+ Reply to Thread
Results 1 to 9 of 9
  1. #1
    Ordained Mommy NeoStarO1's Avatar
    Join Date
    Oct 2001
    Location
    Arizona
    Posts
    7,597
    Blog Entries
    1

    Firewall Questions

    I am using sygate personal edition firewall.
    OS = win2kpro

    One i can't seem to find again but it wanted to access the net it was called something like WatchDog. then i clicked no and its new message say that the NT Kernal & System has been blocked.

    1. WatchDog
    2. NT Kernal & System
    3. LSA Excutable & Server DLL (export version)
    4. Generic Host Process for Win32 Services

    Okay my question is and I can't seem to find any answers for these is why do these services need to access the net? Also what is watch dog? I looked up one on google and it says something installed with NT versions of OS and its a thingy that watches your computer or something er other and will auto reboot your computer if a system crash occurs. my system hasn't crashed today. only been having net access problems. but i think those are fixed since doing.

  2. #2
    Member boricua4sho2002's Avatar
    Join Date
    Aug 2002
    Location
    Naguabo, Puerto Rico
    Posts
    59
    changew the dam firewall get Zone Alarm free edition
    Mr. Alvin

  3. #3
    Ordained Mommy NeoStarO1's Avatar
    Join Date
    Oct 2001
    Location
    Arizona
    Posts
    7,597
    Blog Entries
    1
    Originally posted by boricua4sho2002
    changew the dam firewall get Zone Alarm free edition
    That was rude boricua4sho2002, and I don't appreciate your comments.

    FYI I used to use zonealarm and frankly I don't care for it too well. Sygate is not my top choice either. I will be getting a new one and I can assure you that it won't be zone alarm.

  4. #4
    Ultimate Member Chuckiechan's Avatar
    Join Date
    Oct 2001
    Location
    North Mexico
    Posts
    17,006
    I use Zone Alarm as my first firewall experience and find it easy to use. What don't you like about it? A friend had something from Norton and it was too complicated, Black Ice seemed like looking at footprints after you'd been robbed.

    I like the ease of use of ZA but am I in for a bell-ringing?

    Thx

    BTW: I get most of the same requests from ZA. I wonder if pingers are looking for spyware reports. (looking for lost spy's deleted with anti-adware?)

    Edit: I did a anti spyware called Search & Destroy. I couldn't run game spy and a couple of others. There were probaly more. What I think is that anything you download for free has spyware, and most make you agree to keep it and won't run without it, unless of course you upgrade to a pay version. I gave gamespy and someone else back their spy and went back to the less ruthless "Adware" from Lavasoft.

    This is a whole new topic I'd like to follow with people who know more than I do. I had no idea so many "services" were hitting my net and now I wonder if I want to know...!

    I hope this was kinda following the track you were taking...
    Last edited by Chuckiechan; January 31st, 2003 at 12:43 AM.
    Obama: "If you like your Ebola, you can keep your Ebola!"

  5. #5
    Rather Large Member Beemer's Avatar
    Join Date
    Oct 2001
    Location
    Vernon, BC, Canada
    Posts
    10,201
    Kind of a complext answer. Sorry.

    Here's the info on svchost.exe .

    As I understand it, svchost starts a service and Sygate will report it requesting Internet access and gives the service an alias of "Generic Host Process for Win32 Services". Some viruses will piggy back on this Generic Host Process. (Don't get all freaked out. It's only for your info.)

    You'll notice many svhosts if you Ctrl + Alt + Delete and look at the Processes tab. Some of these services may request Internet access and some not. Some request but don't really need to be granted access. You may be able to disable or set to manual some service in your Administrative Services.

    The link above has a method of discovering what process are running linked to the svchost activation. Check it out. You could find it interesting.

    Watchdog service can be uninstalled through Add/Remove Windows Components. You might want to reinstall your Sygate Firewall first and not save previous settings. Start fresh. Once you are back on the net, remove the check for Watchdog in the Add/Remove Windows Coponents.

    Cheers!

    The LSA thing is all yours. Don't have a clue on that one.

  6. #6
    Ordained Mommy NeoStarO1's Avatar
    Join Date
    Oct 2001
    Location
    Arizona
    Posts
    7,597
    Blog Entries
    1
    Hi Beemer,

    For nwo Im just blocking all those services from accessing the net. I found some other forums talking about th esame thing and all of these are looking like they are calling MS. So I just put them all on block and so far no ill effects.

    As for the watchdog, not sur eon that one, it is not in my ADD/Remove Programs. I think that name is an alias for one of the windows services. But I can't find any references to it anywhere yet. I am blocking that as well.

    the forth one that I listed always ask for interent access rights when ever I boot up. the others are random. So block them all for now.

    I personally like NIS better, I thought it was easier and has more features that lack in the freeware versions.

  7. #7
    Rather Large Member Beemer's Avatar
    Join Date
    Oct 2001
    Location
    Vernon, BC, Canada
    Posts
    10,201
    Oh! I agree with boricua4sho2002 but in a more diplomatic way, Zone Alarm is the #1 choice. I have an older version of ZA. Version 2.6.357
    Very configurable. Yes it can be a pain in the butt. If you make a mistake, you can undo it pretty easily.



    Any program in the list I can right click and remove it from the list. I can tell ZA to allow any of the listed items to pass through the Internet lock. Lets say, leave Outlook Express running to monitor my mail but nothing else. I locked Internet access down all except Outlook Express. Here's where you do that.



    If you need any help, if you decide to go with ZA, let us know. Zone Alarm is Internet Kung Fu. Wax on. Wax off.

    Cheers!

  8. #8
    Rather Large Member Beemer's Avatar
    Join Date
    Oct 2001
    Location
    Vernon, BC, Canada
    Posts
    10,201
    Do you have IIS installed on your machine?

    Cheers!

  9. #9
    Ordained Mommy NeoStarO1's Avatar
    Join Date
    Oct 2001
    Location
    Arizona
    Posts
    7,597
    Blog Entries
    1
    Hi Beemer,

    Nope do not have IIS installed. learned about the IIS the hard way when I first got win2k a year ago or so and that is one of the first things I check when I do a reformat.

    Sygate its pretty easy to undo mistakes as well IMO. however I do like NIS the best of them all. Has way more features that I like having. Granted its harder to use,however I have used it for about a 6 to 8 months now and understand how to use it pretty well.

    The LSA one I found it out its the LSASS one. set for blocked. Suprised I didn't catch what LSA was right off.


    NT Kernal and System appears to be the NTOSKRNL.EXE which is a system file. EDIT:I think this is the one i did /edit. One I had modified as well. However not sure why it needs to access the net. AFAIC It doesn't need to. Its set to block and no ill effects with doing that as of yet.

    As for these files, doesn't matter what firewall I use, these files always want to access the net and I am trying to figure out why?
    Last edited by NeoStarO1; January 31st, 2003 at 10:51 AM.

Quick Reply Quick Reply

If you are already a member, please login above.

What is the color of the sky?

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may post new threads
  • You may post replies
  • You may not post attachments
  • You may not edit your posts
  •  
Copyright 2014 All Enthusiast, Inc