wokhan
commented
5 years ago Service detection is a tricky process which is not 100% reliable. When you say never, you really mean it never ever worked? Or randomly fails?
Open tonecool opened 5 years ago
wokhan
commented
5 years ago Service detection is a tricky process which is not 100% reliable. When you say never, you really mean it never ever worked? Or randomly fails?
tonecool
commented
5 years ago Before running WFN for the first time I started with default firewall rules and all outbound traffic blocked. At the time of writing post, I was using WFN for a couple of hours and no svchost calling services ware detected. But today one service got recognized (Windows time).
wokhan
commented
4 years ago Hi @AtlasHackert & @harrwiss, I think this old issue has been solved by one of you (along with services detection improvements). Please feel free to close the issue if so.
harrwiss
commented
4 years ago Hi @wokhan, yes I tried to improve that when I added the Service column to the security log - for me it works reliably now. Some code cleanup needs to be done though e.g. remove the ServicesForm in Notifier (think it's not needed anymore) and check consistency.
wokhan
commented
4 years ago Thanks! We'll keep the issue open until everything is cleaned up then 😉
kekukui
commented
4 years ago Just for reference, the 'Process Hacker' traffic monitor can identify which hidden service is using the network, for example:
harrwiss
commented
4 years ago Think WFN quite reliably detects the services now as well. Maybe we could compare them to see if we have any missmatches.
wokhan
commented
4 years ago The guy behind Process Hacker (wj32) is really good, if we got on par with what he offers (at least or this tiny little feature - but super useful), I'd be more than happy! Indeed, comparing could be a way to ensure we / you got it right.
I'm never getting the name of actual service trying to connect only svchost.exe process name and "Multiple matches found." red text :( (latest beta3, windows7 sp1, .net4.72)