So I've been looking to block certain parts of the operating system form Internet access with 3rd party software like Comodo, and I blocked some of the more annoying things like Cortana sending information on search after being disabled. However, I can't block svchost.exe because it contains like 20 different services, some of these essential for the Internet connection as a whole. Is there a way to block internet access to each service contained in svchost individually and what software could help me do this ?
To block some.annoying.com domain, add "127.0.0.1 some.annoying.com" line in C:\Windows\System32\drivers\etc\hosts. But remember this only helps when a program is not "smart" enough to use other methods for DNS lookups.
Since you would be eventually monitoring/looking for other such annoying domains, here is a comprehensive list compiled by slave77. http forums.mydigitallife.net/threads/63874-REPO-Windows-10-TELEMETRY-REPOSITORY?p=1115035&viewfull=1#post1115035
That's not efficient, I'm looking for a way to disable the Internet access of these services, not rely on an IP blocklist. I can't believe that there is no way to do this.
So far TinyWall appears to be able to do this, but it's just a control panel for the Windows Firewall, and I don't especially trust the Windows Firewall. However, it seems to do the job for now.
In that case, Comodo Firewall would have been suffice. Whitelist followed by TCP/UDP all-Block blocklist would have worked. Add pfSense to that list, too.
Neither of them AFAIK! As I wrote, as long as the apps used is run from within Windows, Windows could vypass most blocking and therefore the use of those apps are simply useless!