Privacy-Filter



  • To block sites that collect information about you and is for blocking Telemetry and some Android Rootkit along with Shodan.io Scanners.  Original script source https://github.com/RMerl/asuswrt-merlin/wiki/Ipset-script-installation-instructions#privacy-filter

    To make this work on pfSense, create a DNSBL feed called Privacy-Filter and add the following under Custom Block List.  List Action is Unbound.

    a.rad.msn.com
    a-0001.a-msedge.net
    a-0002.a-msedge.net
    a-0003.a-msedge.net
    a-0004.a-msedge.net
    a-0005.a-msedge.net
    a-0006.a-msedge.net
    a-0007.a-msedge.net
    a-0008.a-msedge.net
    a-0009.a-msedge.net
    ac3.msn.com
    aidps.atdmt.com
    aka-cdn-ns.adtech.de
    b.ads1.msn.com
    b.rad.msn.com
    bs.serving-sys.com
    c.atdmt.com
    c.msn.com
    choice.microsoft.com
    choice.microsoft.com.nsatc.net
    corp.sts.microsoft.com
    corpext.msitadfs.glbdns2.microsoft.com
    db3aqu.atdmt.com
    df.telemetry.microsoft.com
    diagnostics.support.microsoft.com
    fe2.update.microsoft.com.akadns.net
    feedback.microsoft-hohm.com
    feedback.search.microsoft.com
    feedback.windows.com
    flex.msn.com
    g.msn.com
    h1.msn.com
    i1.services.social.microsoft.com
    lb1.www.ms.akadns.net
    live.rads.msn.com
    m.adnxs.com
    msedge.net
    msnbot-65-55-108-23.search.msn.com
    msntest.serving-sys.com
    oca.telemetry.microsoft.com
    pre.footprintpredict.com
    preview.msn.com
    rad.live.com
    rad.msn.com
    redir.metaservices.microsoft.com
    reports.wes.df.telemetry.microsoft.com
    s.gateway.messenger.live.com
    s0.2mdn.net
    schemas.microsoft.akadns.net
    secure.adnxs.com
    secure.flashtalking.com
    services.wes.df.telemetry.microsoft.com
    settings-sandbox.data.microsoft.com
    settings-win.data.microsoft.com
    sls.update.microsoft.com.akadns.net
    sqm.df.telemetry.microsoft.com
    sqm.telemetry.microsoft.com
    sqm.telemetry.microsoft.com.nsatc.net
    static.2mdn.net
    statsfe1.ws.microsoft.com
    statsfe2.update.microsoft.com.akadns.net
    statsfe2.ws.microsoft.com
    survey.watson.microsoft.com
    telecommand.telemetry.microsoft.com
    telemetry.appex.bing.net
    telemetry.microsoft.com
    telemetry.urs.microsoft.com
    view.atdmt.com
    vortex.data.microsoft.com
    vortex-sandbox.data.microsoft.com
    vortex-win.data.microsoft.com
    watson.live.com
    watson.microsoft.com
    watson.ppe.telemetry.microsoft.com
    watson.telemetry.microsoft.com
    wes.df.telemetry.microsoft.com
    www.msftncsi.com
    nametests.com
    oyag.lhzbdvm.com
    oyag.prugskh.net
    oyag.prugskh.com
    census1.shodan.io
    census2.shodan.io
    census3.shodan.io
    census4.shodan.io
    census5.shodan.io
    census6.shodan.io
    census7.shodan.io
    census8.shodan.io
    census9.shodan.io
    census10.shodan.io
    census11.shodan.io
    census12.shodan.io
    atlantic.census.shodan.io
    pacific.census.shodan.io
    rim.census.shodan.io
    pirate.census.shodan.io
    ninja.census.shodan.io
    border.census.shodan.io
    burger.census.shodan.io
    atlantic.dns.shodan.io
    hello.data.shodan.io
    

  • Banned

    Note that using the above list WILL break Windows Update.



  • Thanks for the feedback. I just checked and see that updates for my Windows 10 laptop have not been broken impacted using this list. Just to be safe, I'll check with other users of the list and the author of the list on snbforums dot com to see if anyone else has had an issue and report back.

    EDIT: After I posted the above, I saw I had some updates that were not successful from about two months ago.  I ran the updates and it worked.  I did confirm with the author that the ip addresses listed will not prevent windows update from working:

    https://www.snbforums.com/threads/privacy-filter-another-ipset-script.36801/page-18#post-321702

    However, everyone's set up is different. I have the privacy-filter in use at several sites and have not seen any issues to date. I'll double check to be safe though as I was not really watching out for issues with Windows update.



  • You can use the adblock/ublock easyprivacy list

    Anyone know a good source for the spybot anti-beacon hostfile list?
    It would cover the windows issues



  • I dumped my pfBlockerNG configuration in a blog post here, may be of some use in the context of this thread.


  • Banned

    @tuklu_san:

    I dumped my pfBlockerNG configuration in a blog post here, may be of some use in the context of this thread.

    IP addresses in my level 3 blocklist are denied on the incoming side only, i.e. I allow connections initiated from inside my home LAN out to these IPs to go through.

    Why are you blocking inbound on your LAN? Did you open up the WAN to your LAN? This should be blocked by default.



  • @pfBasic:

    Why are you blocking inbound on your LAN? Did you open up the WAN to your LAN? This should be blocked by default.

    Yes it is totally pointless to have inbound-only blocklists, but basically I love to sit and watch the firewall log, hard to describe but I find it fascinating how many IPs from across the globe are in those lists.


Log in to reply