Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

Add missing spy domains #465

Open
ghost opened this issue May 16, 2022 · 8 comments
Open

Add missing spy domains #465

ghost opened this issue May 16, 2022 · 8 comments
Labels
🚦 rules

Comments

@ghost
Copy link

ghost commented May 16, 2022

The following spy domains are already blocked by hosts but not by DNSCrypt or proxifier:

cy2.vortex.data.microsoft.com.akadns.net
db5.vortex.data.microsoft.com.akadns.net
geo.vortex.data.microsoft.com.akadns.net
sqm.telemetry.microsoft.com.nsatc.net
v10-win.vortex.data.microsoft.com.akadns.net

Please add them everywhere.
@crazy-max
Copy link
Owner

already there through wildcards.

@ghost
Copy link
Author

ghost commented May 16, 2022

Please read domains from the right to the left. There are no wildcard entries for *.akadns.net or *.nsatc.net.

@crazy-max
Copy link
Owner

I prefer to use passive detection from the VMs I use to make sure I don't include false positives. I still keep your list aside. Thanks.

@ghost
Copy link
Author

ghost commented May 16, 2022

The entries are from your hosts file, not anything new. I only suggest to make all your different data files (hosts, DNSCrypt, proxifier, etc.) match the same domains.

@crazy-max
Copy link
Owner

Oh indeed wildcard is missing, will fix that, thanks for your feedback.

@thatsprettygood
Copy link

Will a hotfix for this be released soon?

@crazy-max crazy-max reopened this May 17, 2022
@ghost
Copy link
Author

ghost commented May 18, 2022

@thatsprettygood This only affects DNSCrypt and proxifier spy rules, so it's not that urgent.

@einfacharthur
Copy link

what about this adresses?

au-v10.events.data.microsoft.com
au-v20.events.data.microsoft.com
au.vortex-win.data.microsoft.com
de-v20.events.data.microsoft.com
de.vortex-win.data.microsoft.com
eu-v10.events.data.microsoft.com
eu-v20.events.data.microsoft.com
eu.vortex-win.data.microsoft.com
events-sandbox.data.microsoft.com
events.data.microsoft.com
jp-v10.events.data.microsoft.com
jp-v20.events.data.microsoft.com
settings-win.data.microsoft.com
telecommand.telemetry.microsoft.com
uk-v20.events.data.microsoft.com
uk.vortex-win.data.microsoft.com
us-v10.events.data.microsoft.com
us-v20.events.data.microsoft.com
us.vortex-win.data.microsoft.com
us4-v20.events.data.microsoft.com
us5-v20.events.data.microsoft.com
v10.events.data.microsoft.com
v10.vortex-win.data.microsoft.com
v20.events.data.microsoft.com
v20.vortex-win.data.microsoft.com
vortex-win-sandbox.data.microsoft.com
vortex-win.data.microsoft.com
watson.*.microsoft.com

https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Cyber-Sicherheit/SiSyPHus/Telemetrie-Endpunkte_Windows10_Build_Build_21H2.html

# for free to join this conversation on GitHub. Already have an account? # to comment
Assignees
No one assigned
Labels
🚦 rules
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@crazy-max @einfacharthur @thatsprettygood