Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

How would I can block internet usage for Svchost.exe as it is the most service which taking up more data #1784

Open
aslumon opened this issue May 9, 2024 · 2 comments
Open

How would I can block internet usage for Svchost.exe as it is the most service which taking up more data #1784

aslumon opened this issue May 9, 2024 · 2 comments
Labels
question

Comments

@aslumon
Copy link

aslumon commented May 9, 2024
edited

Hi..
I was trying to block internet for svchost.exe as we are having capped network.
Problem is once I apply a rule for blocking incoming and outgoing then I can't use any remote application such as team viewer..it will fail to connect.
Kindly suggest a solution for this.

App version:lates
Windows version:windows 10 22h2
@SSJPKXL
Copy link

SSJPKXL commented May 11, 2024
edited

SvcHost.exe acts as a host (middle-man process) for many system services and that also extends onto 3rd party software in some cases. For example, Windows OS DNS Cache service is hosted by SvcHost.exe and if DNS Cache service is enabled, then SvcHost.exe must be allowed to send packets over UDP port 53 or else DNS resolution is not going to be possible (for any services or software in my experience). If DNS Cache service is disabled, then SvcHost.exe can be blocked without affecting DNS resolution for 3rd party software than is simply going to make direct connections over UDP port 53 without using DNS Cache service (and not needing SvcHost.exe).

DNS Cache enablement also creates a major problem because it makes it impossible to block domain resolution for any application because all domain resolution happens through SvcHost.exe. You can still block non-DNS connections from/to whichever application, but not domain resolution requests and responses for whichever application because such responses and requests are made through SvcHost.exe. You can still block domains, but I don't know of software than can block domains on per-application basis.

If Team Viewer specifically relies on services that are hosted by SvcHost.exe, then SvcHost.exe must be allowed to have access to whichever ports are normally used by Team Viewer.

One way to semi-isolate SvcHost.exe is to allow access to SvcHost.exe + whichever services/software you need that uses SvcHost.exe as middle-man service. Then manually block all other services/software that use SvcHost.exe (but not SvcHost.exe itself).

@o-data
Copy link

o-data commented May 15, 2024
edited

It is a very annoying issue as explain by @SSJPKXL . I have yet to find a elegant solution and just block all until something break and reduce usage.

@tnodir tnodir mentioned this issue May 29, 2024
Closed
2 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
question
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@aslumon @o-data @SSJPKXL