I've gone through some self teaching on networking and have
a basic grasp of addressing, ports and basic firewall rule setting but frequently when I allow the firewall to query whether certain communication should be allowed, I come across communication which I am not sure where it originates (directly from the internal port eg router or somewhere else nor whether the communication should be allowed eg:
'Generic Host Process for Win32 Services' from your computer wants to send UDP datagram to 255.255.255.255, port 67
application: c:\windows\system32\svchost.exe
Application: 'Tcpip Kernel Driver'; protocol: [2]; Remote address 239.255.255.250: Unknown event
application: tcpip kernel driver
'Generic Host Process for Win32 Services' from your computer wants to send UDP datagram to 239.255.255.250, port 1900
application: c:\windows\system32\svchost.exe
Application: 'Tcpip Kernel Driver'; protocol: [2]; Remote address 224.0.0.2: Unknown event
application: tcpip kernel driver
Could someone point me in the right direction as to where/which material I should dig into and what tools can be used to understand this better ?
a basic grasp of addressing, ports and basic firewall rule setting but frequently when I allow the firewall to query whether certain communication should be allowed, I come across communication which I am not sure where it originates (directly from the internal port eg router or somewhere else nor whether the communication should be allowed eg:
'Generic Host Process for Win32 Services' from your computer wants to send UDP datagram to 255.255.255.255, port 67
application: c:\windows\system32\svchost.exe
Application: 'Tcpip Kernel Driver'; protocol: [2]; Remote address 239.255.255.250: Unknown event
application: tcpip kernel driver
'Generic Host Process for Win32 Services' from your computer wants to send UDP datagram to 239.255.255.250, port 1900
application: c:\windows\system32\svchost.exe
Application: 'Tcpip Kernel Driver'; protocol: [2]; Remote address 224.0.0.2: Unknown event
application: tcpip kernel driver
Could someone point me in the right direction as to where/which material I should dig into and what tools can be used to understand this better ?