What's new

How to block these 2 addresses through the router firewall?

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Phoenix

Regular Contributor
vortex-win.data.microsoft.com and settings-win.data.microsoft.com

How can I block those 2 addresses completely in my AC68U Router running :

Merlin Fork 374.43_2-13E1j9527

A step by step guide would be highly appreciated.
 
vortex-win.data.microsoft.com and settings-win.data.microsoft.com

How can I block those 2 addresses completely in my AC68U Router running :

Merlin Fork 374.43_2-13E1j9527

A step by step guide would be highly appreciated.

http://thehackernews.com/2015/08/windows-spying-on-you.html

Following the steps in this article will remove the updates associated with those addresses. It's unclear if that will stop the communication, but the implication is that it will.

Linux Update: Replaced Win 8.1 with OpenSUSE, then Fedora. Both were unsuitable as replacements due to little idiosyncrasies with the usability ... little details that made both unusable as replacements.

Loaded Linux Mint. It's really nice. Going to play with it more today but it looks, so far, like a winner. All the details you expect to encounter are there. My desktop passed the "Family Tries It Out and Didn't Complain' test. Wine is a pretty good Win emulator, but still experimenting .... too soon to draw a conclusion. Haven't got OpenVPN client working ... not as easy to configure as I want. Advice welcome. Using tun interface on port 443 for pass through only. In contrast, Android almost installs and configures OpenVPN client on its own. If tests are successful, no reason to load Windows Any Version back on laptop, so far they look very good. Laptop much peppier now due to no antivirus loaded. Still unsure about "linux doesn't need an antivirus' concept.
 
http://thehackernews.com/2015/08/windows-spying-on-you.html

Following the steps in this article will remove the updates associated with those addresses. It's unclear if that will stop the communication, but the implication is that it will.

Linux Update: Replaced Win 8.1 with OpenSUSE, then Fedora. Both were unsuitable as replacements due to little idiosyncrasies with the usability ... little details that made both unusable as replacements.

Loaded Linux Mint. It's really nice. Going to play with it more today but it looks, so far, like a winner. All the details you expect to encounter are there. My desktop passed the "Family Tries It Out and Didn't Complain' test. Wine is a pretty good Win emulator, but still experimenting .... too soon to draw a conclusion. Haven't got OpenVPN client working ... not as easy to configure as I want. Advice welcome. Using tun interface on port 443 for pass through only. In contrast, Android almost installs and configures OpenVPN client on its own. If tests are successful, no reason to load Windows Any Version back on laptop, so far they look very good. Laptop much peppier now due to no antivirus loaded. Still unsure about "linux doesn't need an antivirus' concept.
That doesn't answer my question man, I want to block those 2 addresses in the router itself.......

As to the Windows udpates to avoid, here is I compiled:

I have been noticing lately a lot of people keep asking the same question on how to prevent the Windows 10 upgrade so here is a list of updates that need to be hidden in order to prevent the Windows 10 Upgrade or prevent updates that enable Telemetry, some of them are system preparation for the upgrade so you may not find them all in your updates list until a pre-requistie update was installed before.

If doing a clean installation of Windows 7 or 8, you need to scan the list of updates carefully everytime updates appear to ensure none of them re-appears as Micro$h4ft has been showing some of them again even if you hide them.


If you have already installed Windows and did a few updates, then head over to Control Panel > Programs and Features > View Installed Updates then go from the top to the bottom through the list to ensure none of them is installed, if you do find one installed, then uninstall it, reboot, then check for updates and once it appears right click on it and hide it.

These Windows 10 upgrade activation updates are like a virus really, only thing is, it's a legit virus :D

=============================================================
KB2505438 (Although it claims to fix performance issues, it often breaks fonts)
KB2670838 (The EVIL Update, breaks AERO on Windows 7 and makes some fonts on websites fuzzy, Windows 7 specific update only, do not install IE10 or 11 otherwise it will be bundled with them, IE9 is the max version you should install)
KB2952664 (Windows 10 Upgrade preparation)
KB2976978 (Windows 10 Upgrade preparation)
KB2977759 (Windows 10 Upgrade preparation)
KB2990214 (Windows 10 Upgrade preparation)
KB3021917 (Windows 10 Upgrade preparati0on + Telemetry)
KB3022345 (Telemetry)
KB3035583 (Windows 10 upgrade preparation)
KB3044374 (Windows 10 upgrade preparation for Windows 8 systems)
KB3068708 (Telemetry)
KB3075249 (Telemetry)
KB3080149 (Telemetry)

=============================================================
If you have installed any of the above updates, simply copy paste the below command lines and paste them one by one (according to which update you want to uninstall) in an elevated command prompt:

Code:
•wusa /uninstall /kb:2505438 /quiet /norestart
•wusa /uninstall /kb:2670838 /quiet /norestart
•wusa /uninstall /kb:2952664 /quiet /norestart
•wusa /uninstall /kb:2976978 /quiet /norestart
•wusa /uninstall /kb:2977759 /quiet /norestart
•wusa /uninstall /kb:2990214 /quiet /norestart
•wusa /uninstall /kb:3021917 /quiet /norestart
•wusa /uninstall /kb:3022345 /quiet /norestart
•wusa /uninstall /kb:3035583 /quiet /norestart
•wusa /uninstall /kb:3044374 /quiet /norestart
•wusa /uninstall /kb:3068708 /quiet /norestart
•wusa /uninstall /kb:3075249 /quiet /norestart
•wusa /uninstall /kb:3075851 /quiet /norestart
•wusa /uninstall /kb:3080149 /quiet /norestart
=============================================================
Additionally, please go to Task Scheduler and disable the following items:

MwOB7K2.png


LS0eplm.png
 
Thanks.

BTW, where did you get this level of detail? I already did some of it but you presented more than is commonly available at the sites I visit. Any links to people / sites who have already done this with reports about effectiveness?

About blocking ... check and see if your router has that capability just by typing in the addresses. Maybe a parental control page.
 
Thanks.

BTW, where did you get this level of detail? I already did some of it but you presented more than is commonly available at the sites I visit. Any links to people / sites who have already done this with reports about effectiveness?
It took a while man, I have been switching between Win 7 and 10 for a while now and on Win 7 when I see a new update, I research what it does and if it has anything to do with the Windows 10 upgrade or has anything to do with Telemetry I add it to the list.

You may not find all of the updates as some of them rely on other updates to be installed for them to appear. For example, I never see KB3035583 which is the number 1 update responsible for the Win 10 upgrade, reason being I didn't install any of the pre-requisties.

That list you provided barely touches the surface of how dangerous the latest updates are.
 
That list you provided barely touches the surface of how dangerous the latest updates are.

1) I use The Hacker News and Ghacks to bird dog the daily scoops. They appear to like to try things out and report on them. Big news makes it to Infoworld / Computerworld. Try getting your story out to them for a 2nd opinion and to be helpful to everyone else. You'll know if you hit a nerve if the Microsoft apologists make fun of you or your findings for not wanting MS to get in your business.

2) Now you know why I'm looking into a Win alternative. I have better things to do than be an unwilling marketing objective of Microsoft. Android already does that and I have to accept it if I want to use a cell phone or tablet ... at least ad blocker helps a bit there.

3) This is probably why you can't block updates on Win 10, so MS can always keep an eye on you so it can sell you something, or whatever else is possible with the unique code each PC that loads Win 10 uses to link personal info with database records. For all I know, it's the new version of NSA metadata collection ... if not today then potentially later as data collection capabilities encounter the human ability to rationalize just about anything. No, I'm not a bad guy, but that doesn't mean I want someone looking over my shoulder and collecting, potentially, whatever they want.
 
Last edited:
"How can I block those 2 addresses completely in my AC68U Router: vortex-win.data.microsoft.com and settings-win.data.microsoft.com"


BLOCKING OUTBOUND TRAFFIC: LAN devices can be blocked from accessing target URLS by configuring DNS to incorrectly resolving the IP address. Check the ENTWARE packages out there. This may be referred to as DNS poisoning. A nifty example of this is 'Pixelserv', found on OPTWARE.

It is also possible to DROP inbound traffic (using IPTABLES) from known targets.

If you block at the router layer and connect your device to another router, your Win10 box is 'vulnerable' to MS updates. Why not block these using the hosts file or similar mechanism first?

https://en.wikipedia.org/wiki/Hosts_(file)
 
I would prefer to have seen some proper analyse of what actually happens (on Windows 7) in real life, rather than some guy reading a bunch of KB descriptions and shouting "the skies falling!". (And in true internet fashion, there's a rush by lots of other sites to cut and paste these revelations without any verification.)

Don't get me wrong, I'm as much a MS-hating privacy nut as the next guy. But they've already backtracked on the "can't be blocked with the firewall" statement. And as far as I can see all but one of the "evil" updates are rendered harmless by opting out of the CEIP.

So that at the moment that leaves one undesirable update.

Fortunately I don't run Windows 10 and only perform manual updates on Windows 7. So I'll wait a little bit longer for some proper investigation to happen after which a definitive solution might emerge.

Now, where did I put my tin-foil hat and flame-proof vest...
 
Last edited:
And as far as I can see all but one of the "evil" updates are rendered harmless by opting out of the CEIP.

So that at the moment that leaves one undesirable update.

Which one is the remaining undesirable update? :)

Also, to be extra sure, I disable the tasks responsible for CEIP...so far haven't found any ill effects.
Code:
schtasks /change /tn "Microsoft\Windows\Application Experience\AitAgent" /disable >nul
schtasks /change /tn "Microsoft\Windows\Application Experience\ProgramDataUpdater" /disable >nul
schtasks /change /tn "Microsoft\Windows\Customer Experience Improvement Program\Consolidator" /disable >nul
schtasks /change /tn "Microsoft\Windows\Customer Experience Improvement Program\KernelCeipTask" /disable >nul
schtasks /change /tn "Microsoft\Windows\Customer Experience Improvement Program\UsbCeip" /disable >nul
 
Which one is the remaining undesirable update? :)
I think it was optional update KB3075249 that might be a problem. But again that's still speculation based on it's description. Until somebody actually publishes some packet captures we'll not know whether all, some or none of these are really bypassing the user's preference setting. Or indeed if there are other updates that do so but don't allude to it in their description.

Blocking network traffic and disabling scheduled tasks would seem a better solution than playing whack-a-mole with Windows updates! :)
 
Your best bet is to sell all your computers and networking gear and your house and move to an abandoned deep coal mine. You might be safe there from everyone but yourself! Your paranoia over Windows is really sad...

Sent from my Amazon Tate using Tapatalk
 
My response was to address the OP's original question of how to block to specific URLs. While it may be the case that there are other considerations of solving the MS-Privacy issue, I believe that we have addressed the original question of how to block two URLs in the router.

I do not presume nor care to police forums: that being said, the OP has posted a good question regarding networking control. In contrast, I would note that the issue of MS-Privacy is not a networking issue and discussion of OS updates would find solid information in another forum.
 
Went back to win7.
I like aero, don't need live tiles, I like having control of what gets installed/updates on my pc.
 
Realistically, I imagine someone will find out if there's a real problem with Win 10 and the ability to turn off the privacy features (double negative?) within a few months. MS is especially bad at PR. Far worse than most companies. If Win 10 is truly a PUP, someone inquisitive and smart should have an answer and make it public before the free upgrade period passes. The arrogance of the horrible win 8 interface plus the silence concerning even directly and bluntly addressing these common and popular concerns is, unfortunately, standard MS operating procedure.
 
Realistically, I imagine someone will find out if there's a real problem with Win 10 and the ability to turn off the privacy features (double negative?) within a few months. MS is especially bad at PR. Far worse than most companies. If Win 10 is truly a PUP, someone inquisitive and smart should have an answer and make it public before the free upgrade period passes. The arrogance of the horrible win 8 interface plus the silence concerning even directly and bluntly addressing these common and popular concerns is, unfortunately, standard MS operating procedure.

MS probably still needs to flush out the old guard, and replace them with a new wave of execs who are more like Gabe Aul and less like Steven Sinofsky.
 
Similar threads

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top