Blocklists: there are hostnames to block, too

[ltguillaume]

As answered here, the list of IPs to block Microsoft's spy/updates/services isn't complete. There are also hostnames that should be blocked, since they could apply a custom DNS policy, like load balancing with geo-location awareness.

Therefore, for full protection it would be needed to do one of the following:

1. (Preferred) Let simplewall add the selected lists from https://github.com/crazy-max/WindowsSpyBlocker/tree/master/data/hosts to the Windows hosts file
2. Resolve the IPs of the selected lists from https://github.com/crazy-max/WindowsSpyBlocker/tree/master/data/hosts and let simplewall add them as firewall rules. The IPs could change over time, or be semi-random due to load balancing, so this would not be a full protection.

[ltguillaume]

Also, a new list has been provided since 3 days ago (https://github.com/crazy-max/WindowsSpyBlocker/tree/master/data/simplewall), while the latest update in simplewall is from April 4th.

[ghost]

Today I found about simplewall and I spend my free time tinkering with it, it's an awesome firewall but lack some features popular firewalls have.

I understand from your post that simplewall doesn't support blocking hostnames?

..............................
@henrypp

[ltguillaume]

It does if you have "Resolve Network Addresses" enabled.

[ghost]

I enabled it but I don't understand how to block a domain or subdomain like http://example.com or http://dl3.example.com.

[ltguillaume]

You can just add example.com to a rule. When simplewall starts, it will resolve it to an IP and apply the filter rule to the IP.

[ghost]

(Preferred) Let simplewall add the selected lists from https://github.com/crazy-max/WindowsSpyBlocker/tree/master/data/hosts to the Windows hosts file

It won't work anymore, new update by Microsoft that flag any change to hosts file as a risk, Microsoft now detects HOSTS files that block Windows telemetry, Windows 10 users began reporting that Windows Defender had started detecting modified HOSTS files as a 'SettingsModifier:Win32/HostsFileHijack' threat. If you decide to clean this threat, Microsoft will restore the HOSTS file back to its default contents.

https://www.bleepingcomputer.com/news/microsoft/windows-10-hosts-file-blocking-telemetry-is-now-flagged-as-a-risk/

the only working method right now is 2.

[ltguillaume]

Good point, I saw the news (NTLite'd Defender out of the system, though).

[ltguillaume]

@henrypp https://github.com/crazy-max/WindowsSpyBlocker/releases/tag/4.34.2

[ltguillaume]

@henrypp https://github.com/crazy-max/WindowsSpyBlocker/releases/tag/4.39.0