# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ # Rules are provided by crazy-max/WindowsSpyBlocker # https://github.com/crazy-max/WindowsSpyBlocker/blob/master/data/firewall/spy.txt # Last updated on 23 Jan, 2020 # Template was adapted for SharpApp https://github.com/mirinsoft/sharpapp # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ### Block Microsoft Telemetry IPs via Windows Firewall ### ### This script will not block Windows updates and third party applications from Microsoft like OneDrive, Skype, Live etc. ### ### To do so, you can get the "hardcoreFirewallTemplate" from the Marketplace ### Write-Output "Adding telemetry IPs to firewall" $ips = @( "13.68.31.193" "13.66.56.243" "13.68.82.8" "13.70.180.171" "13.73.26.107" "13.78.130.220" "13.78.232.226" "13.78.233.133" "13.88.28.53" "13.92.194.212" "20.44.86.43" "20.189.74.153" "23.99.49.121" "23.102.4.253" "23.102.21.4" "23.103.182.126" "40.68.222.212" "40.69.153.67" "40.70.184.83" "40.70.220.248" "40.70.221.249" "40.77.228.47" "40.77.228.87" "40.77.228.92" "40.77.232.101" "40.79.85.125" "40.90.221.9" "40.115.3.210" "40.115.119.185" "40.119.211.203" "40.124.34.70" "51.140.40.236" "51.140.157.153" "51.143.111.7" "51.143.111.81" "52.114.6.46" "52.114.6.47" "52.114.7.36" "52.114.7.37" "52.114.7.38" "52.114.7.39" "52.114.32.5" "52.114.32.6" "52.114.32.7" "52.114.32.8" "52.114.32.24" "52.114.32.25" "52.114.36.1" "52.114.36.2" "52.114.36.3" "52.114.36.4" "52.114.74.43" "52.114.74.44" "52.114.74.45" "52.114.75.78" "52.114.75.79" "52.114.75.149" "52.114.75.150" "52.114.76.34" "52.114.76.35" "52.114.76.37" "52.114.77.33" "52.114.77.34" "52.114.77.137" "52.114.77.164" "52.114.88.19" "52.114.88.20" "52.114.88.21" "52.114.88.22" "52.114.88.28" "52.114.88.29" "52.114.128.7" "52.114.128.8" "52.114.128.9" "52.114.128.10" "52.114.128.43" "52.114.128.44" "52.114.128.58" "52.114.132.14" "52.114.132.20" "52.114.132.21" "52.114.132.22" "52.114.132.23" "52.114.132.73" "52.114.132.74" "52.114.158.50" "52.114.158.51" "52.114.158.52" "52.114.158.53" "52.114.158.91" "52.114.158.92" "52.114.158.102" "52.138.204.217" "52.138.216.83" "52.155.172.105" "52.157.234.37" "52.158.208.111" "52.164.241.205" "52.169.189.83" "52.170.83.19" "52.174.22.246" "52.178.147.240" "52.178.151.212" "52.178.178.16" "52.178.223.23" "52.183.114.173" "52.229.39.152" "52.230.85.180" "52.236.42.239" "52.236.43.202" "65.52.100.7" "65.52.100.9" "65.52.100.11" "65.52.100.91" "65.52.100.92" "65.52.100.93" "65.52.100.94" "65.52.161.64" "65.55.29.238" "65.55.44.51" "65.55.44.54" "65.55.44.108" "65.55.44.109" "65.55.83.120" "65.55.113.11" "65.55.113.12" "65.55.113.13" "65.55.176.90" "65.55.252.43" "65.55.252.63" "65.55.252.70" "65.55.252.71" "65.55.252.72" "65.55.252.93" "65.55.252.190" "65.55.252.202" "66.119.147.131" "104.41.207.73" "104.43.137.66" "104.43.139.21" "104.43.140.223" "104.43.228.53" "104.43.228.202" "104.43.237.169" "104.45.11.195" "104.45.214.112" "104.46.1.211" "104.46.38.64" "104.210.4.77" "104.210.40.87" "104.210.212.243" "104.214.35.244" "104.214.78.152" "131.253.6.87" "131.253.6.103" "131.253.40.37" "134.170.30.202" "134.170.30.203" "134.170.30.204" "134.170.30.221" "134.170.52.151" "134.170.235.16" "157.56.74.250" "157.56.91.77" "157.56.106.184" "157.56.106.185" "157.56.106.189" "157.56.113.217" "157.56.121.89" "157.56.124.87" "157.56.149.250" "157.56.194.72" "157.56.194.73" "157.56.194.74" "168.61.24.141" "168.61.146.25" "168.61.149.17" "168.61.172.71" "168.62.187.13" "168.63.100.61" "168.63.108.233" "191.236.155.80" "191.237.218.239" "191.239.50.18" "191.239.50.77" "191.239.52.100" "191.239.54.52" "207.68.166.254" ) Remove-NetFirewallRule -DisplayName "Spydish Microsoft Telemetry Block" -ErrorAction SilentlyContinue New-NetFirewallRule -DisplayName "Spydish Microsoft Telemetry Block" -Direction Outbound ` -Action Block -RemoteAddress ([string[]]$ips)