Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Spy IPs Blocking Legitimate Services #105

Closed
Adamm00 opened this issue Mar 17, 2018 · 8 comments
Closed

Spy IPs Blocking Legitimate Services #105

Adamm00 opened this issue Mar 17, 2018 · 8 comments
Assignees
@crazy-max

Comments

@Adamm00
Copy link

Adamm00 commented Mar 17, 2018

Hey there,

I source your windows 10 spy list in a project of mine and a few users complained about it breaking select Microsoft services. Here's my findings so far;

157.55.109.226 - Breaks OneDrive
65.55.252.0-65.55.252.255 - Breaks XBox Live Chat
40.114.149.220 - Breaks Azure
134.170.179.87 - Breaks XBox Live

I also had some reports of Office360 not working correctly but wasn't able to get the exact IP(s) causing the issue yet.
@Adamm00
Copy link
Author

Adamm00 commented Mar 17, 2018

111.221.29.0-111.221.29.255 Also breaks Windows Store from downloading apps.

@derWeihnachtsmann
Copy link

Personally, Im fine with Blockinger that Services. But maybe comments for each IP are good, so people who need onedrive can easily know and remove those IPs then :)

@Adamm00
Copy link
Author

Adamm00 commented Mar 17, 2018

My understanding is these IP's should be listed under (extra), as this list is only for actual telemetry.

data//winX/spy.txt : Block Windows Spy / Telemetry
data//winX/update.txt : Block Windows Update
data//winX/extra.txt : Block third party applications

@Adamm00
Copy link
Author

Adamm00 commented Mar 19, 2018

157.55.109.224
157.55.109.228
157.55.109.230

Some more IP's preventing OneDrive from working.

@Atavic
Copy link

Atavic commented Mar 19, 2018

IPs aren't fixed in their use, for some countries do telemetry, for others allow OneDrive. Moreover, not only location but OS Version change the IPs and their use.

MS Services are dynamic, when a big update is rolling, IPs reserved to other means are reallocated for the update.

@crazy-max
Copy link
Owner

crazy-max commented Mar 19, 2018
edited
Loading

@Adamm00, the latest version of WSB brings a lot of changes in the analysis of IP addresses collected during traffic capture. I'll analyze the ones you gave me and keep you in touch.

As @Atavic says, some addresses are specific to the issuing countries and also to the version of the OS. In this way I will extend the analysis domain and set up virtual machines in distinct geographical areas. This will all be related to #46.

@crazy-max
Copy link
Owner

@Adamm00 After analysis,

  • 65.55.252.* : microsoft translator, msn search but some telemetry services. I have to isolate some of them.
  • 40.114.149.220 : cloud app, skype data, aria pipe. I'm going to dig to get some info.
  • 134.170.179.87 : not linked to probed service anymore, will be removed.
  • 157.55.109.* : linked to users storage so i will move this to extra.

@crazy-max crazy-max self-assigned this Mar 19, 2018
crazy-max added a commit that referenced this issue Mar 27, 2018
@crazy-max
Review Windows 10 lists (Issue #105)
29079bb 
Move 40.77.229 to update for Windows 7
Move 137.117.235.16, 191.237.208.126 to extra (Windows Defender)
Remove 65.55.163 from Windows 8 extra (belongs to update)
Refine IPs ranges
@crazy-max
Copy link
Owner

Must be solved in the latest release

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@crazy-max crazy-max

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@crazy-max @derWeihnachtsmann @Atavic @Adamm00