Firewall Advice

Zascar

I've finally realised that I should get a personal firewall, despite not having one for the last few years, and with a dsl connection for the last few months. I've never had any problems that would make me think I need one, but I was curious to see what is actually happeing on my line.

I read a few reviews and chose Kerio Personal Firewall. (IS ths any good, shoukd I be using something better, I just want somehting simple...). The install etc was fine, its set on "Learning" so I know the obvious ones to allow. However, I've only had it installed a few minutes and there are quite a few messages coming up that i have no idea what they are, and whether I should block or allow them. I have Diet Kazaa running and not sure if these mesages are standard becasue of that or are they mallicious hacker attacks... Some examples from the past few minutes are as follows:

Someone from kat02236008.visp.energis.pl [62.29.236.8], port 1048 wants to connect to port 135 owned by 'Generic Host Process for Win32 Services' on your computer
c:\windows\system32\svchost.exe

Someone from pc142.piotrkow.cvx.ppp.tpnet.pl [217.99.181.142], port 4965 wants to connect to port 135 owned by 'Generic Host Process for Win32 Services' on your computer
c:\windows\system32\svchost.exe

Someone on address 213.76.148.130 wants to send ICMP packet to your machine


Can anyone give me advise, or point me to a site which explains a bit more on whatis bad and what is not?

Thanks.

Kali

Port 135 was what the biggest worm & vulnerability of last year (Blaster) operated on... keep it closed, theres no reason for it to be open to external connections.

ICMP is upto yourself.. its just for ping requests.. theres no major harm in leaving it open, but safest bet is to turn it off.