locktime

Open full view…

Better Blocker Service Detection

votality
Wed, 22 Sep 2021 04:33:10 GMT

Hi, Currently the blocker does not recognize all of the default services installed by windows: In particular these two: WPN_UserService_(unique string here) CDP_UserService_(unique string here) This leaves you to create multiple rules based on svchost.exe and the outbound IP. Rather than a neater rule that just says allow all access for this service. I'm guessing its probably due to the If there any any devs on this forum is it possible for them to add detection of all services that are inbuilt to allow rules to be built against them. I'm guessing they haven't added it as it isn't as simple as matching the service name as its randomized, the app would probably have to check against the process commandline. "C:\Windows\system32\svchost.exe -k netsvcs -p -s WpnService" and "C:\Windows\system32\svchost.exe -k UnistackSvcGroup -s WpnUserService" "C:\Windows\system32\svchost.exe -k LocalService -p -s CDPSvc" and "C:\Windows\system32\svchost.exe -k UnistackSvcGroup -s CDPUserSvc"

votality
Wed, 22 Sep 2021 05:00:35 GMT

LOL... Ignore the "I'm guessing its probably due to the". I got a call while I was typing the message. I expanded on what I was going to say in the next paragraph but forgot to delete that sentence.