Blocking per module in svchost.exe - Comodo only?

I know that Comodo can show exactly which module inside svchost.exe wants access to the net, and it lets you decide if only that module should be blocked or allowed.

What other firewalls can do this?

 

Bump!

Anyone Please?

 

Hi Stone Free,

Some clarification please,.. when you say "module inside svchost", do you mean the command line,.. examples:-

"svchost.exe -k netsvcs"
"svchost.exe -k NetworkService"

____
Stem

 

If you use SysInternals Process Explorer and hover your mouse over instances of svchost.exe it lists which services are hosted in that particular instance of svchost.

For example

C:\WINDOWS\system32\svchost.exe
Services:
DCOM Server Process Launcher
Terminal Services

C:\WINDOWS\system32\svchost.exe
Services:
DCOM Server Process Launcher
DNS Client

 

I cannot say I have seen direct alerts for "services" in any firewall (I will recheck), only the command line reference, or reference given to services due to port use.

Maybe other members have more info on this?

 

I'm not aware of alerts to block the individual modules from accessing the internet in the firewall but the application blocking controls in many HIPS do allow individual control over the dll's that are allowed. As an example, the DHCP Client is a module and trusted within this application for execution - if it wasn't, an alert would ask to allow/deny and add to the trusted list or not.

 

Its not necessarily the ability to block the individual modules from accessing the internet, but at least to know which open connections are comming from which module so that I can now whether the module should be accessing the internet or not. If the site and the service look sensible then I can add that site and tcp port to a firewall rule for svchost.

 

Bump!