Dan_B
@sympatico.ca
| Generic Host Process for Win32
Hi, I have Sympatico and I use a software Firewall. Every so often I would notice that websites would not load so I looked at the firewall alerts and I had the Generic Host Process for Win32 blocked.
After about 20 seconds the problem would go away and the Websites would load properly even though this was blocked. I have now allowed the Generic Host Process for Win32 permission to access the Internet.
I searched google but I still don't know if this is the right thing to do. Is this a security issue? Should I block it again? |
|
Dan_B
@sympatico.ca | Anyone have any ideas? I've been continuing to search google and I've read several threads on various forums regarding this. Some people say that it should be blocked while other people say it should be granted access. |
|
MacGyver
Bell Sucks
Premium,ExMod 2003-05
join:2001-10-14
Orleans, ON | reply to Dan_B
Moved from Sympatico. |
|
Marilla
I Am My Own Arbiter
Premium
join:2002-12-06
Belpre, OH
| reply to Dan_B
A couple things:
First: Did it make a difference for you when you permitted it?
I'm not 100% sure, but I *think* that GHP for Win32 might do DNS lookups.
In ZoneAlarm, I know I have GHP for Win32 given permission. Provided it has not been infected with anything, I saw no reason to block it.
--
Windows, Mac, Linux, BSD - just use the right tool for the right job... end the OS Politics! |
|
TheWiseGuy
Dog And Butterfly
Premium,MVM
join:2002-07-04
Yonkers, NY | reply to Dan_B
Depending on the firewall, you may be able to allow it only for the DNS servers. If you have the DNS client running Generic Host does the DNS lookups.
--
Dog and Butterfly |
|
UnrealArcher
join:2005-01-21
Scarborough, ON
| reply to Dan_B
It's related to the DNS Client Service.
If the service is running, then you need to have it unblocked. If the service is disabled, then it can be blocked with no ill effects.
I have the DNS Client turned off, and have absolutely no problem resolving domain names. I also have GHP blocked i nmy firewall (one less thing to worry about on the net), and everything still resolves. |
|
Marilla
I Am My Own Arbiter
Premium
join:2002-12-06
Belpre, OH
| reply to Dan_B
Ah ha! Yes; that would explain why when I looked at my second Win2K machine, it did not have permissions for GHP for Win32, yet I have no trouble with it... I have the DNS Client disabled (on both, actually... but I suppose I had used it before disabling DNS Client)
--
Windows, Mac, Linux, BSD - just use the right tool for the right job... end the OS Politics! |
|
Dan_B
@sympatico.ca
| reply to Dan_B
Thanks for the replies and sorry for posting this in the wrong forum.
When I had it blocked, I would notice that every 10-15 minutes or so, I couldn't get any Websites to load for roughly 30 seconds. When I checked the activity in Zone Alarm, it showed that it was blocked several times (usually around 10-20). If I left it blocked, eventually Websites would begin to load again.
When I granted it access, I stopped having this problem. The thing is, lately my ISP has been having DNS problems so I don't know if this is causing the problem or if it's my ISP.
Which service has to be disabled in the control panel? |
|
Dan_B
@sympatico.ca
| reply to Dan_B
Sorry...I just re-read UnrealArcher's post...I have the DNS Client set to "Automatic" and it shows that it's Started. I run WinXP Pro and I'm assuming that this setting is ok.
I don't think I have any viruses or spyware. I use NOD32 and I also run Ad-Aware every so often and according to those apps, my system seems to be clean.
I'm just a bit worried because I've read several posts from other forums indicating that it should be blocked. |
|
Marilla
I Am My Own Arbiter
Premium
join:2002-12-06
Belpre, OH
| reply to Dan_B
There's no real reason it should be blocked.
However, if you want to keep it blocked, just 'disable' the DNS Client service, and you won't need it anymore.
The DNS Client just 'caches' DNS results locally for you; without it, your computer will still work perfectly normally.
--
Windows, Mac, Linux, BSD - just use the right tool for the right job... end the OS Politics! |
|
Dan_B
@sympatico.ca | reply to Dan_B
Thanks for the info.  |
|
spooler0
Premium
join:2004-11-17
| Dan_B,
If you are still around and still interested, try setting your ZoneAlarm program settings for Generic Host Process for Win32 to "Y Y Y X". That often gives the best results here.
I believe the reason you can connect 20-30 seconds later even after GHP is blocked is because windows will then start to use alternate windows processes to perform the functions needed when that happens. We've had several prior posts on that question including a very long thread started by Libra:
»Access requests from Zone Alarm re various MS
Also do a forum search for ZoneAlarm settings. Should be a ton of information there. Finally, visit Iggy's own website for his page on how to set it.
»www.iggyz.com/iggyz.html |
|
whizkid3
Premium,MVM
join:2002-02-21
Queens, NY | reply to Dan_B
Yeah - I've got mine set to : Y Y Y X
it has been working great - no security issues whatsoever. |
|
craezer
join:2003-12-15 | reply to Dan_B
I ran KAV in safe mode and came up clean. I don't think it's anything serious, but I am curious why it decided to start doing this. |
|
spooler0
Premium
join:2004-11-17
| craezer,
Looks like you posted your reply to TheWiseGuy in your thread here by mistake.
While you are considering that, what are your ZA program settings?
Please reply in your thread so we can keep it all straight.
The link to this thread was posted in your thread so you could see the prior dialogue re the program settings for GHP in ZA.
your thread is at:
»Why is spoolsv.exe trying to access the Internet? |
|
UnrealArcher
join:2005-01-21
Scarborough, ON
| reply to Dan_B
Well, I turned the DNS Client back on... I was having a horrendous time with DNS requests failing while I had it off... wouldn't connect, then literally two seconds later it was fine. And this was for multiple sites.
I have GHP set to Y Y Y Y in ZA Pro... but only because Y Y Y X causes my internet to stutter occasionally. Switching that one setting killed off the stutters.
Go figure. Silly GHP.  |
|
spooler0
Premium
join:2004-11-17
| said by UnrealArcher  :Well, I turned the DNS Client back on... I was having a horrendous time with DNS requests failing while I had it off... wouldn't connect, then literally two seconds later it was fine. And this was for multiple sites. I have GHP set to Y Y Y Y in ZA Pro... but only because Y Y Y X causes my internet to stutter occasionally. Silly GHP. If you want to continue to futz with the DNS service, first "repair your internet connection", then stop the DNS service, then set your web browser's ZA permissions to "Y Y Y X".
See if those settings allow your browser to look up the IP addresses directly rather than the service doing so. If that works, then try resetting the permissions for GHP to "Y Y Y X" to see if you can get back to that setting. |
|
Libra
Premium
join:2003-08-06
USA
| reply to Dan_B
I have GHP for Win32 set at YYYX. I also have Block Internet Zone Servers checked in the ZA Main>Advanced settings. I think because the Advanced settings supercede the program settings, I always see "GHP for Win32 could not accept a UDP Port xxx connection from 192.168.1.1 because internet servers are blocked". In spite of this I have no problems with connectivity or accessing sites.
Sincerely, Libra |
|
UnrealArcher
join:2005-01-21
Scarborough, ON
| reply to spooler0
said by spooler0 :If you want to continue to futz with the DNS service, first "repair your internet connection", then stop the DNS service, then set your web browser's ZA permissions to "Y Y Y X". See if those settings allow your browser to look up the IP addresses directly rather than the service doing so. If that works, then try resetting the permissions for GHP to "Y Y Y X" to see if you can get back to that setting. Yup, that got it. DNS is off again, and I'm not having the DNS issues anymore. Thanks! |
|
