Blocking ALL Window$ Update servers

Anyone got the list of IP addresses and domain names?

I don't want my Win 10 being AUTOMATICALLY updated to bring troubles.

--
@~@ Remain silent! Drink, Blink, Stretch! Live long and prosper!!
/ v \ Simplicity is Beauty!
/( _ )\ May the Force and farces be with you!
^ ^ (x86_64 Ubuntu 9.10) Linux 2.6.39.3
ä¸�借貸! ä¸�è©�騙! ä¸�è³*錢! ä¸�æ�´äº¤! ä¸�打交! ä¸�打劫! ä¸�自殺! ä¸�求神! 請考慮綜æ�´
(CSSA):
http://www.swd.gov.hk/tc/index/site_...sub_addressesa

Mr. Man-wai Chang wrote:

Anyone got the list of IP addresses and domain names?

I don't want my Win 10 being AUTOMATICALLY updated to bring troubles.


If you unplug the network cable, you will be *very very* safe.

I promise.

*******

http://www.majorgeeks.com/files/deta..._minitool.html

https://www.reddit.com/r/Windows10/c...date_minitool/

https://www.reddit.com/r/Windows10/c...lternative_to/

"For some reason large parts of it is in russian for me.
Anyone else have this problem?

My Windows-version is swedish.
"

https://www.tenforums.com/drivers-ha...initool-2.html

"Use (WUMT --- download) link listed on page from above link.

First you must download the tool (comes in both x86 and x64 versions)
then download your preferred language ini file. Place language ini file
in same directory as x86 and x64 files.

http://forums.mydigitallife.info/thr...pdate-MiniTool

"

HTH,
Paul

In message , Paul
writes:
Mr. Man-wai Chang wrote:
Anyone got the list of IP addresses and domain names?
I don't want my Win 10 being AUTOMATICALLY updated to bring
troubles.


If you unplug the network cable, you will be *very very* safe.

I promise.

Not if wifi is enabled (-:
[]
--
J. P. Gilliver. UMRA: 1960/1985 MB++G()AL-IS-Ch++(p)Ar@T+H+Sh0!:`)DNAf

Nunc Tutus Exitus Computarus (It is now safe to turn off your computer).

On 4/10/2018 11:50 AM, J. P. Gilliver (John) wrote:
In message , Paul
writes:
Mr. Man-wai Chang wrote:
Â*Anyone got the list of IP addresses and domain names?
Â*I don't want my Win 10 being AUTOMATICALLY updated to bring
troubles.


If you unplug the network cable, you will be *very very* safe.

I promise.

Not if wifi is enabled (-:
[]
I depends on which net work cable. The one from the Wall to the router,
or the one from the router to the computer ;-)

--
2018: The year we learn to play the great game of Euchre

On 10/4/2018 7:38 PM, Paul wrote:

If you unplug the network cable, you will be *very very* safe.
I promise.

Or switch ALL over to Linux? But then Fedora and Ubuntu also feature
update services.


http://www.majorgeeks.com/files/deta..._minitool.html

https://www.reddit.com/r/Windows10/c...date_minitool/


https://www.reddit.com/r/Windows10/c...lternative_to/


Â*Â* "For some reason large parts of it is in russian for me.
Â*Â*Â* Anyone else have this problem?

Â*Â*Â* My Windows-version is swedish.
Â*Â* "

https://www.tenforums.com/drivers-ha...initool-2.html


Â* "Use (WUMT --- download) link listed on page from above link.

Â*Â* First you must download the tool (comes in both x86 and x64 versions)
Â*Â* then download your preferred language ini file. Place language ini file
Â*Â* in same directory as x86 and x64 files.

Â*Â* http://forums.mydigitallife.info/thr...pdate-MiniTool

NO, I don't wanna use any special tool. I don't wanna play game of trust.

We just need a list containing all IP addresses and domain names of
Window$ Update servers.

--
@~@ Remain silent! Drink, Blink, Stretch! Live long and prosper!!
/ v \ Simplicity is Beauty!
/( _ )\ May the Force and farces be with you!
^ ^ (x86_64 Ubuntu 9.10) Linux 2.6.39.3
ä¸�借貸! ä¸�è©�騙! ä¸�è³*錢! ä¸�æ�´äº¤! ä¸�打交! ä¸�打劫! ä¸�自殺! ä¸�求神! 請考慮綜æ�´
(CSSA):
http://www.swd.gov.hk/tc/index/site_...sub_addressesa

On 10/4/2018 11:50 PM, J. P. Gilliver (John) wrote:

If you unplug the network cable, you will be *very very* safe.

I promise.

Not if wifi is enabled (-:

And Bluetooth? And Homeplug?

--
@~@ Remain silent! Drink, Blink, Stretch! Live long and prosper!!
/ v \ Simplicity is Beauty!
/( _ )\ May the Force and farces be with you!
^ ^ (x86_64 Ubuntu 9.10) Linux 2.6.39.3
ä¸�借貸! ä¸�è©�騙! ä¸�è³*錢! ä¸�æ�´äº¤! ä¸�打交! ä¸�打劫! ä¸�自殺! ä¸�求神! 請考慮綜æ�´
(CSSA):
http://www.swd.gov.hk/tc/index/site_...sub_addressesa

Keith Nuttle wrote:
On 4/10/2018 11:50 AM, J. P. Gilliver (John) wrote:
In message , Paul
writes:
Mr. Man-wai Chang wrote:
Â*Anyone got the list of IP addresses and domain names?
Â*I don't want my Win 10 being AUTOMATICALLY updated to bring
troubles.


If you unplug the network cable, you will be *very very* safe.

I promise.

Not if wifi is enabled (-:
[]
I depends on which net work cable. The one from the Wall to the router,
or the one from the router to the computer ;-)


Or which cable, if it is the power cable then you have ultimate security ;-)

--
Take care,

Jonathan
-------------------
LITTLE WORKS STUDIO
http://www.LittleWorksStudio.com

Mr. Man-wai Chang wrote:


NO, I don't wanna use any special tool. I don't wanna play game of trust.

We just need a list containing all IP addresses and domain names of
Window$ Update servers.

Fine. Then *don't* ask this question again.

Do you think blocking IP addresses is a game of
MahJong or something ? Blocking is hackery too, and
a hackery with no certain outcome. Only... frustration
when your subterfuge fails.

*******

It's actually illegal to reverse engineer Windows
and you can be charged under DMCA. This is why
"researchers" who work in official institutions
cannot provide us with complete lists of resources
needed to "break" windows. Because they could be
charged under DMCA. This is one reason, why no
researcher will provide us with information
about Skype any more. "Legal chill". They were
out on a limb when they analyzed the first
version of Skype (before Microsoft bought it).
Some Skype researchers actually had a separate
web page, listing the advice they got from a
lawyer.

So while you're having fun and games out here,
there is a reason why authoritative research
doesn't exist, and only dribs and drabs are
available. If you do a "professional" job of
reverse engineering the OS, and publish from
a static web page, they *could* come after you.

I think early on, when someone in s social
networking site, delivered a list of resources
for Windows 10, he "disappeared", and at the time,
I suspected some lawyers with DMCA threats played
a part. (They may have sent a take-down to the
platform he was publishing on.) The dude didn't
disappear because his mom had pizza pockets
in the microwave.

So good luck with figuring out that IP
list *on your own*.

Paul

"Paul" wrote in message news

Mr. Man-wai Chang wrote:

Anyone got the list of IP addresses and domain names?

I don't want my Win 10 being AUTOMATICALLY updated to bring troubles.


If you unplug the network cable, you will be *very very* safe.

I promise.

*******

http://www.majorgeeks.com/files/deta..._minitool.html

https://www.reddit.com/r/Windows10/c...date_minitool/

https://www.reddit.com/r/Windows10/c...lternative_to/

"For some reason large parts of it is in russian for me.
Anyone else have this problem?

My Windows-version is swedish.
"

https://www.tenforums.com/drivers-ha...initool-2.html

"Use (WUMT --- download) link listed on page from above link.

First you must download the tool (comes in both x86 and x64 versions)
then download your preferred language ini file. Place language ini file
in same directory as x86 and x64 files.

http://forums.mydigitallife.info/thr...pdate-MiniTool

"

HTH,
Paul

Paul,

I don't see the original post (probably filtered out) so I'll just drop in
here to add my two cents. You can use the following FQDN's but I seriously
doubt this is complete but these are posted on the MS TechNet site and
current as of Apr 2015

http://windowsupdate.microsoft.com
http://*.windowsupdate.microsoft.com
https://*.windowsupdate.microsoft.com
http://*.update.microsoft.com
https://*.update.microsoft.com
http://*.windowsupdate.com
http://download.windowsupdate.com
http://download.microsoft.com
http://*.download.windowsupdate.com
http://test.stats.update.microsoft.com
http://ntservicepack.microsoft.com

MS has WSUS servers all over the world. You could try using WireShark to
trap URL's by manually triggering an update from several systems to catch a
few. Then in your firewall blocks those and see what Win10 does - it spits
out another IP after it fails to contact the first server.

With all the WSUS servers and mechanisms within Win10 to overcome
permanently blocking updates - you're in for a long day. Here's a post on
MS Partner support forum that may help as well as a hot link within that
post:

https://partnersupport.microsoft.com...f-521c45fbffcd

--


Bob S.

On 2018-04-10, Paul wrote:
It's actually illegal to reverse engineer Windows
and you can be charged under DMCA.

You can only be charged under DMCA if you live in the United States.

--
-----------------------------------------------------------------------------
Roger Blake (Posts from Google Groups killfiled due to excess spam.)

NSA sedition and treason -- http://www.DeathToNSAthugs.com
Don't talk to cops! -- http://www.DontTalkToCops.com
Badges don't grant extra rights -- http://www.CopBlock.org
-----------------------------------------------------------------------------

Bob_S wrote:
"Paul" wrote in message news

Mr. Man-wai Chang wrote:

Anyone got the list of IP addresses and domain names?

I don't want my Win 10 being AUTOMATICALLY updated to bring troubles.


If you unplug the network cable, you will be *very very* safe.

I promise.

*******

http://www.majorgeeks.com/files/deta..._minitool.html

https://www.reddit.com/r/Windows10/c...date_minitool/


https://www.reddit.com/r/Windows10/c...lternative_to/


"For some reason large parts of it is in russian for me.
Anyone else have this problem?

My Windows-version is swedish.
"

https://www.tenforums.com/drivers-ha...initool-2.html


"Use (WUMT --- download) link listed on page from above link.

First you must download the tool (comes in both x86 and x64 versions)
then download your preferred language ini file. Place language ini
file
in same directory as x86 and x64 files.

http://forums.mydigitallife.info/thr...pdate-MiniTool

"

HTH,
Paul

Paul,

I don't see the original post (probably filtered out) so I'll just drop
in here to add my two cents. You can use the following FQDN's but I
seriously doubt this is complete but these are posted on the MS TechNet
site and current as of Apr 2015

http://windowsupdate.microsoft.com
http://*.windowsupdate.microsoft.com
https://*.windowsupdate.microsoft.com
http://*.update.microsoft.com
https://*.update.microsoft.com
http://*.windowsupdate.com
http://download.windowsupdate.com
http://download.microsoft.com
http://*.download.windowsupdate.com
http://test.stats.update.microsoft.com
http://ntservicepack.microsoft.com

MS has WSUS servers all over the world. You could try using WireShark
to trap URL's by manually triggering an update from several systems to
catch a few. Then in your firewall blocks those and see what Win10 does
- it spits out another IP after it fails to contact the first server.

With all the WSUS servers and mechanisms within Win10 to overcome
permanently blocking updates - you're in for a long day. Here's a post
on MS Partner support forum that may help as well as a hot link within
that post:

https://partnersupport.microsoft.com...f-521c45fbffcd

Microsoft has a series of canned IP addresses with no reverse
lookup. They're used in case the user blocks the regular ones.

For example, my Win10 box contacted the "vortex" server while
I was running Wireshark. The Wireshark trace didn't list a symbolic
address. Using nslookup, I didn't get a symbolic address either.
Which means my computer did not contact a local DNS server, to
obtain the numeric IP address in question.

Using a web server offering DNS translations, I could see it
was the vortex server.

If a network operation doesn't require consulting a HOSTS
file, I don't see how loading the file up with stuff
will help.

That's what the guy in some forum was pointing out.

Once a piece of software resorts to such techniques,
now they don't even need to keep a list, or
keep an obfuscated list, or keep en encrypted IP
list. Tney can use algorithmically generated IP addresses,
just the way that malware uses to contact C&C servers.
Where the domains are registered hours before they're
needed, to keep contact with the C&C working. A simple
math equation, generates an infinite list of IPs.

Paul

On 11/4/2018 12:13 PM, Paul wrote:

Microsoft has a series of canned IP addresses with no reverse
lookup. They're used in case the user blocks the regular ones.

For example, my Win10 box contacted the "vortex" server while
I was running Wireshark. The Wireshark trace didn't list a symbolic
address. Using nslookup, I didn't get a symbolic address either.
Which means my computer did not contact a local DNS server, to
obtain the numeric IP address in question.

Is this a military requirement? Requested by US Senates?

--
@~@ Remain silent! Drink, Blink, Stretch! Live long and prosper!!
/ v \ Simplicity is Beauty!
/( _ )\ May the Force and farces be with you!
^ ^ (x86_64 Ubuntu 9.10) Linux 2.6.39.3
ä¸�借貸! ä¸�è©�騙! ä¸�è³*錢! ä¸�æ�´äº¤! ä¸�打交! ä¸�打劫! ä¸�自殺! ä¸�求神! 請考慮綜æ�´
(CSSA):
http://www.swd.gov.hk/tc/index/site_...sub_addressesa

On 11/4/2018 5:40 AM, Paul wrote:
Mr. Man-wai Chang wrote:


NO, I don't wanna use any special tool. I don't wanna play game of trust.

We just need a list containing all IP addresses and domain names of
Window$ Update servers.

Fine. Then *don't* ask this question again.

Do you think blocking IP addresses is a game of
MahJong or something ? Blocking is hackery too, and
a hackery with no certain outcome. Only... frustration
when your subterfuge fails.


I would like to prevent my own Win 10 from reaching Micro$oft without
APPROVAL and CONSENT. That's all.

You can do the same if you wish, as it's your home and your computer!

--
@~@ Remain silent! Drink, Blink, Stretch! Live long and prosper!!
/ v \ Simplicity is Beauty!
/( _ )\ May the Force and farces be with you!
^ ^ (x86_64 Ubuntu 9.10) Linux 2.6.39.3
ä¸�借貸! ä¸�è©�騙! ä¸�è³*錢! ä¸�æ�´äº¤! ä¸�打交! ä¸�打劫! ä¸�自殺! ä¸�求神! 請考慮綜æ�´
(CSSA):
http://www.swd.gov.hk/tc/index/site_...sub_addressesa

On 11/4/2018 10:27 AM, Roger Blake wrote:

You can only be charged under DMCA if you live in the United States.


You don't need to argue with Paul on legal issues. It's just about
approval and consent.

--
@~@ Remain silent! Drink, Blink, Stretch! Live long and prosper!!
/ v \ Simplicity is Beauty!
/( _ )\ May the Force and farces be with you!
^ ^ (x86_64 Ubuntu 9.10) Linux 2.6.39.3
ä¸�借貸! ä¸�è©�騙! ä¸�è³*錢! ä¸�æ�´äº¤! ä¸�打交! ä¸�打劫! ä¸�自殺! ä¸�求神! 請考慮綜æ�´
(CSSA):
http://www.swd.gov.hk/tc/index/site_...sub_addressesa

On 4/11/2018 10:41 AM, Mr. Man-wai Chang wrote:
On 11/4/2018 10:27 AM, Roger Blake wrote:

You can only be charged under DMCA if you live in the United States.


You don't need to argue with Paul on legal issues. It's just about
approval and consent.


YOU already gave your "approval and consent" to updating when you
accepted your Microsoft license terms.

"Updates. The software periodically checks for system and app updates,
and downloads and installs them for you. You may obtain updates only
from Microsoft or authorized sources, and Microsoft may need to update
your system to provide you with those updates. By accepting this
agreement, you agree to receive these types of automatic updates without
any additional notice."