Discussion:
Blocking ALL Window$ Update servers
(too old to reply)
Mr. Man-wai Chang
2018-04-10 11:16:48 UTC
Permalink
Anyone got the list of IP addresses and domain names?

I don't want my Win 10 being AUTOMATICALLY updated to bring troubles. :)
--
@~@ Remain silent! Drink, Blink, Stretch! Live long and prosper!!
/ v \ Simplicity is Beauty!
/( _ )\ May the Force and farces be with you!
^ ^ (x86_64 Ubuntu 9.10) Linux 2.6.39.3
不借貸! 不詐騙! 不賭錢! 不援交! 不打交! 不打劫! 不自殺! 不求神! 請考慮綜援
(CSSA):
http://www.swd.gov.hk/tc/index/site_pubsvc/page_socsecu/sub_addressesa
Paul
2018-04-10 11:38:01 UTC
Permalink
Post by Mr. Man-wai Chang
Anyone got the list of IP addresses and domain names?
I don't want my Win 10 being AUTOMATICALLY updated to bring troubles. :)
If you unplug the network cable, you will be *very very* safe.

I promise.

*******

http://www.majorgeeks.com/files/details/windows_update_minitool.html

https://www.reddit.com/r/Windows10/comments/4p1yu6/are_any_of_you_using_the_windows_update_minitool/

https://www.reddit.com/r/Windows10/comments/4wv6fe/windows_update_minitool_is_a_free_alternative_to/

"For some reason large parts of it is in russian for me.
Anyone else have this problem?

My Windows-version is swedish.
"

https://www.tenforums.com/drivers-hardware/33521-windows-update-minitool-2.html

"Use (WUMT --- download) link listed on page from above link.

First you must download the tool (comes in both x86 and x64 versions)
then download your preferred language ini file. Place language ini file
in same directory as x86 and x64 files.

http://forums.mydigitallife.info/threads/64939-Windows-Update-MiniTool

"

HTH,
Paul
J. P. Gilliver (John)
2018-04-10 15:50:04 UTC
Permalink
Post by Paul
Post by Mr. Man-wai Chang
Anyone got the list of IP addresses and domain names?
I don't want my Win 10 being AUTOMATICALLY updated to bring
troubles. :)
If you unplug the network cable, you will be *very very* safe.
I promise.
Not if wifi is enabled (-:
[]
--
J. P. Gilliver. UMRA: 1960/<1985 MB++G()AL-IS-Ch++(p)***@T+H+Sh0!:`)DNAf

Nunc Tutus Exitus Computarus (It is now safe to turn off your computer).
Keith Nuttle
2018-04-10 15:58:46 UTC
Permalink
Post by Paul
 Anyone got the list of IP addresses and domain names?
 I don't want my Win 10 being AUTOMATICALLY updated to bring
troubles. :)
If you unplug the network cable, you will be *very very* safe.
I promise.
[]
I depends on which net work cable. The one from the Wall to the router,
or the one from the router to the computer ;-)
--
2018: The year we learn to play the great game of Euchre
Jonathan N. Little
2018-04-10 17:23:52 UTC
Permalink
Post by Keith Nuttle
Post by Paul
 Anyone got the list of IP addresses and domain names?
 I don't want my Win 10 being AUTOMATICALLY updated to bring
troubles. :)
If you unplug the network cable, you will be *very very* safe.
I promise.
[]
I depends on which net work cable. The one from the Wall to the router,
or the one from the router to the computer ;-)
Or which cable, if it is the power cable then you have ultimate security ;-)
--
Take care,

Jonathan
-------------------
LITTLE WORKS STUDIO
http://www.LittleWorksStudio.com
Mr. Man-wai Chang
2018-04-10 16:54:00 UTC
Permalink
Post by Paul
If you unplug the network cable, you will be *very very* safe.
I promise.
And Bluetooth? And Homeplug? :)
--
@~@ Remain silent! Drink, Blink, Stretch! Live long and prosper!!
/ v \ Simplicity is Beauty!
/( _ )\ May the Force and farces be with you!
^ ^ (x86_64 Ubuntu 9.10) Linux 2.6.39.3
不借貸! 不詐騙! 不賭錢! 不援交! 不打交! 不打劫! 不自殺! 不求神! 請考慮綜援
(CSSA):
http://www.swd.gov.hk/tc/index/site_pubsvc/page_socsecu/sub_addressesa
Mr. Man-wai Chang
2018-04-10 16:53:27 UTC
Permalink
Post by Paul
If you unplug the network cable, you will be *very very* safe.
I promise.
Or switch ALL over to Linux? But then Fedora and Ubuntu also feature
update services. ;)
Post by Paul
http://www.majorgeeks.com/files/details/windows_update_minitool.html
https://www.reddit.com/r/Windows10/comments/4p1yu6/are_any_of_you_using_the_windows_update_minitool/
https://www.reddit.com/r/Windows10/comments/4wv6fe/windows_update_minitool_is_a_free_alternative_to/
   "For some reason large parts of it is in russian for me.
    Anyone else have this problem?
    My Windows-version is swedish.
   "
https://www.tenforums.com/drivers-hardware/33521-windows-update-minitool-2.html
  "Use (WUMT --- download) link listed on page from above link.
   First you must download the tool (comes in both x86 and x64 versions)
   then download your preferred language ini file. Place language ini file
   in same directory as x86 and x64 files.
   http://forums.mydigitallife.info/threads/64939-Windows-Update-MiniTool
NO, I don't wanna use any special tool. I don't wanna play game of trust.

We just need a list containing all IP addresses and domain names of
Window$ Update servers.
--
@~@ Remain silent! Drink, Blink, Stretch! Live long and prosper!!
/ v \ Simplicity is Beauty!
/( _ )\ May the Force and farces be with you!
^ ^ (x86_64 Ubuntu 9.10) Linux 2.6.39.3
不借貸! 不詐騙! 不賭錢! 不援交! 不打交! 不打劫! 不自殺! 不求神! 請考慮綜援
(CSSA):
http://www.swd.gov.hk/tc/index/site_pubsvc/page_socsecu/sub_addressesa
Paul
2018-04-10 21:40:56 UTC
Permalink
Post by Mr. Man-wai Chang
NO, I don't wanna use any special tool. I don't wanna play game of trust.
We just need a list containing all IP addresses and domain names of
Window$ Update servers.
Fine. Then *don't* ask this question again.

Do you think blocking IP addresses is a game of
MahJong or something ? Blocking is hackery too, and
a hackery with no certain outcome. Only... frustration
when your subterfuge fails.

*******

It's actually illegal to reverse engineer Windows
and you can be charged under DMCA. This is why
"researchers" who work in official institutions
cannot provide us with complete lists of resources
needed to "break" windows. Because they could be
charged under DMCA. This is one reason, why no
researcher will provide us with information
about Skype any more. "Legal chill". They were
out on a limb when they analyzed the first
version of Skype (before Microsoft bought it).
Some Skype researchers actually had a separate
web page, listing the advice they got from a
lawyer.

So while you're having fun and games out here,
there is a reason why authoritative research
doesn't exist, and only dribs and drabs are
available. If you do a "professional" job of
reverse engineering the OS, and publish from
a static web page, they *could* come after you.

I think early on, when someone in s social
networking site, delivered a list of resources
for Windows 10, he "disappeared", and at the time,
I suspected some lawyers with DMCA threats played
a part. (They may have sent a take-down to the
platform he was publishing on.) The dude didn't
disappear because his mom had pizza pockets
in the microwave.

So good luck with figuring out that IP
list *on your own*.

Paul
Roger Blake
2018-04-11 02:27:37 UTC
Permalink
Post by Paul
It's actually illegal to reverse engineer Windows
and you can be charged under DMCA.
You can only be charged under DMCA if you live in the United States.
--
-----------------------------------------------------------------------------
Roger Blake (Posts from Google Groups killfiled due to excess spam.)

NSA sedition and treason -- http://www.DeathToNSAthugs.com
Don't talk to cops! -- http://www.DontTalkToCops.com
Badges don't grant extra rights -- http://www.CopBlock.org
-----------------------------------------------------------------------------
Mr. Man-wai Chang
2018-04-11 15:41:43 UTC
Permalink
Post by Roger Blake
You can only be charged under DMCA if you live in the United States.
You don't need to argue with Paul on legal issues. It's just about
approval and consent.
--
@~@ Remain silent! Drink, Blink, Stretch! Live long and prosper!!
/ v \ Simplicity is Beauty!
/( _ )\ May the Force and farces be with you!
^ ^ (x86_64 Ubuntu 9.10) Linux 2.6.39.3
不借貸! 不詐騙! 不賭錢! 不援交! 不打交! 不打劫! 不自殺! 不求神! 請考慮綜援
(CSSA):
http://www.swd.gov.hk/tc/index/site_pubsvc/page_socsecu/sub_addressesa
sticks
2018-04-11 18:07:00 UTC
Permalink
Post by Mr. Man-wai Chang
Post by Roger Blake
You can only be charged under DMCA if you live in the United States.
You don't need to argue with Paul on legal issues. It's just about
approval and consent.
YOU already gave your "approval and consent" to updating when you
accepted your Microsoft license terms.

"Updates. The software periodically checks for system and app updates,
and downloads and installs them for you. You may obtain updates only
from Microsoft or authorized sources, and Microsoft may need to update
your system to provide you with those updates. By accepting this
agreement, you agree to receive these types of automatic updates without
any additional notice."
Sam E
2018-04-11 20:07:18 UTC
Permalink
On 04/11/2018 01:07 PM, sticks wrote:

[snip]
Post by sticks
YOU already gave your "approval and consent" to updating when you
accepted your Microsoft license terms.
That's legal bullshit. Most people DON'T give "approval and consent",
they click the button that makes the software work.

[snip]
sticks
2018-04-11 22:10:06 UTC
Permalink
Post by Sam E
[snip]
Post by sticks
YOU already gave your "approval and consent" to updating when you
accepted your Microsoft license terms.
That's legal bullshit. Most people DON'T give "approval and consent",
they click the button that makes the software work.
[snip]
Oh, OK. Well, that's that then. Thanks for clearing that up.
Mayayana
2018-04-11 22:43:32 UTC
Permalink
"sticks" <***@charter.net> wrote

| >> YOU already gave your "approval and consent" to updating when you
| >> accepted your Microsoft license terms.
| >
| > That's legal bullshit. Most people DON'T give "approval and consent",
| > they click the button that makes the software work.
| >
| Oh, OK. Well, that's that then. Thanks for clearing that up.

It's a sticky business. EULA clickthroughs have
been held up in court. On the other hand, articles
have been written about absurd claims they often
contain. Microsoft claims, for instance, that anyone
clicking through to use .Net tools has no right to
review them without permission. So no freedom of
speech if you buy .Net. Would you say, "Tough luck.
You clicked it." ? Where do you draw the line? They
have a right to define terms of the license for the
software you're using. That's what the license is.
They can't just go saying, "We have the right of
surveillance because you bought our stuff."

MS also claim that they owe you no support if you
buy an OEM computer because you're copy of Windows
is licensed to you by that company. They must provide
support. So how do Microsoft then claim that you agree
to terms of use? You didn't even license it from Microsoft.

Then of course there are the issues of monopoly. You
don't really have much choice about clicking the license.
What else can you do? Buy Apple? It's not as though
Microsoft have equivalent competition.

Today in Congress, Zuck was being grilled about
Facebook terms. Of course everyone agrees to
the terms. But people expect a modicum of human
decency. Most people don't understand that Zuck is
constantly spying on them. And Zuck, along with Google,
Apple, MS, etc, is careful to not make it obvious. The
Congress men and women don't even understand that.
Zuck denies that he spies on non-members. Yet there
are Facebook links and script all over the Web. It's
easy enough to prove, but the Congresspeople don't
understand what they're dealing with. So how can
everyone else be expected to?
Mr. Man-wai Chang
2018-04-12 14:04:17 UTC
Permalink
.......
Congress men and women don't even understand that.
Zuck denies that he spies on non-members. Yet there
are Facebook links and script all over the Web. It's
easy enough to prove, but the Congresspeople don't
understand what they're dealing with. So how can
everyone else be expected to?
Nobody in the computer industry ever wants to guarantee anything. I
don't see how the situation could change.
--
@~@ Remain silent! Drink, Blink, Stretch! Live long and prosper!!
/ v \ Simplicity is Beauty!
/( _ )\ May the Force and farces be with you!
^ ^ (x86_64 Ubuntu 9.10) Linux 2.6.39.3
不借貸! 不詐騙! 不賭錢! 不援交! 不打交! 不打劫! 不自殺! 不求神! 請考慮綜援
(CSSA):
http://www.swd.gov.hk/tc/index/site_pubsvc/page_socsecu/sub_addressesa
Mr. Man-wai Chang
2018-04-12 14:29:54 UTC
Permalink
Post by sticks
YOU already gave your "approval and consent" to updating when you
accepted your Microsoft license terms.
I still have the right to isolate my Win 10 from doing Window$ Update.
Post by sticks
"Updates. The software periodically checks for system and app updates,
and downloads and installs them for you. You may obtain updates only
from Microsoft or authorized sources, and Microsoft may need to update
your system to provide you with those updates. By accepting this
agreement, you agree to receive these types of automatic updates without
any additional notice."
Irrelevant!
--
@~@ Remain silent! Drink, Blink, Stretch! Live long and prosper!!
/ v \ Simplicity is Beauty!
/( _ )\ May the Force and farces be with you!
^ ^ (x86_64 Ubuntu 9.10) Linux 2.6.39.3
銝滚�蠘硫! 銝滩�擉�! 銝滩陪��! 銝齿螱鈭�! 銝齿�鈭�! 銝齿���! 銝滩䌊畾�! 銝齿�蟡�!
隢贝���蝬𨀣螱 (CSSA):
http://www.swd.gov.hk/tc/index/site_pubsvc/page_socsecu/sub_addressesa
sticks
2018-04-12 21:51:05 UTC
Permalink
You really make it hard to converse with you by continually snipping all
the relevant information. So I guess to make my point again, I'll have
to put it back.

You originally said: "You don't need to argue with Paul on legal
issues. It's just about approval and consent."
Post by Mr. Man-wai Chang
Post by sticks
YOU already gave your "approval and consent" to updating when you
accepted your Microsoft license terms.
I still have the right to isolate my Win 10 from doing Window$ Update.
I could care less what you do, and wish you luck. My point was fairly
clear in that your claiming MS hasn't got your "approval and consent" is
contrary to the facts. Which is why for your benefit I quoted the
relevant license agreement below.
Post by Mr. Man-wai Chang
Post by sticks
"Updates. The software periodically checks for system and app updates,
and downloads and installs them for you. You may obtain updates only
from Microsoft or authorized sources, and Microsoft may need to update
your system to provide you with those updates. By accepting this
agreement, you agree to receive these types of automatic updates
without any additional notice."
Irrelevant!
It is irrelevant to what you want to do, but not what you said.
Mr. Man-wai Chang
2018-04-13 03:21:16 UTC
Permalink
Post by sticks
You really make it hard to converse with you by continually snipping all
the relevant information.  So I guess to make my point again, I'll have
to put it back.
You originally said:  "You don't need to argue with Paul on legal
issues. It's just about approval and consent."
I could care less what you do, and wish you luck. My point was fairly
clear in that your claiming MS hasn't got your "approval and
consent" is contrary to the facts. Which is why for your
benefit I quoted the relevant license agreement below.
I know what you are talking about in terms of the EULA.
--
@~@ Remain silent! Drink, Blink, Stretch! Live long and prosper!!
/ v \ Simplicity is Beauty!
/( _ )\ May the Force and farces be with you!
^ ^ (x86_64 Ubuntu 9.10) Linux 2.6.39.3
不借貸! 不詐騙! 不賭錢! 不援交! 不打交! 不打劫! 不自殺! 不求神! 請考慮綜援
(CSSA):
http://www.swd.gov.hk/tc/index/site_pubsvc/page_socsecu/sub_addressesa
Mr. Man-wai Chang
2018-04-11 15:40:21 UTC
Permalink
Post by Paul
Post by Mr. Man-wai Chang
NO, I don't wanna use any special tool. I don't wanna play game of trust.
We just need a list containing all IP addresses and domain names of
Window$ Update servers.
Fine. Then *don't* ask this question again.
Do you think blocking IP addresses is a game of
MahJong or something ? Blocking is hackery too, and
a hackery with no certain outcome. Only... frustration
when your subterfuge fails.
I would like to prevent my own Win 10 from reaching Micro$oft without
APPROVAL and CONSENT. That's all.

You can do the same if you wish, as it's your home and your computer! :)
--
@~@ Remain silent! Drink, Blink, Stretch! Live long and prosper!!
/ v \ Simplicity is Beauty!
/( _ )\ May the Force and farces be with you!
^ ^ (x86_64 Ubuntu 9.10) Linux 2.6.39.3
不借貸! 不詐騙! 不賭錢! 不援交! 不打交! 不打劫! 不自殺! 不求神! 請考慮綜援
(CSSA):
http://www.swd.gov.hk/tc/index/site_pubsvc/page_socsecu/sub_addressesa
Bob_S
2018-04-11 02:06:26 UTC
Permalink
Post by Paul
Post by Mr. Man-wai Chang
Anyone got the list of IP addresses and domain names?
I don't want my Win 10 being AUTOMATICALLY updated to bring troubles. :)
If you unplug the network cable, you will be *very very* safe.
I promise.
*******
http://www.majorgeeks.com/files/details/windows_update_minitool.html
https://www.reddit.com/r/Windows10/comments/4p1yu6/are_any_of_you_using_the_windows_update_minitool/
https://www.reddit.com/r/Windows10/comments/4wv6fe/windows_update_minitool_is_a_free_alternative_to/
"For some reason large parts of it is in russian for me.
Anyone else have this problem?
My Windows-version is swedish.
"
https://www.tenforums.com/drivers-hardware/33521-windows-update-minitool-2.html
"Use (WUMT --- download) link listed on page from above link.
First you must download the tool (comes in both x86 and x64 versions)
then download your preferred language ini file. Place language ini file
in same directory as x86 and x64 files.
http://forums.mydigitallife.info/threads/64939-Windows-Update-MiniTool
"
HTH,
Paul
Paul,

I don't see the original post (probably filtered out) so I'll just drop in
here to add my two cents. You can use the following FQDN's but I seriously
doubt this is complete but these are posted on the MS TechNet site and
current as of Apr 2015

http://windowsupdate.microsoft.com
http://*.windowsupdate.microsoft.com
https://*.windowsupdate.microsoft.com
http://*.update.microsoft.com
https://*.update.microsoft.com
http://*.windowsupdate.com
http://download.windowsupdate.com
http://download.microsoft.com
http://*.download.windowsupdate.com
http://test.stats.update.microsoft.com
http://ntservicepack.microsoft.com

MS has WSUS servers all over the world. You could try using WireShark to
trap URL's by manually triggering an update from several systems to catch a
few. Then in your firewall blocks those and see what Win10 does - it spits
out another IP after it fails to contact the first server.

With all the WSUS servers and mechanisms within Win10 to overcome
permanently blocking updates - you're in for a long day. Here's a post on
MS Partner support forum that may help as well as a hot link within that
post:

https://partnersupport.microsoft.com/en-us/par_clientsol/forum/par_win/microsoft-windows-update-url-full-details/73f42ef2-8ae2-4926-948f-521c45fbffcd
--
Bob S.
Paul
2018-04-11 04:13:02 UTC
Permalink
Post by Bob_S
Post by Paul
Post by Mr. Man-wai Chang
Anyone got the list of IP addresses and domain names?
I don't want my Win 10 being AUTOMATICALLY updated to bring troubles. :)
If you unplug the network cable, you will be *very very* safe.
I promise.
*******
http://www.majorgeeks.com/files/details/windows_update_minitool.html
https://www.reddit.com/r/Windows10/comments/4p1yu6/are_any_of_you_using_the_windows_update_minitool/
https://www.reddit.com/r/Windows10/comments/4wv6fe/windows_update_minitool_is_a_free_alternative_to/
"For some reason large parts of it is in russian for me.
Anyone else have this problem?
My Windows-version is swedish.
"
https://www.tenforums.com/drivers-hardware/33521-windows-update-minitool-2.html
"Use (WUMT --- download) link listed on page from above link.
First you must download the tool (comes in both x86 and x64 versions)
then download your preferred language ini file. Place language ini file
in same directory as x86 and x64 files.
http://forums.mydigitallife.info/threads/64939-Windows-Update-MiniTool
"
HTH,
Paul
Paul,
I don't see the original post (probably filtered out) so I'll just drop
in here to add my two cents. You can use the following FQDN's but I
seriously doubt this is complete but these are posted on the MS TechNet
site and current as of Apr 2015
http://windowsupdate.microsoft.com
http://*.windowsupdate.microsoft.com
https://*.windowsupdate.microsoft.com
http://*.update.microsoft.com
https://*.update.microsoft.com
http://*.windowsupdate.com
http://download.windowsupdate.com
http://download.microsoft.com
http://*.download.windowsupdate.com
http://test.stats.update.microsoft.com
http://ntservicepack.microsoft.com
MS has WSUS servers all over the world. You could try using WireShark
to trap URL's by manually triggering an update from several systems to
catch a few. Then in your firewall blocks those and see what Win10 does
- it spits out another IP after it fails to contact the first server.
With all the WSUS servers and mechanisms within Win10 to overcome
permanently blocking updates - you're in for a long day. Here's a post
on MS Partner support forum that may help as well as a hot link within
https://partnersupport.microsoft.com/en-us/par_clientsol/forum/par_win/microsoft-windows-update-url-full-details/73f42ef2-8ae2-4926-948f-521c45fbffcd
Microsoft has a series of canned IP addresses with no reverse
lookup. They're used in case the user blocks the regular ones.

For example, my Win10 box contacted the "vortex" server while
I was running Wireshark. The Wireshark trace didn't list a symbolic
address. Using nslookup, I didn't get a symbolic address either.
Which means my computer did not contact a local DNS server, to
obtain the numeric IP address in question.

Using a web server offering DNS translations, I could see it
was the vortex server.

If a network operation doesn't require consulting a HOSTS
file, I don't see how loading the file up with stuff
will help.

That's what the guy in some forum was pointing out.

Once a piece of software resorts to such techniques,
now they don't even need to keep a list, or
keep an obfuscated list, or keep en encrypted IP
list. Tney can use algorithmically generated IP addresses,
just the way that malware uses to contact C&C servers.
Where the domains are registered hours before they're
needed, to keep contact with the C&C working. A simple
math equation, generates an infinite list of IPs.

Paul
Mr. Man-wai Chang
2018-04-11 15:27:16 UTC
Permalink
Post by Paul
Microsoft has a series of canned IP addresses with no reverse
lookup. They're used in case the user blocks the regular ones.
For example, my Win10 box contacted the "vortex" server while
I was running Wireshark. The Wireshark trace didn't list a symbolic
address. Using nslookup, I didn't get a symbolic address either.
Which means my computer did not contact a local DNS server, to
obtain the numeric IP address in question.
Is this a military requirement? Requested by US Senates? :)
--
@~@ Remain silent! Drink, Blink, Stretch! Live long and prosper!!
/ v \ Simplicity is Beauty!
/( _ )\ May the Force and farces be with you!
^ ^ (x86_64 Ubuntu 9.10) Linux 2.6.39.3
不借貸! 不詐騙! 不賭錢! 不援交! 不打交! 不打劫! 不自殺! 不求神! 請考慮綜援
(CSSA):
http://www.swd.gov.hk/tc/index/site_pubsvc/page_socsecu/sub_addressesa
Loading...