Вниманиe! Добавлены новые IP адреса, обновленный скрипт доступен для скачивания.
Майкрософт с помощью пасьянса и косынки учила пользователей пользоваться мышью,
теперь с помощью windows 10 учит читать лицензионное соглашение.
После выхода windows 10 сразу появились сообщения о сборе информации о действиях пользователей и много обсуждений, что делать. Достаточно быстро пользователи составили список основных серверов, собирающих информацию и попытались их заблокировать через файл hosts. Но скептики сразу выдвинули здравое предположение, что MS мог предусмотреть этот метод и некоторые адреса прописать в коде. Тем более, что MS всегда может актуализировать адреса серверов через windows update.
В нашей компании начали появляться первые пользователи windows 10, и мы решили опробовать блокировку передачи телеметрии через встроенный windows firewall.
Итак, собран простой тестовый стенд:
Два ноутбука, на один из них ставим Windows 10 и подключим его к интернету через второй ноутбук, используя internet sharing. На втором ноутбуке, который работает как NAT роутер, поставим Wireshark и определим исходящий трафик на сервера MS с первого ноутбука.
Что получилось:
- да, Windows 10 отправляет данные;
- cписок серверов почти полностью совпал с указанным в статье http://habrahabr.ru/company/pt/blog/264763/ и http://forums.untangle.com/web-filter/35894-blocking-windows-10-spying-telemetry.html;
- встроенный Windows Firewall полностью блокирует передачу данных на эти узлы.
Правила для Firewall
После того как мы получили список IP и убедились в эффективности их блокировки, можно, с помощью Powershell скрипта, внести их в настройки.
Для добавления правила в Firewall необходимо выполнить следующую команду (в качестве примера возьмем сервер «watson.telemetry.microsoft.com»):
netsh advfirewall firewall add rule name="telemetry_watson.telemetry.microsoft.com" dir=out action=block remoteip=65.55.252.43 enable=yes
Где:
name – имя правила и по совместительству название сервера Microsoft;
dir = out – параметр указывающий, что правило соответствует только исходящему сетевому трафику;
action=block– сетевые пакеты, указанные в этом правиле, будут отбрасываются firewall;
remoteip – IP-адрес получателя области исходящего сетевого пакета;
enable=yes – указывает на то, что правило в настоящее время включено.
Аналогично этому будут прописаны и другие правила. В итоге, скрипт будет иметь примерно следующий вид:
Set-NetFirewallProfile -all
netsh advfirewall firewall add rule name="telemetry_vortex.data.microsoft.com" dir=out action=block remoteip=191.232.139.254 enable=yes
netsh advfirewall firewall add rule name="telemetry_telecommand.telemetry.microsoft.com" dir=out action=block remoteip=65.55.252.92 enable=yes
netsh advfirewall firewall add rule name="telemetry_oca.telemetry.microsoft.com" dir=out action=block remoteip=65.55.252.63 enable=yes
netsh advfirewall firewall add rule name="telemetry_sqm.telemetry.microsoft.com" dir=out action=block remoteip=65.55.252.93 enable=yes
netsh advfirewall firewall add rule name="telemetry_watson.telemetry.microsoft.com" dir=out action=block remoteip=65.55.252.43 enable=yes
netsh advfirewall firewall add rule name="telemetry_watson2.telemetry.microsoft.com" dir=out action=block remoteip=65.52.108.29 enable=yes
netsh advfirewall firewall add rule name="telemetry_redir.metaservices.microsoft.com" dir=out action=block remoteip=194.44.4.200 enable=yes
netsh advfirewall firewall add rule name="telemetry_redir2.metaservices.microsoft.com" dir=out action=block remoteip=194.44.4.208 enable=yes
netsh advfirewall firewall add rule name="telemetry_choice.microsoft.com" dir=out action=block remoteip=157.56.91.77 enable=yes
netsh advfirewall firewall add rule name="telemetry_df.telemetry.microsoft.com" dir=out action=block remoteip=65.52.100.7 enable=yes
netsh advfirewall firewall add rule name="telemetry_reports.wes.df.telemetry.microsoft.com" dir=out action=block remoteip=65.52.100.91 enable=yes
netsh advfirewall firewall add rule name="telemetry_wes.df.telemetry.microsoft.com" dir=out action=block remoteip=65.52.100.93 enable=yes
netsh advfirewall firewall add rule name="telemetry_services.wes.df.telemetry.microsoft.com" dir=out action=block remoteip=65.52.100.92 enable=yes
netsh advfirewall firewall add rule name="telemetry_sqm.df.telemetry.microsoft.com" dir=out action=block remoteip=65.52.100.94 enable=yes
netsh advfirewall firewall add rule name="telemetry_telemetry.microsoft.com" dir=out action=block remoteip=65.52.100.9 enable=yes
netsh advfirewall firewall add rule name="telemetry_watson.ppe.telemetry.microsoft.com" dir=out action=block remoteip=65.52.100.11 enable=yes
netsh advfirewall firewall add rule name="telemetry_telemetry.appex.bing.net" dir=out action=block remoteip=168.63.108.233 enable=yes
netsh advfirewall firewall add rule name="telemetry_telemetry.urs.microsoft.com" dir=out action=block remoteip=157.56.74.250 enable=yes
netsh advfirewall firewall add rule name="telemetry_settings-sandbox.data.microsoft.com" dir=out action=block remoteip=111.221.29.177 enable=yes
netsh advfirewall firewall add rule name="telemetry_vortex-sandbox.data.microsoft.com" dir=out action=block remoteip=64.4.54.32 enable=yes
netsh advfirewall firewall add rule name="telemetry_survey.watson.microsoft.com" dir=out action=block remoteip=207.68.166.254 enable=yes
netsh advfirewall firewall add rule name="telemetry_watson.live.com" dir=out action=block remoteip=207.46.223.94 enable=yes
netsh advfirewall firewall add rule name="telemetry_watson.microsoft.com" dir=out action=block remoteip=65.55.252.71 enable=yes
netsh advfirewall firewall add rule name="telemetry_statsfe2.ws.microsoft.com" dir=out action=block remoteip=64.4.54.22 enable=yes
netsh advfirewall firewall add rule name="telemetry_corpext.msitadfs.glbdns2.microsoft.com" dir=out action=block remoteip=131.107.113.238 enable=yes
netsh advfirewall firewall add rule name="telemetry_compatexchange.cloudapp.net" dir=out action=block remoteip=23.99.10.11 enable=yes
netsh advfirewall firewall add rule name="telemetry_sls.update.microsoft.com.akadns.net" dir=out action=block remoteip=157.56.77.139 enable=yes
netsh advfirewall firewall add rule name="telemetry_fe2.update.microsoft.com.akadns.net" dir=out action=block remoteip=134.170.58.121 enable=yes
netsh advfirewall firewall add rule name="telemetry_fe23.update.microsoft.com.akadns.net" dir=out action=block remoteip=134.170.58.123 enable=yes
netsh advfirewall firewall add rule name="telemetry_fe24.update.microsoft.com.akadns.net" dir=out action=block remoteip=134.170.53.29 enable=yes
netsh advfirewall firewall add rule name="telemetry_fe25.update.microsoft.com.akadns.net" dir=out action=block remoteip=66.119.144.190 enable=yes
netsh advfirewall firewall add rule name="telemetry_fe26.update.microsoft.com.akadns.net" dir=out action=block remoteip=134.170.58.189 enable=yes
netsh advfirewall firewall add rule name="telemetry_fe27.update.microsoft.com.akadns.net" dir=out action=block remoteip=134.170.58.118 enable=yes
netsh advfirewall firewall add rule name="telemetry_fe28.update.microsoft.com.akadns.net" dir=out action=block remoteip=134.170.53.30 enable=yes
netsh advfirewall firewall add rule name="telemetry_fe29.update.microsoft.com.akadns.net" dir=out action=block remoteip=134.170.51.190 enable=yes
netsh advfirewall firewall add rule name="telemetry_diagnostics.support.microsoft.com" dir=out action=block remoteip=157.56.121.89 enable=yes
netsh advfirewall firewall add rule name="telemetry_statsfe1.ws.microsoft.com" dir=out action=block remoteip=134.170.115.60 enable=yes
netsh advfirewall firewall add rule name="telemetry_i1.services.social.microsoft.com" dir=out action=block remoteip=104.82.22.249 enable=yes
netsh advfirewall firewall add rule name="telemetry_feedback.windows.com" dir=out action=block remoteip=134.170.185.70 enable=yes
netsh advfirewall firewall add rule name="telemetry_feedback.microsoft-hohm.com" dir=out action=block remoteip=64.4.6.100 enable=yes
netsh advfirewall firewall add rule name="telemetry_feedback2.microsoft-hohm.com" dir=out action=block remoteip=65.55.39.10 enable=yes
netsh advfirewall firewall add rule name="telemetry_feedback.search.microsoft.com" dir=out action=block remoteip=157.55.129.21 enable=yes
netsh advfirewall firewall add rule name="telemetry_rad.msn.com" dir=out action=block remoteip=207.46.194.25 enable=yes
netsh advfirewall firewall add rule name="telemetry_preview.msn.com" dir=out action=block remoteip=23.102.21.4 enable=yes
netsh advfirewall firewall add rule name="telemetry_dart.l.doubleclick.net" dir=out action=block remoteip=173.194.113.220 enable=yes
netsh advfirewall firewall add rule name="telemetry_dart2.l.doubleclick.net" dir=out action=block remoteip=173.194.113.219 enable=yes
netsh advfirewall firewall add rule name="telemetry_dart3.l.doubleclick.net" dir=out action=block remoteip=216.58.209.166 enable=yes
netsh advfirewall firewall add rule name="telemetry_ads.msn.com" dir=out action=block remoteip=157.56.91.82 enable=yes
netsh advfirewall firewall add rule name="telemetry_ads2.msn.com" dir=out action=block remoteip=157.56.23.91 enable=yes
netsh advfirewall firewall add rule name="telemetry_ads3.msn.com" dir=out action=block remoteip=104.82.14.146 enable=yes
netsh advfirewall firewall add rule name="telemetry_ads6.msn.com" dir=out action=block remoteip=8.254.209.254 enable=yes
netsh advfirewall firewall add rule name="telemetry_a.ads1.msn.com" dir=out action=block remoteip=198.78.208.254 enable=yes
netsh advfirewall firewall add rule name="telemetry_a.ads1.msn.com" dir=out action=block remoteip=185.13.160.61 enable=yes
netsh advfirewall firewall add rule name="telemetry_global.msads.net.c.footprint.net" dir=out action=block remoteip=207.123.56.252 enable=yes
netsh advfirewall firewall add rule name="telemetry_ssw.live.com" dir=out action=block remoteip=207.46.101.29 enable=yes
netsh advfirewall firewall add rule name="telemetry_msnbot-65-55-108-23.search.msn.com" dir=out action=block remoteip=65.55.108.23 enable=yes
netsh advfirewall firewall add rule name="telemetry_a23-218-212-69.deploy.static.akamaitechnologies.com" dir=out action=block remoteip=23.218.212.69 enable=yes
netsh advfirewall firewall add rule name="telemetry_microsoft.com" dir=out action=block remoteip=104.96.147.3 enable=yes
netsh advfirewall firewall add rule name="telemetry_microsoft01.com" dir=out action=block remoteip=11.221.29.253 enable=yes
netsh advfirewall firewall add rule name="telemetry_microsoft02.com" dir=out action=block remoteip=111.221.64.0-111.221.127.255 enable=yes
netsh advfirewall firewall add rule name="telemetry_microsoft03.com" dir=out action=block remoteip=131.253.40.37 enable=yes
netsh advfirewall firewall add rule name="telemetry_microsoft04.com" dir=out action=block remoteip=134.170.165.248 enable=yes
netsh advfirewall firewall add rule name="telemetry_microsoft05.com" dir=out action=block remoteip=134.170.165.253 enable=yes
netsh advfirewall firewall add rule name="telemetry_microsoft06.com" dir=out action=block remoteip=134.170.30.202 enable=yes
netsh advfirewall firewall add rule name="telemetry_microsoft07.com" dir=out action=block remoteip=137.116.81.24 enable=yes
netsh advfirewall firewall add rule name="telemetry_microsoft08.com" dir=out action=block remoteip=137.117.235.16 enable=yes
netsh advfirewall firewall add rule name="telemetry_microsoft09.com" dir=out action=block remoteip=157.55.130.0-157.55.130.255 enable=yes
netsh advfirewall firewall add rule name="telemetry_microsoft10.com" dir=out action=block remoteip=157.55.133.204 enable=yes
netsh advfirewall firewall add rule name="telemetry_microsoft11.com" dir=out action=block remoteip=157.55.235.0-157.55.235.255 enable=yes
netsh advfirewall firewall add rule name="telemetry_microsoft12.com" dir=out action=block remoteip=157.55.236.0-157.55.236.255 enable=yes
netsh advfirewall firewall add rule name="telemetry_microsoft13.com" dir=out action=block remoteip=157.55.52.0-157.55.52.255 enable=yes
netsh advfirewall firewall add rule name="telemetry_microsoft14.com" dir=out action=block remoteip=157.55.56.0-157.55.56.255 enable=yes
netsh advfirewall firewall add rule name="telemetry_microsoft15.com" dir=out action=block remoteip=157.56.106.189 enable=yes
netsh advfirewall firewall add rule name="telemetry_microsoft16.com" dir=out action=block remoteip=157.56.124.87 enable=yes
netsh advfirewall firewall add rule name="telemetry_microsoft17.com" dir=out action=block remoteip=191.232.139.2 enable=yes
netsh advfirewall firewall add rule name="telemetry_microsoft18.com" dir=out action=block remoteip=191.232.80.58 enable=yes
netsh advfirewall firewall add rule name="telemetry_microsoft19.com" dir=out action=block remoteip=191.232.80.62 enable=yes
netsh advfirewall firewall add rule name="telemetry_microsoft20.com" dir=out action=block remoteip=191.237.208.126 enable=yes
netsh advfirewall firewall add rule name="telemetry_microsoft21.com" dir=out action=block remoteip=195.138.255.0-195.138.255.255 enable=yes
netsh advfirewall firewall add rule name="telemetry_microsoft22.com" dir=out action=block remoteip=2.22.61.43 enable=yes
netsh advfirewall firewall add rule name="telemetry_microsoft23.com" dir=out action=block remoteip=2.22.61.66 enable=yes
netsh advfirewall firewall add rule name="telemetry_microsoft24.com" dir=out action=block remoteip=207.46.114.58 enable=yes
netsh advfirewall firewall add rule name="telemetry_microsoft25.com" dir=out action=block remoteip=212.30.134.204 enable=yes
netsh advfirewall firewall add rule name="telemetry_microsoft26.com" dir=out action=block remoteip=212.30.134.205 enable=yes
netsh advfirewall firewall add rule name="telemetry_microsoft27.com" dir=out action=block remoteip=213.199.179.0-213.199.179.255 enable=yes
netsh advfirewall firewall add rule name="telemetry_microsoft28.com" dir=out action=block remoteip=23.223.20.82 enable=yes
netsh advfirewall firewall add rule name="telemetry_microsoft29.com" dir=out action=block remoteip=23.57.101.163 enable=yes
netsh advfirewall firewall add rule name="telemetry_microsoft30.com" dir=out action=block remoteip=23.57.107.163 enable=yes
netsh advfirewall firewall add rule name="telemetry_microsoft31.com" dir=out action=block remoteip=23.57.107.27 enable=yes
netsh advfirewall firewall add rule name="telemetry_microsoft32.com" dir=out action=block remoteip=64.4.23.0-64.4.23.255 enable=yes
netsh advfirewall firewall add rule name="telemetry_microsoft33.com" dir=out action=block remoteip=65.39.117.230 enable=yes
netsh advfirewall firewall add rule name="telemetry_microsoft34.com" dir=out action=block remoteip=65.52.108.33 enable=yes
netsh advfirewall firewall add rule name="telemetry_microsoft35.com" dir=out action=block remoteip=65.55.138.114 enable=yes
netsh advfirewall firewall add rule name="telemetry_microsoft36.com" dir=out action=block remoteip=65.55.138.126 enable=yes
netsh advfirewall firewall add rule name="telemetry_microsoft37.com" dir=out action=block remoteip=65.55.223.0-65.55.223.255 enable=yes
netsh advfirewall firewall add rule name="telemetry_microsoft38.com" dir=out action=block remoteip=65.55.138.186 enable=yes
netsh advfirewall firewall add rule name="telemetry_microsoft39.com" dir=out action=block remoteip=65.55.29.238 enable=yes
netsh advfirewall firewall add rule name="telemetry_microsoft40.com" dir=out action=block remoteip=77.67.29.176 enable=yes
netsh advfirewall firewall add rule name="telemetry_new_1-a.ads1.msn.com" dir=out action=block remoteip=206.33.58.254 enable=yes
netsh advfirewall firewall add rule name="telemetry_new_2-a.ads1.msn.com" dir=out action=block remoteip=8.12.207.125 enable=yes
netsh advfirewall firewall add rule name="telemetry_new_3-a.ads1.msn.com" dir=out action=block remoteip=8.253.37.126 enable=yes
netsh advfirewall firewall add rule name="telemetry_new_a-0002.a-msedge.net" dir=out action=block remoteip=204.79.197.201 enable=yes
netsh advfirewall firewall add rule name="telemetry_new_a-0004.a-msedge.net" dir=out action=block remoteip=204.79.197.206 enable=yes
netsh advfirewall firewall add rule name="telemetry_new_a-0005.a-msedge.net" dir=out action=block remoteip=204.79.197.204 enable=yes
netsh advfirewall firewall add rule name="telemetry_new_a-0006.a-msedge.net" dir=out action=block remoteip=204.79.197.208 enable=yes
netsh advfirewall firewall add rule name="telemetry_new_a-0007.a-msedge.net" dir=out action=block remoteip=204.79.197.209 enable=yes
netsh advfirewall firewall add rule name="telemetry_new_a-0008.a-msedge.net" dir=out action=block remoteip=204.79.197.210 enable=yes
netsh advfirewall firewall add rule name="telemetry_new_a-0009.a-msedge.net" dir=out action=block remoteip=204.79.197.211 enable=yes
netsh advfirewall firewall add rule name="telemetry_new_ac3.msn.com" dir=out action=block remoteip=131.253.14.76 enable=yes
netsh advfirewall firewall add rule name="telemetry_new_ad.doubleclick.net" dir=out action=block remoteip=172.217.20.230 enable=yes
netsh advfirewall firewall add rule name="telemetry_new_adnexus.net" dir=out action=block remoteip=37.252.169.43 enable=yes
netsh advfirewall firewall add rule name="telemetry_new_01.auth.nym2.appnexus.net" dir=out action=block remoteip=68.67.155.138 enable=yes
netsh advfirewall firewall add rule name="telemetry_new_01.auth.lax1.appnexus.net" dir=out action=block remoteip=68.67.133.169 enable=yes
netsh advfirewall firewall add rule name="telemetry_new_01.auth.ams1.appnexus.net" dir=out action=block remoteip=37.252.164.5 enable=yes
netsh advfirewall firewall add rule name="telemetry_new_ns1.gslb.com" dir=out action=block remoteip=8.19.31.10 enable=yes
netsh advfirewall firewall add rule name="telemetry_new_ns2.gslb.com" dir=out action=block remoteip=8.19.31.11 enable=yes
netsh advfirewall firewall add rule name="telemetry_new_ads.msn.com" dir=out action=block remoteip=65.55.128.80 enable=yes
netsh advfirewall firewall add rule name="telemetry_new_ads1.msn.com" dir=out action=block remoteip=192.221.106.126 enable=yes
netsh advfirewall firewall add rule name="telemetry_new_de-1.ns.nsatc.net" dir=out action=block remoteip=198.78.208.155 enable=yes
netsh advfirewall firewall add rule name="telemetry_new_es-1.ns.nsatc.net" dir=out action=block remoteip=8.254.34.155 enable=yes
netsh advfirewall firewall add rule name="telemetry_new_b.ns.nsatc.net" dir=out action=block remoteip=8.254.92.155 enable=yes
netsh advfirewall firewall add rule name="telemetry_new_nl-1.ns.nsatc.net" dir=out action=block remoteip=4.23.39.155 enable=yes
netsh advfirewall firewall add rule name="telemetry_new_uk-1.ns.nsatc.net" dir=out action=block remoteip=8.254.119.155 enable=yes
netsh advfirewall firewall add rule name="telemetry_new_aidps.msn.com.nsatc.net" dir=out action=block remoteip=131.253.14.121 enable=yes
netsh advfirewall firewall add rule name="telemetry_new_ns1.a-msedge.net" dir=out action=block remoteip=204.79.197.1 enable=yes
netsh advfirewall firewall add rule name="telemetry_new_ns2.a-msedge.net" dir=out action=block remoteip=204.79.197.2 enable=yes
netsh advfirewall firewall add rule name="telemetry_new_ns3.a-msedge.net" dir=out action=block remoteip=131.253.21.1 enable=yes
netsh advfirewall firewall add rule name="telemetry_new_apps.skype.com" dir=out action=block remoteip=95.100.177.217 enable=yes
netsh advfirewall firewall add rule name="telemetry_new_az512334.vo.msecnd.net" dir=out action=block remoteip=50.63.202.65 enable=yes
netsh advfirewall firewall add rule name="telemetry_new_bs.serving-sys.com" dir=out action=block remoteip=82.199.80.141 enable=yes
netsh advfirewall firewall add rule name="telemetry_new_65choice.microsoft.com" dir=out action=block remoteip=65.55.128.81 enable=yes
netsh advfirewall firewall add rule name="telemetry_new_db3aqu.atdmt.com" dir=out action=block remoteip=94.245.121.176 enable=yes
netsh advfirewall firewall add rule name="telemetry_new_choice.microsoft.com.nsatc.net" dir=out action=block remoteip=94.245.121.177 enable=yes
netsh advfirewall firewall add rule name="telemetry_new_c.msn.com" dir=out action=block remoteip=94.245.121.178 enable=yes
netsh advfirewall firewall add rule name="telemetry_new_c2.msn.com" dir=out action=block remoteip=94.245.121.179 enable=yes
netsh advfirewall firewall add rule name="telemetry_new_diagnostics.support.microsoft.com" dir=out action=block remoteip=134.170.52.151 enable=yes
netsh advfirewall firewall add rule name="telemetry_new_fe2.update.microsoft.com.akadns.net" dir=out action=block remoteip=134.10.58.118 enable=yes
netsh advfirewall firewall add rule name="telemetry_new_ns1.msft.net" dir=out action=block remoteip=208.84.0.53 enable=yes
netsh advfirewall firewall add rule name="telemetry_new_ns3.msft.net" dir=out action=block remoteip=192.221.113.53 enable=yes
netsh advfirewall firewall add rule name="telemetry_new_ns4.msft.net" dir=out action=block remoteip=208.76.45.53 enable=yes
netsh advfirewall firewall add rule name="telemetry_new_flex.msn.com" dir=out action=block remoteip=207.46.194.8 enable=yes
netsh advfirewall firewall add rule name="telemetry_new_g.msn.com" dir=out action=block remoteip=207.46.194.14 enable=yes
netsh advfirewall firewall add rule name="telemetry_new_i1.services.social.microsoft.com" dir=out action=block remoteip=23.74.190.252 enable=yes
netsh advfirewall firewall add rule name="telemetry_new_lb1.www.ms.akadns.net" dir=out action=block remoteip=65.55.57.27 enable=yes
netsh advfirewall firewall add rule name="telemetry_new_live.rads.msn.com" dir=out action=block remoteip=40.127.139.224 enable=yes
netsh advfirewall firewall add rule name="telemetry_new_m.adnxs.com" dir=out action=block remoteip=37.252.170.82 enable=yes
netsh advfirewall firewall add rule name="telemetry_new_m1.adnxs.com" dir=out action=block remoteip=37.252.170.81 enable=yes
netsh advfirewall firewall add rule name="telemetry_new_m2.adnxs.com" dir=out action=block remoteip=37.252.170.141 enable=yes
netsh advfirewall firewall add rule name="telemetry_new_m3.adnxs.com" dir=out action=block remoteip=37.252.170.142 enable=yes
netsh advfirewall firewall add rule name="telemetry_new_m4.adnxs.com" dir=out action=block remoteip=37.252.170.80 enable=yes
netsh advfirewall firewall add rule name="telemetry_new_m5.adnxs.com" dir=out action=block remoteip=37.252.170.140 enable=yes
netsh advfirewall firewall add rule name="telemetry_new_m6.adnxs.com" dir=out action=block remoteip=37.252.170.1 enable=yes
netsh advfirewall firewall add rule name="telemetry_new_m.hotmail.com" dir=out action=block remoteip=134.170.3.199 enable=yes
netsh advfirewall firewall add rule name="telemetry_new_msedge.net" dir=out action=block remoteip=204.79.19.197 enable=yes
netsh advfirewall firewall add rule name="telemetry_new_msntest.serving-sys.com" dir=out action=block remoteip=2.21.246.8 enable=yes
netsh advfirewall firewall add rule name="telemetry_new_msnbot-65-55-108-23.search.msn.com" dir=out action=block remoteip=2.21.246.10 enable=yes
netsh advfirewall firewall add rule name="telemetry_new_redir.metaservices.microsoft.com" dir=out action=block remoteip=2.21.246.42 enable=yes
netsh advfirewall firewall add rule name="telemetry_new_redir2.metaservices.microsoft.com" dir=out action=block remoteip=2.21.246.58 enable=yes
netsh advfirewall firewall add rule name="telemetry_new_s0.2mdn.net" dir=out action=block remoteip=172.217.21.166 enable=yes
netsh advfirewall firewall add rule name="telemetry_new_db5.skype.msnmessenger.msn.com.akadns.net" dir=out action=block remoteip=191.232.139.13 enable=yes
netsh advfirewall firewall add rule name="telemetry_new_schemas.microsoft.akadns.net" dir=out action=block remoteip=65.54.226.187 enable=yes
netsh advfirewall firewall add rule name="telemetry_new_secure.adnxs.com" dir=out action=block remoteip=37.252.163.207 enable=yes
netsh advfirewall firewall add rule name="telemetry_new_secure1.adnxs.com" dir=out action=block remoteip=37.252.163.3 enable=yes
netsh advfirewall firewall add rule name="telemetry_new_secure2.adnxs.com" dir=out action=block remoteip=37.252.163.244 enable=yes
netsh advfirewall firewall add rule name="telemetry_new_secure3.adnxs.com" dir=out action=block remoteip=37.252.162.216 enable=yes
netsh advfirewall firewall add rule name="telemetry_new_secure4.adnxs.com" dir=out action=block remoteip=37.252.163.215 enable=yes
netsh advfirewall firewall add rule name="telemetry_new_secure5.adnxs.com" dir=out action=block remoteip=37.252.162.228 enable=yes
netsh advfirewall firewall add rule name="telemetry_new_secure6.adnxs.com" dir=out action=block remoteip=37.252.163.106 enable=yes
netsh advfirewall firewall add rule name="telemetry_new_secure7.adnxs.com" dir=out action=block remoteip=37.252.163.88 enable=yes
netsh advfirewall firewall add rule name="telemetry_new_secure.flashtalking.com" dir=out action=block remoteip=95.101.244.134 enable=yes
netsh advfirewall firewall add rule name="telemetry_new_settings-sandbox.data.microsoft.com" dir=out action=block remoteip=191.232.140.76 enable=yes
netsh advfirewall firewall add rule name="telemetry_new_sls.update.microsoft.com.akadns.net" dir=out action=block remoteip=157.56.96.58 enable=yes
netsh advfirewall firewall add rule name="telemetry_new_statsfe1.ws.microsoft.com" dir=out action=block remoteip=207.46.114.61 enable=yes
netsh advfirewall firewall add rule name="telemetry_new_statsfe2.ws.microsoft.com" dir=out action=block remoteip=65.52.108.153 enable=yes
netsh advfirewall firewall add rule name="telemetry_new_telemetry.appex.bing.net" dir=out action=block remoteip=168.61.24.141 enable=yes
netsh advfirewall firewall add rule name="telemetry_new_telemetry.urs.microsoft.com" dir=out action=block remoteip=65.55.44.85 enable=yes
netsh advfirewall firewall add rule name="telemetry_new_view.atdmt.com" dir=out action=block remoteip=179.60.192.10 enable=yes
netsh advfirewall firewall add rule name="telemetry_new_www.msftncsi.com" dir=out action=block remoteip=2.21.246.26 enable=yes
netsh advfirewall firewall add rule name="telemetry_new_www.msftncsi2.com" dir=out action=block remoteip=2.21.246.24 enable=yes
netsh advfirewall firewall add rule name="telemetry_new_a-0003.a-msedge.net" dir=out action=block remoteip=204.79.197.203 enable=yes
netsh advfirewall firewall add rule name="telemetry_new_cs697.wac.thetacdn.net" dir=out action=block remoteip=192.229.233.249 enable=yes
netsh advfirewall firewall add rule name="telemetry_new_db5.settings.data.microsoft.com.akadns.net" dir=out action=block remoteip=191.232.139.253 enable=yes
netsh advfirewall firewall add rule name="telemetry_new_co4.telecommand.telemetry.microsoft.com.akadns.net" dir=out action=block remoteip=65.55.252.190 enable=yes
netsh advfirewall firewall add rule name="telemetry_new_oca.telemetry.microsoft.com.nsatc.net" dir=out action=block remoteip=64.4.54.153 enable=yes
netsh advfirewall firewall add rule name="telemetry_new_telemetry.appex.search.prod.ms.akadns.net" dir=out action=block remoteip=65.52.161.64 enable=yes
netsh advfirewall firewall add rule name="telemetry_new_t.urs.microsoft.com.nsatc.net" dir=out action=block remoteip=64.4.54.167 enable=yes
netsh advfirewall firewall add rule name="telemetry_new_watson.microsoft.com.nsatc.net" dir=out action=block remoteip=65.52.108.154 enable=yes
netsh advfirewall firewall add rule name="telemetry_new_statsfe2.ws.microsoft.com.nsatc.net" dir=out action=block remoteip=131.253.14.153 enable=yes
netsh advfirewall firewall add rule name="telemetry_new_sls.update.microsoft.com.akadns.net" dir=out action=block remoteip=157.56.77.138 enable=yes
netsh advfirewall firewall add rule name="telemetry_new_dart.l.doubleclick.net" dir=out action=block remoteip=172.217.20.134 enable=yes
netsh advfirewall firewall add rule name="telemetry_ssw.live.com.nsatc.net" dir=out action=block remoteip=207.46.7.252 enable=yes
netsh advfirewall firewall add rule name="telemetry_urs.microsoft.com.nsatc.net" dir=out action=block remoteip=192.232.139.180 enable=yes
netsh advfirewall firewall add rule name="telemetry_urs.microsoft.com.nsatc.net" dir=out action=block remoteip=157.55.233.125 enable=yes
netsh advfirewall firewall add rule name="telemetry_geo-prod.dodsp.mp.microsoft.com.nsatc.net" dir=out action=block remoteip=191.232.139.212 enable=yes
netsh advfirewall firewall add rule name="telemetry_new_c.microsoft.akadns.net" dir=out action=block remoteip=134.170.188.139 enable=yes
Выполнение созданного скрипта
Чтобы не проходить долгий путь по запуску этого power shell скрипта с правами администратора, проще создать .bat файл и запустить его. UAC сам запросит подтверждение прав.
@echo off
cls
echo Telemetry
echo Rules of Firewall
echo.
echo press any key to continue...
pause > NUL
echo Rules of Firewall
echo.
PowerShell -NoProfile -ExecutionPolicy Bypass -Command "& {Start-Process PowerShell -ArgumentList '-NoProfile -ExecutionPolicy Bypass -File ""%~dp0.\script-new.ps1""' -Verb RunAs}"
echo Rules included in Firewall...
echo.
pause
Где script-new.ps1– имя созданного файла с power shell командами.
Скачать power shell скрипт
Скачать .bat файл
После этого, добавленные правила будут отображаться в Windows Firewall, как на скриншоте ниже:
И, дополнительно, информация, не относящиеся к firewall, но относящаяся к сбору телеметрии
Windows 7/8/8.1
Также стоит отметить, что пользователи ОС Windows 7/8/8.1 получили обновления, которые расширяют возможности системы по сбору и отправке телеметрических данных. Соответственно, к этим пользователям также можно применить рекомендации, представленные в этой статье, или удалить обновления http://habrahabr.ru/post/265283/
Key logger
Надо отключить «DiagTrack» (сбор данных в компонентах Windows) и «dmwappushservice» (cлужба маршрутизации push-сообщений WAP). Для этого запускаем командную строку от имени администратора и отключаем службы:
sc stop DiagTrack
sc stop dmwappushservice
Или же вообще их удаляем:
sc delete DiagTrack
sc delete dmwappushservice
Планировщик отправки телеметрии
В консоли Taskschd.msc надо запретить задания:
REM *** Task that collects data for SmartScreen in Windows ***
schtasks /Change /TN "Microsoft\Windows\AppID\SmartScreenSpecific" /Disable
REM *** Collects program telemetry information if opted-in to the Microsoft Customer Experience Improvement Program ***
schtasks /Change /TN "Microsoft\Windows\Application Experience\ProgramDataUpdater" /Disable
REM *** Collects program telemetry information if opted-in to the Microsoft Customer Experience Improvement Program ***
schtasks /Change /TN "Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser" /Disable
REM *** Aggregates and uploads Application Telemetry information if opted-in to the Microsoft Customer Experience Improvement Program ***
schtasks /Change /TN "Microsoft\Windows\Application Experience\AitAgent" /Disable
REM *** This task collects and uploads autochk SQM data if opted-in to the Microsoft Customer Experience Improvement Program ***
schtasks /Change /TN "Microsoft\Windows\Autochk\Proxy" /Disable
REM *** If the user has consented to participate in the Windows Customer Experience Improvement Program, this job collects and sends usage data to Microsoft ***
schtasks /Change /TN "Microsoft\Windows\Customer Experience Improvement Program\Consolidator" /Disable
REM *** The Kernel CEIP (Customer Experience Improvement Program) task collects additional information about the system and sends this data to Microsoft. ***
REM *** If the user has not consented to participate in Windows CEIP, this task does nothing ***
schtasks /Change /TN "Microsoft\Windows\Customer Experience Improvement Program\KernelCeipTask" /Disable
REM *** The Bluetooth CEIP (Customer Experience Improvement Program) task collects Bluetooth related statistics and information about your machine and sends it to Microsoft ***
REM *** The information received is used to help improve the reliability, stability, and overall functionality of Bluetooth in Windows ***
REM *** If the user has not consented to participate in Windows CEIP, this task does not do anything.***
schtasks /Change /TN "Microsoft\Windows\Customer Experience Improvement Program\BthSQM" /Disable
REM *** Create Object Task ***
schtasks /Change /TN "Microsoft\Windows\CloudExperienceHost\CreateObjectTask" /Disable
REM *** The Windows Disk Diagnostic reports general disk and system information to Microsoft for users participating in the Customer Experience Program ***
schtasks /Change /TN "Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector" /Disable
REM *** Measures a system's performance and capabilities ***
schtasks /Change /TN "Microsoft\Windows\Maintenance\WinSAT" /Disable
REM *** Network information collector ***
schtasks /Change /TN "Microsoft\Windows\NetTrace\GatherNetworkInfo" /Disable
REM *** Initializes Family Safety monitoring and enforcement ***
schtasks /Change /TN "Microsoft\Windows\Shell\FamilySafetyMonitor" /Disable
REM *** Synchronizes the latest settings with the Family Safety website ***
schtasks /Change /TN "Microsoft\Windows\Shell\FamilySafetyRefresh" /Disable
REM *** SQM (Software Quality Management) ***
schtasks /Change /TN "Microsoft\Windows\IME\SQM data sender" /Disable
REM *** This task initiates the background task for Office Telemetry Agent, which scans and uploads usage and error information for Office solutions ***
schtasks /Change /TN "Microsoft\Office\OfficeTelemetryAgentFallBack" /Disable
REM *** This task initiates Office Telemetry Agent, which scans and uploads usage and error information for Office solutions when a user logs on to the computer ***
schtasks /Change /TN "Microsoft\Office\OfficeTelemetryAgentLogOn" /Disable
также подозрительные задачи в планировщике, рекомендую отключить:
REM *** Scans startup entries and raises notification to the user if there are too many startup entries ***
schtasks /Change /TN "Microsoft\Windows\Application Experience\StartupAppTask" /Disable
REM *** Protects user files from accidental loss by copying them to a backup location when the system is unattended ***
schtasks /Change /TN "Microsoft\Windows\FileHistory\File History (maintenance mode)" /Disable
REM *** This task gathers information about the Trusted Platform Module (TPM), Secure Boot, and Measured Boot ***
schtasks /Change /TN "Microsoft\Windows\PI\Sqm-Tasks" /Disable
REM *** This task analyzes the system looking for conditions that may cause high energy use ***
schtasks /Change /TN "Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem" /Disable
Все вышесказанное не 100% панацея, но одно из компромиссных решений.
Обсуждение этой статьи доступно здесь