp.security.firewalls) Re: Sygate question ... My advise to you is that *svchost* is just that; ... to find out what program element is asking for *svchost * to access the ... > it safer just to keep these two things blocked? ... > RTH ... (comp.security.firewalls)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(17)