How would I can block internet usage for Svchost.exe as it is the most service which taking up more data

[aslumon]

Hi.. I was trying to block internet for svchost.exe as we are having capped network. Problem is once I apply a rule for blocking incoming and outgoing then I can't use any remote application such as team viewer..it will fail to connect. Kindly suggest a solution for this.

---

App version:lates Windows version:windows 10 22h2

[ghost]

SvcHost.exe acts as a host (middle-man process) for many system services and that also extends onto 3rd party software in some cases. For example, Windows OS DNS Cache service is hosted by SvcHost.exe and if DNS Cache service is enabled, then SvcHost.exe must be allowed to send packets over UDP port 53 or else DNS resolution is not going to be possible (for any services or software in my experience). If DNS Cache service is disabled, then SvcHost.exe can be blocked without affecting DNS resolution for 3rd party software than is simply going to make direct connections over UDP port 53 without using DNS Cache service (and not needing SvcHost.exe).

DNS Cache enablement also creates a major problem because it makes it impossible to block domain resolution for any application because all domain resolution happens through SvcHost.exe. You can still block non-DNS connections from/to whichever application, but not domain resolution requests and responses for whichever application because such responses and requests are made through SvcHost.exe. You can still block domains, but I don't know of software than can block domains on per-application basis.

If Team Viewer specifically relies on services that are hosted by SvcHost.exe, then SvcHost.exe must be allowed to have access to whichever ports are normally used by Team Viewer.

One way to semi-isolate SvcHost.exe is to allow access to SvcHost.exe + whichever services/software you need that uses SvcHost.exe as middle-man service. Then manually block all other services/software that use SvcHost.exe (but not SvcHost.exe itself).

[o-data]

It is a very annoying issue as explain by @SSJPKXL . I have yet to find a elegant solution and just block all until something break and reduce usage.

[duttyend]

You can in fact block svchost.exe (and disable notifications for it) and still get DNS resolution, as long as the DNS rule in System rules is enabled.

[VidarrKerr]

One way to semi-isolate SvcHost.exe is to allow access to SvcHost.exe + whichever services/software you need that uses SvcHost.exe as middle-man service. Then manually block all other services/software that use SvcHost.exe (but not SvcHost.exe itself).

I cannot get this to work.

There has got to be a solution to this. There seems to be an awful lot of people asking about this, but no answers anywhere. I wish I had the coding skills to tackle this.