comodo firewall:incoming connection to svchost from local IP

Discussion in 'other firewalls' started by hagi_mostafa, Jan 25, 2011.

Thread Status:
Not open for further replies.
  1. hagi_mostafa

    hagi_mostafa Registered Member

    Jan 25, 2011
    i have comodo firewall v5
    i am connected to internet through unencrypted private wifi hotspot,everyday different local ip addressees(at the moment my ip is and other incoming IPs are for example ...) asking to connect to svchost and windows operation system usually in these ports 445 80 137 138 139 443
    i guess these may be intrusion attacks and block them.
    i use utorrent and it has localpeer discovery feature,is this the reason why i receive such requests?if it is true,then is it safe to allow these attempts?
    thanks in advance.
  2. Heimdall

    Heimdall Registered Member

    Jul 29, 2009
    The addresses (10.x.x.x) you are seeing are from the from reserved IP address space list (RFC 191:cool: and are likely allocated by the Service provider of the hotspot.

    The traffic relates to:

    Port 80 - HTTP traffic
    Port 443 - HTTPS traffic
    Ports 137 - 139 NetBIOS Traffic
    Port 445 - SMB over TCP

    The former HTTP and HTTPS, if incoming, may indicate the presence of a web server on your PC. If you don't run a service of this kind then you can block these inbound ports.

    The latter NetBIOS and SMB traffic is used by windows file and print sharing. Once again, if you don't have a requirement for these services, you can disable NetBIOS on the Network adapter and also block inbound connections on these ports. It's also possible to completely disable port 445 via the registry.

    How you choose to create rules for this traffic will depend on your configuration in Comodo. Typically, rules for handling NetBIOS traffic will be applied to the System process, which is performed as an 'Application' rule.

    You can also look at creating separate profiles in windows for times when you are using a public hotspot and when using a private network.

    Local Peer Discovery uses UDP port 6771 on a multicast address between -
Thread Status:
Not open for further replies.