Progran Requesting Server Rights in ZA

Discussion in 'other firewalls' started by kanga, Nov 5, 2002.

Thread Status:
Not open for further replies.
  1. kanga

    kanga Guest

    :) Hi guys am running XP Pro a program which I think belongs to windows is asking server rights in ZA free here is its name Generic host process for win32 services should I give this program server right YES or NO. also dose any one know what this program dose in windows.
    Thank for your time and help.
     
  2. Pieter_Arntz

    Pieter_Arntz Spyware Veteran

    Joined:
    Apr 27, 2002
    Posts:
    13,312
    Location:
    Netherlands
    Hi kanga,

    Welcome to the board. I'm a XP Pro user myself and I have denied GHP all access to the internet. The only inconveniences this produced is that I have to manually enable it if I want to go to the Windows Update page and that my computer does not automatically check if there are any updates.
    Please read this as well.
    And here is the article describing Svchost for Windows XP: http://support.microsoft.com/default.aspx?scid=kb;en-us;Q314056

    Hope this helps,

    Pieter
     
  3. MickeyTheMan

    MickeyTheMan Security Expert

    Joined:
    Feb 9, 2002
    Posts:
    1,016
    Rule of thumb : In case of doubt, Deny access to any program that wants acess as server.
    That can always be changed later if needed.
    Better be safe than sorry.
     
  4. root

    root Registered Member

    Joined:
    Feb 19, 2002
    Posts:
    1,723
    Location:
    Missouri, USA
    I think most people don't understand what that is all about. In ZA, server rights means to allow incomming traffic. Other that your FTP client, very few programs need to allow incomming traffic.
    To the best of my knowledge, in XP, SVCHost.exe needs to be allowed out to the ISPs DNS servers on port 53. In Win2k it is Services.exe that needs out to the DNS servers.
    Different firewalls have different terminology for the Windows services, but basically thats all thats needed.
    I do not know what generic host processor is, or I could help a bit more. If Pieter is saying it is SVCHost.exe, I'm surprised he can block it totally. The Outpost Firewall users have to allow it out for DNS.
    I don't doubt you Pieter, just have different results from Outpost users. Strange. :D
     
  5. notageek

    notageek Registered Member

    Joined:
    Jun 3, 2002
    Posts:
    1,601
    Location:
    Ohio
    Well said Mikey. I totrally agree with you.
     
  6. marti

    marti Registered Member

    Joined:
    Mar 25, 2002
    Posts:
    646
    Location:
    Houston, Texas, USA
    This is part of what the ZA help files have to say about server rights:

    Server permission allows a program on your computer to "listen" for connection requests from other computers, in effect giving those computers the power to initiate communications with yours.This distinct from access permission, which allows a program to initiate a communications session with another computer.

    Several common types of applications, such as chat programs, e-mail clients, and Internet Call Waiting programs, may need server permission to operate properly. Grant server permission only to programs you're sure you trust, and that require it in order to work.

    If possible, avoid granting a program server permission for the Internet Zone. If you need to accept incoming connections from only a small number of machines, add those machines to the Trusted Zone, and then allow the program server permission for the Trusted Zone only.
     
  7. Pieter_Arntz

    Pieter_Arntz Spyware Veteran

    Joined:
    Apr 27, 2002
    Posts:
    13,312
    Location:
    Netherlands
    You could be absolutely right on both counts. Don't ever let me make you doubt ;)
    It could be my special setup. Point is: I use a ADSL modem that is a router as well.
    So the ISP verification is most likely handled by the router.
    My firewall is SPF 5 PRO and there are several Windows processes listed that are all related to SVCHost processes. The way these are setup in Win2k and XP is kind of confusing (that's why I posted the M$ link). I used the trial and error method to figure out which ones to block, ask or allow.
    The one SPF recognizes as Generic Host Processes I blocked with the result as described in my first post.

    Hope this clarifies,

    Pieter
     
Loading...
Thread Status:
Not open for further replies.