comodo firewall:incoming connection to svchost from local IP

hello
i have comodo firewall v5
i am connected to internet through unencrypted private wifi hotspot,everyday different local ip addressees(at the moment my ip is 10.11.4.86 and other incoming IPs are for example 10.11.4.159 10.11.4.54 10.11.4.219 10.11.4.216 ...) asking to connect to svchost and windows operation system usually in these ports 445 80 137 138 139 443
i guess these may be intrusion attacks and block them.
i use utorrent and it has localpeer discovery feature,is this the reason why i receive such requests?if it is true,then is it safe to allow these attempts?
thanks in advance.

 

The addresses (10.x.x.x) you are seeing are from the from reserved IP address space list (RFC 191 and are likely allocated by the Service provider of the hotspot.

The traffic relates to:

Port 80 - HTTP traffic
Port 443 - HTTPS traffic
Ports 137 - 139 NetBIOS Traffic
Port 445 - SMB over TCP

The former HTTP and HTTPS, if incoming, may indicate the presence of a web server on your PC. If you don't run a service of this kind then you can block these inbound ports.

The latter NetBIOS and SMB traffic is used by windows file and print sharing. Once again, if you don't have a requirement for these services, you can disable NetBIOS on the Network adapter and also block inbound connections on these ports. It's also possible to completely disable port 445 via the registry.

How you choose to create rules for this traffic will depend on your configuration in Comodo. Typically, rules for handling NetBIOS traffic will be applied to the System process, which is performed as an 'Application' rule.

You can also look at creating separate profiles in windows for times when you are using a public hotspot and when using a private network.

Local Peer Discovery uses UDP port 6771 on a multicast address between 239.0.0.0 - 239.255.255.255