How do I block traffic to “evaluated” IPs without using a separate DNS?
up vote
1
down vote
favorite
To test the 'truthfulness' of a network function, I have set up a virtual machine running windows 10. I'm running the Microsoft network monitor on the virtual machine, and on the next level up, I'm comparing the network requests of the virtual box to the network requests that the virtual box claims that it made.
Note that the virtual box has no network requests until I start a VM.
My current method of trying to block these network requests is to use the hosts file for any domains, and the firewall for any IPs. The Firewall has been working fine so far, It's the hosts file that's giving me a headache.
There seem to be certain "Evaluated" domains that the hosts file will not block, and I need them blocked
for example, here are some domains that you cannot block with the hosts file:
dm3p.wns.notify.windows.com.akadns.net
e1553.dspg.akamaiedge.net
e15275.g.akamaiedge.net
cs9.wac.phicdn.net
arc.msn.com.nsatc.net
How do I block requests to and from these addresses using only vanilla windows 10?
networking virtualbox blocking
asked Nov 7 at 23:17
tuskiomi
4992515
This question has an open bounty worth +200
reputation from tuskiomi ending in 5 days.
This question has not received enough attention.
As it stands, this is a huge security flaw in windows that allows programs to start communications with a server that is blocked by the firewall. It would be a help to not only me, but the entire windows space if this question were solved.
add a comment |
up vote
1
down vote
favorite
To test the 'truthfulness' of a network function, I have set up a virtual machine running windows 10. I'm running the Microsoft network monitor on the virtual machine, and on the next level up, I'm comparing the network requests of the virtual box to the network requests that the virtual box claims that it made.
Note that the virtual box has no network requests until I start a VM.
My current method of trying to block these network requests is to use the hosts file for any domains, and the firewall for any IPs. The Firewall has been working fine so far, It's the hosts file that's giving me a headache.
There seem to be certain "Evaluated" domains that the hosts file will not block, and I need them blocked
for example, here are some domains that you cannot block with the hosts file:
dm3p.wns.notify.windows.com.akadns.net
e1553.dspg.akamaiedge.net
e15275.g.akamaiedge.net
cs9.wac.phicdn.net
arc.msn.com.nsatc.net
How do I block requests to and from these addresses using only vanilla windows 10?
networking virtualbox blocking
asked Nov 7 at 23:17
tuskiomi
4992515
This question has an open bounty worth +200
reputation from tuskiomi ending in 5 days.
This question has not received enough attention.
As it stands, this is a huge security flaw in windows that allows programs to start communications with a server that is blocked by the firewall. It would be a help to not only me, but the entire windows space if this question were solved.
add a comment |
up vote
1
down vote
favorite
up vote
1
down vote
favorite
To test the 'truthfulness' of a network function, I have set up a virtual machine running windows 10. I'm running the Microsoft network monitor on the virtual machine, and on the next level up, I'm comparing the network requests of the virtual box to the network requests that the virtual box claims that it made.
Note that the virtual box has no network requests until I start a VM.
My current method of trying to block these network requests is to use the hosts file for any domains, and the firewall for any IPs. The Firewall has been working fine so far, It's the hosts file that's giving me a headache.
There seem to be certain "Evaluated" domains that the hosts file will not block, and I need them blocked
for example, here are some domains that you cannot block with the hosts file:
dm3p.wns.notify.windows.com.akadns.net
e1553.dspg.akamaiedge.net
e15275.g.akamaiedge.net
cs9.wac.phicdn.net
arc.msn.com.nsatc.net
How do I block requests to and from these addresses using only vanilla windows 10?
networking virtualbox blocking
asked Nov 7 at 23:17
tuskiomi
4992515
To test the 'truthfulness' of a network function, I have set up a virtual machine running windows 10. I'm running the Microsoft network monitor on the virtual machine, and on the next level up, I'm comparing the network requests of the virtual box to the network requests that the virtual box claims that it made.
Note that the virtual box has no network requests until I start a VM.
My current method of trying to block these network requests is to use the hosts file for any domains, and the firewall for any IPs. The Firewall has been working fine so far, It's the hosts file that's giving me a headache.
There seem to be certain "Evaluated" domains that the hosts file will not block, and I need them blocked
for example, here are some domains that you cannot block with the hosts file:
dm3p.wns.notify.windows.com.akadns.net
e1553.dspg.akamaiedge.net
e15275.g.akamaiedge.net
cs9.wac.phicdn.net
arc.msn.com.nsatc.net
How do I block requests to and from these addresses using only vanilla windows 10?
networking virtualbox blocking
networking virtualbox blocking
asked Nov 7 at 23:17
tuskiomi
4992515
asked Nov 7 at 23:17
tuskiomi
4992515
asked Nov 7 at 23:17
tuskiomi
4992515
asked Nov 7 at 23:17
tuskiomi
4992515
asked Nov 7 at 23:17
tuskiomi
4992515
4992515
This question has an open bounty worth +200
reputation from tuskiomi ending in 5 days.
This question has not received enough attention.
As it stands, this is a huge security flaw in windows that allows programs to start communications with a server that is blocked by the firewall. It would be a help to not only me, but the entire windows space if this question were solved.
This question has an open bounty worth +200
reputation from tuskiomi ending in 5 days.
This question has not received enough attention.
As it stands, this is a huge security flaw in windows that allows programs to start communications with a server that is blocked by the firewall. It would be a help to not only me, but the entire windows space if this question were solved.
add a comment |
add a comment |
2 Answers
2
active
oldest
votes
up vote
1
down vote
We can try this link which talked about Block or Redirect specific Websites in windows hosts file.
[https://www.online-tech-tips.com/computer-tips/edit-windows-hosts-file-to-block-redirect-websites/][1]
answered Nov 8 at 16:49
Mick
111
New contributor
Mick is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
up vote
1
down vote
These are websites for Microsoft telemetry, Windows Update and Akamai network
optimizations.
Analyzing the websites in your list:
dm3p.wns.notify.windows.com.akadns.netis13.89.217.116registered by Microsoft.cs9.wac.phicdn.netis the same for Verizon users.
They are probably used principally for Windows Update.arc.msn.com.nsatc.netis probably used by Windows Spotlight for
new lock screen images and suggested apps.
It can be turned off with no negative effects as
described by Microsoft.e1553.dspg.akamaiedge.netis104.121.28.119registered by Akamai
to figure out what's the closest server to you to speed things up.
e15275.g.akamaiedge.netis the same.
The results of disabling them might be incorrect Windows Update patches
applied to your computer, and slower Internet access on the Akamai network.
Recommendations
I would recommend, rather than blocking the Microsoft websites,
to turn them off by disabling their services for the ones that are
judged unnecessary.
This is done in:
Settings > Privacy allows nowadays to turn off most of the telemetry options- The Microsoft article
Manage connections from Windows operating system components to Microsoft services
contains instruction on turning off dozens of Windows services.
I would recommend leaving the Akamai sites to do their job.
You may block them at the router by IP address, but you are only degrading
your Internet experience.
Blocking
Windows UPdate can be disabled from Administrative Tools > Services.
For good measures, the Microsoft Store can be disabled via regedit,
key KEY_LOCAL_MACHINESOFTWAREPoliciesMicrosoftWindowsStore,
right-click and select New > DWORD 32-bit, named RemoveWindowsStore
with the value of 1.
As Windows will not block these IP addresses, you may try
installing a third-party firewall, from which these websites will not
get a special treatment, so might succeed in blocking them.
Disable in that case the Windows Defender firewall.
answered yesterday
harrymc
247k10254541
This doesn't answer the question. I'm 100% sure I want no connection to these sites. I need to block the connection.
– tuskiomi
yesterday
As stated above, you may do that by: (1) Closing all telemetry services, (2) Using the router's firewall.
– harrymc
yesterday
The firewall is already blocking the IPS for above addresses, and I've used dw10S to shut off telemetry
– tuskiomi
yesterday
1
You may also block them by installing a third-party firewall that doesn't treat these websites differently from other websites.
– harrymc
yesterday
add a comment |
2 Answers
2
active
oldest
votes
2 Answers
2
active
oldest
votes
active
oldest
votes
active
oldest
votes
up vote
1
down vote
We can try this link which talked about Block or Redirect specific Websites in windows hosts file.
[https://www.online-tech-tips.com/computer-tips/edit-windows-hosts-file-to-block-redirect-websites/][1]
answered Nov 8 at 16:49
Mick
111
New contributor
Mick is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
up vote
1
down vote
We can try this link which talked about Block or Redirect specific Websites in windows hosts file.
[https://www.online-tech-tips.com/computer-tips/edit-windows-hosts-file-to-block-redirect-websites/][1]
answered Nov 8 at 16:49
Mick
111
New contributor
Mick is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
up vote
1
down vote
up vote
1
down vote
We can try this link which talked about Block or Redirect specific Websites in windows hosts file.
[https://www.online-tech-tips.com/computer-tips/edit-windows-hosts-file-to-block-redirect-websites/][1]
answered Nov 8 at 16:49
Mick
111
New contributor
Mick is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
We can try this link which talked about Block or Redirect specific Websites in windows hosts file.
[https://www.online-tech-tips.com/computer-tips/edit-windows-hosts-file-to-block-redirect-websites/][1]
answered Nov 8 at 16:49
Mick
111
New contributor
Mick is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
answered Nov 8 at 16:49
Mick
111
New contributor
Mick is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
answered Nov 8 at 16:49
Mick
111
answered Nov 8 at 16:49
Mick
111
111
New contributor
Mick is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
New contributor
Mick is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
Mick is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
add a comment |
up vote
1
down vote
These are websites for Microsoft telemetry, Windows Update and Akamai network
optimizations.
Analyzing the websites in your list:
dm3p.wns.notify.windows.com.akadns.netis13.89.217.116registered by Microsoft.cs9.wac.phicdn.netis the same for Verizon users.
They are probably used principally for Windows Update.arc.msn.com.nsatc.netis probably used by Windows Spotlight for
new lock screen images and suggested apps.
It can be turned off with no negative effects as
described by Microsoft.e1553.dspg.akamaiedge.netis104.121.28.119registered by Akamai
to figure out what's the closest server to you to speed things up.
e15275.g.akamaiedge.netis the same.
The results of disabling them might be incorrect Windows Update patches
applied to your computer, and slower Internet access on the Akamai network.
Recommendations
I would recommend, rather than blocking the Microsoft websites,
to turn them off by disabling their services for the ones that are
judged unnecessary.
This is done in:
Settings > Privacy allows nowadays to turn off most of the telemetry options- The Microsoft article
Manage connections from Windows operating system components to Microsoft services
contains instruction on turning off dozens of Windows services.
I would recommend leaving the Akamai sites to do their job.
You may block them at the router by IP address, but you are only degrading
your Internet experience.
Blocking
Windows UPdate can be disabled from Administrative Tools > Services.
For good measures, the Microsoft Store can be disabled via regedit,
key KEY_LOCAL_MACHINESOFTWAREPoliciesMicrosoftWindowsStore,
right-click and select New > DWORD 32-bit, named RemoveWindowsStore
with the value of 1.
As Windows will not block these IP addresses, you may try
installing a third-party firewall, from which these websites will not
get a special treatment, so might succeed in blocking them.
Disable in that case the Windows Defender firewall.
answered yesterday
harrymc
247k10254541
This doesn't answer the question. I'm 100% sure I want no connection to these sites. I need to block the connection.
– tuskiomi
yesterday
As stated above, you may do that by: (1) Closing all telemetry services, (2) Using the router's firewall.
– harrymc
yesterday
The firewall is already blocking the IPS for above addresses, and I've used dw10S to shut off telemetry
– tuskiomi
yesterday
1
You may also block them by installing a third-party firewall that doesn't treat these websites differently from other websites.
– harrymc
yesterday
add a comment |
up vote
1
down vote
These are websites for Microsoft telemetry, Windows Update and Akamai network
optimizations.
Analyzing the websites in your list:
dm3p.wns.notify.windows.com.akadns.netis13.89.217.116registered by Microsoft.cs9.wac.phicdn.netis the same for Verizon users.
They are probably used principally for Windows Update.arc.msn.com.nsatc.netis probably used by Windows Spotlight for
new lock screen images and suggested apps.
It can be turned off with no negative effects as
described by Microsoft.e1553.dspg.akamaiedge.netis104.121.28.119registered by Akamai
to figure out what's the closest server to you to speed things up.
e15275.g.akamaiedge.netis the same.
The results of disabling them might be incorrect Windows Update patches
applied to your computer, and slower Internet access on the Akamai network.
Recommendations
I would recommend, rather than blocking the Microsoft websites,
to turn them off by disabling their services for the ones that are
judged unnecessary.
This is done in:
Settings > Privacy allows nowadays to turn off most of the telemetry options- The Microsoft article
Manage connections from Windows operating system components to Microsoft services
contains instruction on turning off dozens of Windows services.
I would recommend leaving the Akamai sites to do their job.
You may block them at the router by IP address, but you are only degrading
your Internet experience.
Blocking
Windows UPdate can be disabled from Administrative Tools > Services.
For good measures, the Microsoft Store can be disabled via regedit,
key KEY_LOCAL_MACHINESOFTWAREPoliciesMicrosoftWindowsStore,
right-click and select New > DWORD 32-bit, named RemoveWindowsStore
with the value of 1.
As Windows will not block these IP addresses, you may try
installing a third-party firewall, from which these websites will not
get a special treatment, so might succeed in blocking them.
Disable in that case the Windows Defender firewall.
answered yesterday
harrymc
247k10254541
This doesn't answer the question. I'm 100% sure I want no connection to these sites. I need to block the connection.
– tuskiomi
yesterday
As stated above, you may do that by: (1) Closing all telemetry services, (2) Using the router's firewall.
– harrymc
yesterday
The firewall is already blocking the IPS for above addresses, and I've used dw10S to shut off telemetry
– tuskiomi
yesterday
1
You may also block them by installing a third-party firewall that doesn't treat these websites differently from other websites.
– harrymc
yesterday
add a comment |
up vote
1
down vote
up vote
1
down vote
These are websites for Microsoft telemetry, Windows Update and Akamai network
optimizations.
Analyzing the websites in your list:
dm3p.wns.notify.windows.com.akadns.netis13.89.217.116registered by Microsoft.cs9.wac.phicdn.netis the same for Verizon users.
They are probably used principally for Windows Update.arc.msn.com.nsatc.netis probably used by Windows Spotlight for
new lock screen images and suggested apps.
It can be turned off with no negative effects as
described by Microsoft.e1553.dspg.akamaiedge.netis104.121.28.119registered by Akamai
to figure out what's the closest server to you to speed things up.
e15275.g.akamaiedge.netis the same.
The results of disabling them might be incorrect Windows Update patches
applied to your computer, and slower Internet access on the Akamai network.
Recommendations
I would recommend, rather than blocking the Microsoft websites,
to turn them off by disabling their services for the ones that are
judged unnecessary.
This is done in:
Settings > Privacy allows nowadays to turn off most of the telemetry options- The Microsoft article
Manage connections from Windows operating system components to Microsoft services
contains instruction on turning off dozens of Windows services.
I would recommend leaving the Akamai sites to do their job.
You may block them at the router by IP address, but you are only degrading
your Internet experience.
Blocking
Windows UPdate can be disabled from Administrative Tools > Services.
For good measures, the Microsoft Store can be disabled via regedit,
key KEY_LOCAL_MACHINESOFTWAREPoliciesMicrosoftWindowsStore,
right-click and select New > DWORD 32-bit, named RemoveWindowsStore
with the value of 1.
As Windows will not block these IP addresses, you may try
installing a third-party firewall, from which these websites will not
get a special treatment, so might succeed in blocking them.
Disable in that case the Windows Defender firewall.
answered yesterday
harrymc
247k10254541
These are websites for Microsoft telemetry, Windows Update and Akamai network
optimizations.
Analyzing the websites in your list:
dm3p.wns.notify.windows.com.akadns.netis13.89.217.116registered by Microsoft.cs9.wac.phicdn.netis the same for Verizon users.
They are probably used principally for Windows Update.arc.msn.com.nsatc.netis probably used by Windows Spotlight for
new lock screen images and suggested apps.
It can be turned off with no negative effects as
described by Microsoft.e1553.dspg.akamaiedge.netis104.121.28.119registered by Akamai
to figure out what's the closest server to you to speed things up.
e15275.g.akamaiedge.netis the same.
The results of disabling them might be incorrect Windows Update patches
applied to your computer, and slower Internet access on the Akamai network.
Recommendations
I would recommend, rather than blocking the Microsoft websites,
to turn them off by disabling their services for the ones that are
judged unnecessary.
This is done in:
Settings > Privacy allows nowadays to turn off most of the telemetry options- The Microsoft article
Manage connections from Windows operating system components to Microsoft services
contains instruction on turning off dozens of Windows services.
I would recommend leaving the Akamai sites to do their job.
You may block them at the router by IP address, but you are only degrading
your Internet experience.
Blocking
Windows UPdate can be disabled from Administrative Tools > Services.
For good measures, the Microsoft Store can be disabled via regedit,
key KEY_LOCAL_MACHINESOFTWAREPoliciesMicrosoftWindowsStore,
right-click and select New > DWORD 32-bit, named RemoveWindowsStore
with the value of 1.
As Windows will not block these IP addresses, you may try
installing a third-party firewall, from which these websites will not
get a special treatment, so might succeed in blocking them.
Disable in that case the Windows Defender firewall.
answered yesterday
harrymc
247k10254541
edited 17 hours ago
answered yesterday
harrymc
247k10254541
answered yesterday
harrymc
247k10254541
answered yesterday
harrymc
247k10254541
247k10254541
This doesn't answer the question. I'm 100% sure I want no connection to these sites. I need to block the connection.
– tuskiomi
yesterday
As stated above, you may do that by: (1) Closing all telemetry services, (2) Using the router's firewall.
– harrymc
yesterday
The firewall is already blocking the IPS for above addresses, and I've used dw10S to shut off telemetry
– tuskiomi
yesterday
1
You may also block them by installing a third-party firewall that doesn't treat these websites differently from other websites.
– harrymc
yesterday
add a comment |
This doesn't answer the question. I'm 100% sure I want no connection to these sites. I need to block the connection.
– tuskiomi
yesterday
As stated above, you may do that by: (1) Closing all telemetry services, (2) Using the router's firewall.
– harrymc
yesterday
The firewall is already blocking the IPS for above addresses, and I've used dw10S to shut off telemetry
– tuskiomi
yesterday
1
You may also block them by installing a third-party firewall that doesn't treat these websites differently from other websites.
– harrymc
yesterday
This doesn't answer the question. I'm 100% sure I want no connection to these sites. I need to block the connection.
– tuskiomi
yesterday
This doesn't answer the question. I'm 100% sure I want no connection to these sites. I need to block the connection.
– tuskiomi
yesterday
As stated above, you may do that by: (1) Closing all telemetry services, (2) Using the router's firewall.
– harrymc
yesterday
As stated above, you may do that by: (1) Closing all telemetry services, (2) Using the router's firewall.
– harrymc
yesterday
The firewall is already blocking the IPS for above addresses, and I've used dw10S to shut off telemetry
– tuskiomi
yesterday
The firewall is already blocking the IPS for above addresses, and I've used dw10S to shut off telemetry
– tuskiomi
yesterday
1
1
You may also block them by installing a third-party firewall that doesn't treat these websites differently from other websites.
– harrymc
yesterday
You may also block them by installing a third-party firewall that doesn't treat these websites differently from other websites.
– harrymc
yesterday
add a comment |
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1373618%2fhow-do-i-block-traffic-to-evaluated-ips-without-using-a-separate-dns%23new-answer', 'question_page');
}
);
Post as a guest
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
