Andy Ful
From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
- Dec 23, 2014
- 8,598
There can be many advantages of strong firewall restrictions, especially in business networks.
Some of these advantages are still welcome at home. Of course, one can use complex firewall hardening alongside SWH, and even with policies made by the FirewallHardening tool.
Svchost is only one of many Windows executables that can be abused for outbound connections. Furthermore, it is not the most popular way because abusing Svchost requires high privileges. It is often used to hide malicious actions and get persistence on the heavily compromised system.
Edit.
For most users, hardening methods like restricting Svchost by the firewall are too complex and inconvenient in daily work.
I think that at home, the monitoring/blocking (auto) Run keys in the Windows Registry would be much easier to fight CryptoMiners.
Some of these advantages are still welcome at home. Of course, one can use complex firewall hardening alongside SWH, and even with policies made by the FirewallHardening tool.
Svchost is only one of many Windows executables that can be abused for outbound connections. Furthermore, it is not the most popular way because abusing Svchost requires high privileges. It is often used to hide malicious actions and get persistence on the heavily compromised system.
Edit.
For most users, hardening methods like restricting Svchost by the firewall are too complex and inconvenient in daily work.
I think that at home, the monitoring/blocking (auto) Run keys in the Windows Registry would be much easier to fight CryptoMiners.
Last edited: