Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    PfBlockerNG - Windows 10 Privacy

    Scheduled Pinned Locked Moved
    pfBlockerNG
    5
    7
    5.5k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • C
      Clear-Pixel
      last edited by

      Was looking at compiling a list of Ip addresses to minimize, if not eliminate the Windows 10 privacy issues. I haven't looked into the Ip addresses for the Microsoft I-Blocklist, but can only assume this list isn't tailored for Microsoft 10 OS.

      I would think someone here in the community has already compiled a list and would be great if they would share. My idea was to create multiple list for different purposes depending on what you wish to block, than share here on the forum.

      Would love to hear some options.

      clippy-windows-10.jpg
      clippy-windows-10.jpg_thumb

      HP EliteBook 2530p Laptop - Core2 Duo SL9600 @ 2.13Ghz - 4 GB Ram -128GB SSD
      Atheros Mini PCI-E as Access Point (AR5BXB63H/AR5007EG/AR2425)
      Single Ethernet Port - VLAN
      Cisco SG300 10-port Gigabit Managed Switch
      Cisco DPC3008 Cable Modem  30/4 Mbps
      Pfsense 2.1-RELEASE (amd64)
      –------------------------------------------------------------
      Total Network Power Consumption - 29 Watts

      1 Reply Last reply Reply Quote 0
      • D
        doktornotor Banned
        last edited by

        IP addresses is definitely NOT a viable approach.

        
a-0001.a-msedge.net
choice.microsoft.com
choice.microsoft.com.nstac.net
compatexchange.cloudapp.net
corpext.msitadfs.glbdns2.microsoft.com
corp.sts.microsoft.com
cs1.wpc.v0cdn.net
df.telemetry.microsoft.com
diagnostics.support.microsoft.com
fe2.update.microsoft.com.akadns.net
feedback.search.microsoft.com
feedback.windows.com
i1.services.social.microsoft.com
i1.services.social.microsoft.com.nsatc.net
oca.telemetry.microsoft.com
oca.telemetry.microsoft.com.nsatc.net
pre.footprintpredict.com
redir.metaservices.microsoft.com
reports.wes.df.telemetry.microsoft.com
services.wes.df.telemetry.microsoft.com
settings-sandbox.data.microsoft.com
sls.update.microsoft.com.akadns.net
sqm.df.telemetry.microsoft.com
sqm.telemetry.microsoft.com
sqm.telemetry.microsoft.com.nsatc.net
ssw.live.com
statsfe1.ws.microsoft.com
statsfe2.update.microsoft.com.akadns.net
survey.watson.microsoft.com
telecommand.telemetry.microsoft.com
telecommand.telemetry.microsoft.com.nsatc.net
telemetry.appex.bing.net
telemetry.microsoft.com
telemetry.urs.microsoft.com
vortex.data.microsoft.com
vortex-sandbox.data.microsoft.com
vortex-win.data.microsoft.com
watson.live.com
watson.microsoft.com
watson.ppe.telemetry.microsoft.com
watson.telemetry.microsoft.com
watson.telemetry.microsoft.com.nsatc.net

        Most of these are blocked by HPHosts and similar, which in turn breaks Windows Update. So NOT use the above list verbatim, it WILL break OS updates (even on W8.x).

        1 Reply Last reply Reply Quote 0
        • C
          Clear-Pixel
          last edited by

          For me I would not be concerned if it breaking MS Updates …...... Running Windows 7 now and have them blocked as we speak........if I feel I need an auto update, I flick it on, than off. You could manually download the updates monthly......that would be a drag.

          What I'm more concerned about is Windows 10 and all the malware that's built in.

          Android is a good example ..... its free ...... not really ....... it comes preloaded with malware... it is stealing your private information every day.

          By the way thanks for the list and the HPHosts info ...... wdoktornotor

          Anyone interested here's a thread where they are working on different methods of leak prevention.
          http://forums.mydigitallife.info/threads/63874-REPO-Windows-10-TELEMETRY-REPOSITORY

          HP EliteBook 2530p Laptop - Core2 Duo SL9600 @ 2.13Ghz - 4 GB Ram -128GB SSD
          Atheros Mini PCI-E as Access Point (AR5BXB63H/AR5007EG/AR2425)
          Single Ethernet Port - VLAN
          Cisco SG300 10-port Gigabit Managed Switch
          Cisco DPC3008 Cable Modem  30/4 Mbps
          Pfsense 2.1-RELEASE (amd64)
          –------------------------------------------------------------
          Total Network Power Consumption - 29 Watts

          1 Reply Last reply Reply Quote 0
          • BBcan177B
            BBcan177 Moderator
            last edited by

            There is a thread here:
            https://forum.pfsense.org/index.php?topic=98087.0

            Other feeds here:
            https://github.com/WindowsLies/BlockWindows
            https://raw.githubusercontent.com/WindowsLies/BlockWindows/master/hostslist

            hpHosts and a few of the other lists have also added some of those Domains, but I would be careful how that is affecting MS Updates etc… I don't specifically use those two lists above, just passing them along for you to test and report back :)

            "Experience is something you don't get until just after you need it."

            Website: http://pfBlockerNG.com
            Twitter: @BBcan177  #pfBlockerNG
            Reddit: https://www.reddit.com/r/pfBlockerNG/new/

            1 Reply Last reply Reply Quote 0
            • C
              Clear-Pixel
              last edited by

              @BBcan177:

              There is a thread here:
              https://forum.pfsense.org/index.php?topic=98087.0

              Other feeds here:
              https://github.com/WindowsLies/BlockWindows
              https://raw.githubusercontent.com/WindowsLies/BlockWindows/master/hostslist

              hpHosts and a few of the other lists have also added some of those Domains, but I would be careful how that is affecting MS Updates etc… I don't specifically use those two lists above, just passing them along for you to test and report back :)

              Thanks….

              HP EliteBook 2530p Laptop - Core2 Duo SL9600 @ 2.13Ghz - 4 GB Ram -128GB SSD
              Atheros Mini PCI-E as Access Point (AR5BXB63H/AR5007EG/AR2425)
              Single Ethernet Port - VLAN
              Cisco SG300 10-port Gigabit Managed Switch
              Cisco DPC3008 Cable Modem  30/4 Mbps
              Pfsense 2.1-RELEASE (amd64)
              –------------------------------------------------------------
              Total Network Power Consumption - 29 Watts

              1 Reply Last reply Reply Quote 0
              • C
                centurioapertus
                last edited by

                I solved my problems by installing Linux, but I digress.  Since I still have a few Windows 10 machines, my plan is to block all traffic to microsuck except from one VM which will be running as a WSUS server.  All my Windows 10 machines will be pointed to the WSUS server for updates.

                I just thought I would drop the idea of a WSUS server into the mix.

                1 Reply Last reply Reply Quote 0
                • F
                  Finger79
                  last edited by

                  @centurioapertus:

                  I solved my problems by installing Linux, but I digress.  Since I still have a few Windows 10 machines, my plan is to block all traffic to microsuck except from one VM which will be running as a WSUS server.  All my Windows 10 machines will be pointed to the WSUS server for updates.

                  I just thought I would drop the idea of a WSUS server into the mix.

                  Noob question from me:  I've used a little SCCM 2012 but never WSUS to push out Windows Updates.  Does WSUS require a Windows Server OS?  I'm curious if a home user can spin up a WSUS VM for free (legally).

                  1 Reply Last reply Reply Quote 0
                  • First post
                    Last post