Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Using a static block list in DNSBL / Blocking MS Telemetry and other BS

    pfBlockerNG
    4
    6
    3474
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • G
      guardian last edited by

      I found a script which i manually edited… Small excerpt below...

      #  Manually extracted from the script:  Debloat-Windows-10/scripts/block-telemetry.ps1
      #  This script blocks telemetry related domains via the hosts file and related IPs via Windows Firewall.
      #  Source: https://github.com/W4RH4WK/Debloat-Windows-10/blob/master/scripts/block-telemetry.ps1
      # 
      #  Main Download Page: https://github.com/W4RH4WK/Debloat-Windows-10/tree/master/scripts
      #  2236687 Sep 24, 2016 - @W4RH4WK W4RH4WK Fix most of anniversary stuff - 175 lines (169 sloc) 5.17 KB
      # 
      a-0001.a-msedge.net
      a-0002.a-msedge.net
      a-0003.a-msedge.net
      a-0004.a-msedge.net
      a-0005.a-msedge.net

      How can I use this in pfBlockerNG so that the DNS resolver black holes these addresses?

      If you find my post useful, please give it a thumbs up!
      pfSense 2.6.0-RELEASE-CE

      1 Reply Last reply Reply Quote 0
      • BBcan177
        BBcan177 Moderator last edited by

        Those domains are hardcoded in those scripts… You could copy those and place them in a DNSBL Custom list. Just be sure to remove the quotation marks...  I have not tested adding those Domains to a blocklist. User beware...

        "Experience is something you don't get until just after you need it."

        Website: http://pfBlockerNG.com
        Twitter: @BBcan177  #pfBlockerNG
        Reddit: https://www.reddit.com/r/pfBlockerNG/new/

        1 Reply Last reply Reply Quote 0
        • S
          shinzo last edited by

          https://raw.githubusercontent.com/WindowsLies/BlockWindows/master/hostslist

          Been running that for a while, works great.  Looking at it, hasn't been updated in a bit but at least should be enough

          1 Reply Last reply Reply Quote 0
          • C
            chrcoluk last edited by

            That list includes many domains that have no relation to telemetry.

            e.g. at least one of those domains is owned by google.

            The original source of that list is now offline, basically what happened is I think someone started monitoring traffic whilst the system was idle and decided that all of it was due to windows telemetry.

            I remember when I tested the list I couldnt get any updates on windows 10 either until the list got disabled.

            pfSense 2.6.0 - ISP AAISP UK

            1 Reply Last reply Reply Quote 0
            • G
              guardian last edited by

              Any suggestions as to how to sort the list out?

              In an ideal world, I would like to block all the tracking and telemetry (Windows 8.1 - I want no part of 10!), and have a quick an convenient way to periodically open as little as needed to get patches, get my patches and close the hole.

              I have absolutely no tolerance for letting Windows use my bandwidth to distribute updates, or arbitrary forcing me to reboot or taking over my system for extended periods of time to apply updates when it's not convenient.

              If you find my post useful, please give it a thumbs up!
              pfSense 2.6.0-RELEASE-CE

              1 Reply Last reply Reply Quote 0
              • C
                chrcoluk last edited by

                I will post a much shortened list I ended up with which I got to by removing domains I know for sure are not for telemetry and also that broke other services.  The list is way shorter as expected.  But bear in mind its a game of whack a mole.  Microsoft at any point can change the domain names used or even connect directly to ip's.  This list I got here was last updated probably a year or so ago when I gave up on windows 10.

                choice.microsoft.com
                choice.microsoft.com.nsatc.net
                df.telemetry.microsoft.com
                diagnostics.support.microsoft.com
                oca.telemetry.microsoft.com
                oca.telemetry.microsoft.com.nsatc.net
                reports.wes.df.telemetry.microsoft.com
                services.wes.df.telemetry.microsoft.com
                settings-sandbox.data.microsoft.com
                settings-win.data.microsoft.com
                sqm.df.telemetry.microsoft.com
                sqm.telemetry.microsoft.com
                sqm.telemetry.microsoft.com.nsatc.net
                survey.watson.microsoft.com
                telecommand.telemetry.microsoft.com
                telecommand.telemetry.microsoft.com.nsatc.net
                telemetry.appex.bing.net
                telemetry.microsoft.com
                telemetry.urs.microsoft.com
                vortex.data.microsoft.com
                vortex-sandbox.data.microsoft.com
                vortex-win.data.microsoft.com
                watson.ppe.telemetry.microsoft.com
                wes.df.telemetry.microsoft.com
                

                pfSense 2.6.0 - ISP AAISP UK

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post