firewall newbie- not sure what to let in, what to block

[Sandor]

I have a cable modem with a netgear router, and I just installed Sygate Personal Firewall. It asks me if I want to allow certain things, but I'm not always sure what those are. Like "Generic Host Process for win32services is trying to broadcast to [224.0.0.22]". And I get things like iexplorer is trying to contact some host. Is there a rule of thumb on what to block?

 

[Staver]

Here is a good rule. If you can run with out it then the answer is always No. I think you will find "Generic Host Process" to be Yes.

 

[PowerYoga]

I also have been getting a lot of zonealarm warnings (since i installed xp)... i get about 100-300 warnings for a 10 minute period for the whole day. I don't think that's normal. any ideas?

 

[BreakApart]

Setup the system to access the net, then goto grc.com and use the Shields Up utility.

It will give you a break down of your setup and where you need work.

EDIT: guess you ment those personal blocking utilities, never used them and don't plan too.

 

[Bglad]

If I don't recognize it, I always block it. Then I've just taught myself to keep in mind that I'm running a firewall. If something is not working properly, then I look to see if I may have blocked it errenously. Funny thing is this doesn't happen very often. Darned if I can figure out what all the processes are that are trying to broadcast by my money says you don't need 99.9% of it.

 

[Staver]

PowerYoga: You'd need to post some of the alerts messages for us to tell you.

 

[Sandor]

Thanks for the advice- I've tried blocking everything that comes up (not permanantly, just in case), and so far no ill effects. I'm hoping if there ever is anything important, I'll be able to tell. As for now, I just can't believe how many things are trying to broadcast from my computer that I never knew about.

 

[Pakaderm]

My advice would be to block everything as your first rule. Then as you figure out what to allow, let that stuff come through.