Do I block access from svchost to DHCP?

Do I block access from svchost to DHCP?
Secure Home | Search | About
Login Password
Register Now! Lost Password?
 General Computer Security    Post an article   get this group's latest topics as an RSS feed add this group's latest topics to your My MSN content add this group's latest topics to your My Yahoo content add this group's latest topics to your Google content
Subject Author Date
Do I block access from svchost to DHCP? Mister C 06-14-2005
Posted by Mister C on June 14, 2005, 6:32 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
From time to time I get this message from my Sygate firewall.
Should I let this program through?

"Generic Host Process for Win32 Services (svchost.exe)
is trying to connect to [62.255.64.20] using remote
port 67 (BOOTPS - Dynamic Host Configuration Protocol
[DHCP] Server). Do you want to allow this program to
access the network?"

This is my setup:

1. I use WinXP + SP1 at home.
2. My broadband ISP is NTL Cable
3. I connect direct to my ISP am am not part of a network.
4. I have disabled XP's firewall and use only Sygate firewall.

To my untutored eye it seems like a good thing to allow this and let
svchost on PC communicate with what I think is my ISP's DHCP server.

However this web page says I should completely block svchost.exe in
Sygate. http://www.howtodothings.com/ViewArticle.aspx?Article=51

Who is right?


Posted by Michael J. Pelletier on June 14, 2005, 11:46 am
If you were  Registered and logged in, you could reply and use other advanced thread options
Mister C wrote:

> From time to time I get this message from my Sygate firewall.
> Should I let this program through?
>
> "Generic Host Process for Win32 Services (svchost.exe)
> is trying to connect to [62.255.64.20] using remote
> port 67 (BOOTPS - Dynamic Host Configuration Protocol
> [DHCP] Server). Do you want to allow this program to
> access the network?"
>
> This is my setup:
>
> 1. I use WinXP + SP1 at home.
> 2. My broadband ISP is NTL Cable
> 3. I connect direct to my ISP am am not part of a network.
> 4. I have disabled XP's firewall and use only Sygate firewall.
>
> To my untutored eye it seems like a good thing to allow this and let
> svchost on PC communicate with what I think is my ISP's DHCP server.
>
> However this web page says I should completely block svchost.exe in
> Sygate. http://www.howtodothings.com/ViewArticle.aspx?Article=51
>
> Who is right?

It sounds like this is you dhcp client. I would not advise blocking that!

Michael


Posted by Bit Twister on June 14, 2005, 1:47 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
On Tue, 14 Jun 2005 18:32:46 GMT, Mister C wrote:
> From time to time I get this message from my Sygate firewall.
> Should I let this program through?
>
> "Generic Host Process for Win32 Services (svchost.exe)
> is trying to connect to [62.255.64.20] using remote
> port 67 (BOOTPS - Dynamic Host Configuration Protocol
> [DHCP] Server). Do you want to allow this program to
> access the network?"
>
> This is my setup:
>
> 1. I use WinXP + SP1 at home.

Hmmm, missing lots of updates there. Poor security practice.

> 2. My broadband ISP is NTL Cable

Well that explains it.
nslookup 62.255.64.20
shows name = dhcp1-popl.server.ntli.net.

> 3. I connect direct to my ISP am am not part of a network.

You are part of NTL cable network and your node gets it's ip address
from NTLI's DHCP server. Your DHCP client and their DHCP server chat with each
other through ports 67,68 to get/renew your DHCP assigned ip address.



Similar ThreadsPosted
Way to block Internet access November 9, 2005, 4:03 pm
block Ares September 19, 2006, 1:10 am
how to log or block login attempts on OS X? August 18, 2006, 5:04 pm
Efficient products to block Skype June 27, 2007, 6:01 pm
svchost.exe December 4, 2005, 6:49 pm
svchost accessing my own IP January 20, 2005, 11:38 am
svchost constantly maxing out CPU July 18, 2004, 11:30 pm
Static IP Vs DHCP February 27, 2005, 10:42 pm
"Definition" of DoS attack (specifically, PPPoE and DHCP) March 9, 2007, 12:26 pm
Do P2P programs need access as server? April 18, 2005, 7:15 pm

The site map in XML format XML site map

Contact Us | Privacy Policy