Tina, 2016-06-09 15:21 »
Unfortunately, I already tried that, with no success.
Here are the 4 OB rules I created:
Rule Name: BLOCK WinUpd,etc
----------------------------------------------------------------------
Enabled: Yes
Direction: Out
Profiles: Domain,Private,Public
Grouping:
LocalIP: Any
RemoteIP: Any
Protocol: Any
Edge traversal: No
Program: C:WindowsSystem32svchost.exe
InterfaceTypes: RAS,Wireless
Security: NotRequired
Rule source: Local Setting
Action: Block
Ok.
Rule Name: ALLOW explorer.exe
----------------------------------------------------------------------
Enabled: Yes
Direction: Out
Profiles: Domain,Private,Public
Grouping:
LocalIP: Any
RemoteIP: Any
Protocol: Any
Edge traversal: No
Program: C:Windowsexplorer.exe
InterfaceTypes: Any
Security: NotRequired
Rule source: Local Setting
Action: Allow
Ok.
Rule Name: ALLOW iexplore.exe
----------------------------------------------------------------------
Enabled: Yes
Direction: Out
Profiles: Domain,Private,Public
Grouping:
LocalIP: Any
RemoteIP: Any
Protocol: Any
Edge traversal: No
Program: C:Program FilesInternet Exploreriexplore.exe
InterfaceTypes: Any
Security: NotRequired
Rule source: Local Setting
Action: Allow
Ok.
Rule Name: ALLOW POPPeeper.exe
----------------------------------------------------------------------
Enabled: Yes
Direction: Out
Profiles: Domain,Private,Public
Grouping:
LocalIP: Any
RemoteIP: Any
Protocol: Any
Edge traversal: No
Program: C:PPPeeperPOP PeeperPOPPeeper.exe
InterfaceTypes: Any
Security: NotRequired
Rule source: Local Setting
Action: Allow
Ok.
After a TRUE PowerOff (not that lousy HIBERNATE, which causes
WTS to fail to start my tasks due to RC x'80070002' on Win10, but
works properly when I hear the Windows Startup sound), I connect
to the Internet, start both programs, and try to access it; they
both fail to do so (POPPeeper gets 'connection error', while IE11
gets 404/Page Not Found for any URL I try to access, even my
own).
But, after I alter the WinUpd rule and restrict it to the
WinUpd service, w/o re-starting anything, even the connection,
then they both work normally (POPPeeper sees my e-mail headers,
and IE11 can access any URL, including my own).
Win7 does the same thing, so I must be missing something, but
don't know what. Worse, the doc for Win10 is no longer on my
machine, so I've been reading the doc on Win7 (problem#34 w/this
HORRIBLE Win10!!!), but, so far, I see nothing useful except
maybe this:
"Do not add service containers or programs that host services,
such as Svchost.exe, Dllhost.exe, and Inetinfo.exe, to the rules
list without specifying the individual service that is to be allowed
or blocked. Specifying only the service container as a program
might compromise the security of the computer."
Comments?
Unfortunately, I already tried that, with no success.
Here are the 4 OB rules I created:
Rule Name: BLOCK WinUpd,etc
----------------------------------------------------------------------
Enabled: Yes
Direction: Out
Profiles: Domain,Private,Public
Grouping:
LocalIP: Any
RemoteIP: Any
Protocol: Any
Edge traversal: No
Program: C:WindowsSystem32svchost.exe
InterfaceTypes: RAS,Wireless
Security: NotRequired
Rule source: Local Setting
Action: Block
Ok.
Rule Name: ALLOW explorer.exe
----------------------------------------------------------------------
Enabled: Yes
Direction: Out
Profiles: Domain,Private,Public
Grouping:
LocalIP: Any
RemoteIP: Any
Protocol: Any
Edge traversal: No
Program: C:Windowsexplorer.exe
InterfaceTypes: Any
Security: NotRequired
Rule source: Local Setting
Action: Allow
Ok.
Rule Name: ALLOW iexplore.exe
----------------------------------------------------------------------
Enabled: Yes
Direction: Out
Profiles: Domain,Private,Public
Grouping:
LocalIP: Any
RemoteIP: Any
Protocol: Any
Edge traversal: No
Program: C:Program FilesInternet Exploreriexplore.exe
InterfaceTypes: Any
Security: NotRequired
Rule source: Local Setting
Action: Allow
Ok.
Rule Name: ALLOW POPPeeper.exe
----------------------------------------------------------------------
Enabled: Yes
Direction: Out
Profiles: Domain,Private,Public
Grouping:
LocalIP: Any
RemoteIP: Any
Protocol: Any
Edge traversal: No
Program: C:PPPeeperPOP PeeperPOPPeeper.exe
InterfaceTypes: Any
Security: NotRequired
Rule source: Local Setting
Action: Allow
Ok.
After a TRUE PowerOff (not that lousy HIBERNATE, which causes
WTS to fail to start my tasks due to RC x'80070002' on Win10, but
works properly when I hear the Windows Startup sound), I connect
to the Internet, start both programs, and try to access it; they
both fail to do so (POPPeeper gets 'connection error', while IE11
gets 404/Page Not Found for any URL I try to access, even my
own).
But, after I alter the WinUpd rule and restrict it to the
WinUpd service, w/o re-starting anything, even the connection,
then they both work normally (POPPeeper sees my e-mail headers,
and IE11 can access any URL, including my own).
Win7 does the same thing, so I must be missing something, but
don't know what. Worse, the doc for Win10 is no longer on my
machine, so I've been reading the doc on Win7 (problem#34 w/this
HORRIBLE Win10!!!), but, so far, I see nothing useful except
maybe this:
"Do not add service containers or programs that host services,
such as Svchost.exe, Dllhost.exe, and Inetinfo.exe, to the rules
list without specifying the individual service that is to be allowed
or blocked. Specifying only the service container as a program
might compromise the security of the computer."
Comments?