• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Using a static block list in DNSBL / Blocking MS Telemetry and other BS

Scheduled Pinned Locked Moved pfBlockerNG
6 Posts 4 Posters 4.0k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • G
    guardian Rebel Alliance
    last edited by Jan 14, 2017, 8:40 AM

    I found a script which i manually edited… Small excerpt below...

    #  Manually extracted from the script:  Debloat-Windows-10/scripts/block-telemetry.ps1
    #  This script blocks telemetry related domains via the hosts file and related IPs via Windows Firewall.
    #  Source: https://github.com/W4RH4WK/Debloat-Windows-10/blob/master/scripts/block-telemetry.ps1
    # 
    #  Main Download Page: https://github.com/W4RH4WK/Debloat-Windows-10/tree/master/scripts
    #  2236687 Sep 24, 2016 - @W4RH4WK W4RH4WK Fix most of anniversary stuff - 175 lines (169 sloc) 5.17 KB
    # 
    a-0001.a-msedge.net
    a-0002.a-msedge.net
    a-0003.a-msedge.net
    a-0004.a-msedge.net
    a-0005.a-msedge.net

    How can I use this in pfBlockerNG so that the DNS resolver black holes these addresses?

    If you find my post useful, please give it a thumbs up!
    pfSense 2.7.2-RELEASE

    1 Reply Last reply Reply Quote 0
    • B
      BBcan177 Moderator
      last edited by Jan 16, 2017, 5:32 PM

      Those domains are hardcoded in those scripts… You could copy those and place them in a DNSBL Custom list. Just be sure to remove the quotation marks...  I have not tested adding those Domains to a blocklist. User beware...

      "Experience is something you don't get until just after you need it."

      Website: http://pfBlockerNG.com
      Twitter: @BBcan177  #pfBlockerNG
      Reddit: https://www.reddit.com/r/pfBlockerNG/new/

      1 Reply Last reply Reply Quote 0
      • S
        shinzo
        last edited by Jan 19, 2017, 6:48 AM Jan 19, 2017, 6:38 AM

        https://raw.githubusercontent.com/WindowsLies/BlockWindows/master/hostslist

        Been running that for a while, works great.  Looking at it, hasn't been updated in a bit but at least should be enough

        1 Reply Last reply Reply Quote 0
        • C
          chrcoluk
          last edited by Jan 19, 2017, 7:25 AM

          That list includes many domains that have no relation to telemetry.

          e.g. at least one of those domains is owned by google.

          The original source of that list is now offline, basically what happened is I think someone started monitoring traffic whilst the system was idle and decided that all of it was due to windows telemetry.

          I remember when I tested the list I couldnt get any updates on windows 10 either until the list got disabled.

          pfSense CE 2.7.2

          1 Reply Last reply Reply Quote 0
          • G
            guardian Rebel Alliance
            last edited by Jan 19, 2017, 5:50 PM

            Any suggestions as to how to sort the list out?

            In an ideal world, I would like to block all the tracking and telemetry (Windows 8.1 - I want no part of 10!), and have a quick an convenient way to periodically open as little as needed to get patches, get my patches and close the hole.

            I have absolutely no tolerance for letting Windows use my bandwidth to distribute updates, or arbitrary forcing me to reboot or taking over my system for extended periods of time to apply updates when it's not convenient.

            If you find my post useful, please give it a thumbs up!
            pfSense 2.7.2-RELEASE

            1 Reply Last reply Reply Quote 0
            • C
              chrcoluk
              last edited by Jan 19, 2017, 10:29 PM

              I will post a much shortened list I ended up with which I got to by removing domains I know for sure are not for telemetry and also that broke other services.  The list is way shorter as expected.  But bear in mind its a game of whack a mole.  Microsoft at any point can change the domain names used or even connect directly to ip's.  This list I got here was last updated probably a year or so ago when I gave up on windows 10.

              choice.microsoft.com
              choice.microsoft.com.nsatc.net
              df.telemetry.microsoft.com
              diagnostics.support.microsoft.com
              oca.telemetry.microsoft.com
              oca.telemetry.microsoft.com.nsatc.net
              reports.wes.df.telemetry.microsoft.com
              services.wes.df.telemetry.microsoft.com
              settings-sandbox.data.microsoft.com
              settings-win.data.microsoft.com
              sqm.df.telemetry.microsoft.com
              sqm.telemetry.microsoft.com
              sqm.telemetry.microsoft.com.nsatc.net
              survey.watson.microsoft.com
              telecommand.telemetry.microsoft.com
              telecommand.telemetry.microsoft.com.nsatc.net
              telemetry.appex.bing.net
              telemetry.microsoft.com
              telemetry.urs.microsoft.com
              vortex.data.microsoft.com
              vortex-sandbox.data.microsoft.com
              vortex-win.data.microsoft.com
              watson.ppe.telemetry.microsoft.com
              wes.df.telemetry.microsoft.com
              

              pfSense CE 2.7.2

              1 Reply Last reply Reply Quote 0
              1 out of 6
              • First post
                1/6
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
                This community forum collects and processes your personal information.
                consent.not_received