Hi all, Using SysInternals' TCPView to get an idea of what programs are communicating with the network on Windows 10. Any tips as to how to minimise unsolicited network traffic both to and from my Windows 10 machine? Also, why do many programs sit in the LISTENING state with a Local Address of 0.0.0.0 and [0:0:0:0:0:0:0:0]?
Normally speaking, Windows Firewall should block all incoming and outgoing connections. Only certain apps like the browser and certain system processes like svchost.exe should be able to make outbound connections. I'm not a firewall expert, but I believe the apps that are in the "LISTENING state" don't actually connect out, that's why they have a Local Address of 0.0.0.0. I assume they are all system processes, at least that's the case on my system.
Ummm, because they're listening I'm pretty sure that, for IP addresses, zero always means *. So they're listening on all of the device's addresses.
Listening means waiting for an incomming connection. 0.0.0.0 is unspecified address you should only see that if your computer is not connected to the internet so has no IP address. Unless, you are running a server application, in which case 0.0.0.0 means it is listening for incomming connections on all IP addresses assigned to your machine, for example the internet and a LAN at the same time.