What's new

AB-Solution 1.07 is out!

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

The thought occurred to me that it might be of some value going forward to have an "AB-Solution Whitelist" thread created where everyone could post what URLs they have whitelisted, and why, and - if known - which host file created the need for their whitelisting(s). Having that information consolidated in a single thread could make life a lot easier for someone installing AB-Solution for the first time. Building and maintaining a custom whitelist from those posts might be something that someone would want to do as well...

If anyone's interested, here's my somewhat custom blacklist for Windows 10, aka, Enhanced Interrogation Edition to do away with the telemetry crap:

Code:
#Microsoft
0.0.0.0 a-0001.a-msedge.net
0.0.0.0 a-0002.a-msedge.net
0.0.0.0 a-0003.a-msedge.net
0.0.0.0 a-0004.a-msedge.net
0.0.0.0 a-0005.a-msedge.net
0.0.0.0 a-0006.a-msedge.net
0.0.0.0 a-0007.a-msedge.net
0.0.0.0 a-0008.a-msedge.net
0.0.0.0 a-0009.a-msedge.net
0.0.0.0 a-msedge.net
0.0.0.0 a.ads1.msn.com
0.0.0.0 a.ads2.msads.net
0.0.0.0 a.ads2.msn.com
0.0.0.0 a.rad.msn.com
0.0.0.0 a0001.a-msedge.net
0.0.0.0 a0002.a-msedge.net
0.0.0.0 a0003.a-msedge.net
0.0.0.0 a0004.a-msedge.net
0.0.0.0 a0005.a-msedge.net
0.0.0.0 a0006.a-msedge.net
0.0.0.0 a0007.a-msedge.net
0.0.0.0 a0008.a-msedge.net
0.0.0.0 a0009.a-msedge.net
0.0.0.0 a1621.g.akamai.net
0.0.0.0 a1856.g2.akamai.net
0.0.0.0 a1961.g.akamai.net
0.0.0.0 a23-218-212-69.deploy.static.akamaitechnologies.com
0.0.0.0 a248.e.akamai.net
0.0.0.0 a978.i6g1.akamai.net
0.0.0.0 ac3.msn.com
0.0.0.0 ad.doubleclick.net
0.0.0.0 adnexus.net
0.0.0.0 adnxs.com
0.0.0.0 ads.msn.com
0.0.0.0 ads1.msads.net
0.0.0.0 ads1.msn.com
0.0.0.0 aidps.atdmt.com
0.0.0.0 aka-cdn-ns.adtech.de
0.0.0.0 aka.ms
0.0.0.0 americas2.notify.windows.com.akadns.net
0.0.0.0 any.edge.bing.com
0.0.0.0 apps.skype.com
0.0.0.0 atlas.c10r.facebook.com
0.0.0.0 az361816.vo.msecnd.net
0.0.0.0 az512334.vo.msecnd.net
0.0.0.0 b.ads1.msn.com
0.0.0.0 b.ads2.msads.net
0.0.0.0 b.rad.msn.com
0.0.0.0 bing.com
0.0.0.0 bingads.microsoft.com
0.0.0.0 bl3302.storage.live.com
0.0.0.0 bl3302geo.storage.dkyprod.akadns.net
0.0.0.0 bn1wns2011508.wns.windows.com
0.0.0.0 bs.serving-sys.com
0.0.0.0 c-0001.c-msedge.net
0.0.0.0 c.atdmt.com
0.0.0.0 c.msn.com
0.0.0.0 c.msn.com.nsatc.net
0.0.0.0 cdn.atdmt.com
0.0.0.0 cdnjs.cloudflare.com.cdn.cloudflare.net
0.0.0.0 cdp1.public-trust.com
0.0.0.0 cds26.ams9.msecn.net
0.0.0.0 choice.microsoft.com
0.0.0.0 choice.microsoft.com.nsatc.net
0.0.0.0 client.wns.windows.com
0.0.0.0 compatexchange.cloudapp.net
0.0.0.0 corp.sts.microsoft.com
0.0.0.0 corpext.msitadfs.glbdns2.microsoft.com
0.0.0.0 cs1.wpc.v0cdn.net
0.0.0.0 cy2.displaycatalog.md.mp.microsoft.com.akadns.net
0.0.0.0 db3aqu.atdmt.com
0.0.0.0 dc.services.visualstudio.com
0.0.0.0 df.telemetry.microsoft.com
0.0.0.0 diagnostics.support.microsoft.com
0.0.0.0 directory.services.live.com
0.0.0.0 directory.services.live.com.akadns.net
0.0.0.0 dns.msftncsi.com
0.0.0.0 download-ssl.msgamestudios.com
0.0.0.0 dt.adsafeprotected.com
0.0.0.0 e-0009.e-msedge.net
0.0.0.0 e2835.dspb.akamaiedge.net
0.0.0.0 e7341.g.akamaiedge.net
0.0.0.0 e7502.ce.akamaiedge.net
0.0.0.0 e8218.ce.akamaiedge.net
0.0.0.0 ec.atdmt.com
0.0.0.0 en-us.appex-rf.msn.com
0.0.0.0 eu.vortex.data.microsoft.com
0.0.0.0 fe2.update.microsoft.com.akadns.net
0.0.0.0 fe2.ws.microsoft.com.nsatc.net
0.0.0.0 fe3.delivery.dsp.mp.microsoft.com.nsatc.net
0.0.0.0 fe3.delivery.mp.microsoft.com
0.0.0.0 feedback.microsoft-hohm.com
0.0.0.0 feedback.search.microsoft.com
0.0.0.0 feedback.windows.com
0.0.0.0 flex.msn.com
0.0.0.0 fw.adsafeprotected.com
0.0.0.0 g.msn.com
0.0.0.0 go.microsoft.com
0.0.0.0 googleads4.g.doubleclick.net
0.0.0.0 h1.msn.com
0.0.0.0 hostedocsp.globalsign.com
0.0.0.0 i1.services.social.microsoft.com
0.0.0.0 i1.services.social.microsoft.com.nsatc.net
0.0.0.0 ieonlinews.microsoft.com
0.0.0.0 inference.location.livenet.akadns.net
0.0.0.0 ipv6.msftncsi.com
0.0.0.0 ipv6.msftncsi.com.edgesuite.net
0.0.0.0 lb1.www.ms.akadns.net
0.0.0.0 li581-132.members.linode.com
0.0.0.0 licensing.md.mp.microsoft.com
0.0.0.0 live.rads.msn.com
0.0.0.0 login.live.com.nsatc.net
0.0.0.0 m.adnxs.com
0.0.0.0 m.hotmail.com
0.0.0.0 m221.absolute.com
0.0.0.0 mobileads.msn.com
0.0.0.0 mpd.mxptint.net
0.0.0.0 mscrl.microsoft.com
0.0.0.0 msedge.net
0.0.0.0 msftncsi.com
0.0.0.0 msnbot-65-55-108-23.search.msn.com
0.0.0.0 msntest.serving-sys.com
0.0.0.0 ns1.msft.net
0.0.0.0 ns2.msft.net
0.0.0.0 ns3.msft.net
0.0.0.0 ns4.msft.net
0.0.0.0 ns5.msft.net
0.0.0.0 ns6.msft.net
0.0.0.0 oca.telemetry.microsoft.com
0.0.0.0 oca.telemetry.microsoft.com.nsatc.net
0.0.0.0 OneSettings-bn2.metron.live.com.nsatc.net
0.0.0.0 onesettings-cy2.metron.live.com.nsatc.net
0.0.0.0 origin.windows.microsoft.com.akadns.net
0.0.0.0 osiprod-scus-snow-000.cloudapp.net
0.0.0.0 pre.footprintpredict.com
0.0.0.0 preview.msn.com
0.0.0.0 pricelist.skype.com
0.0.0.0 prod-w.nexus.live.com.akadns.net
0.0.0.0 rad.live.com
0.0.0.0 rad.msn.com
0.0.0.0 redir.metaservices.microsoft.com
0.0.0.0 register.mesh.com
0.0.0.0 reports.wes.df.telemetry.microsoft.com
0.0.0.0 s.gateway.messenger.live.com
0.0.0.0 sc.iasds01.com
0.0.0.0 schemas.microsoft.akadns.net
0.0.0.0 secure.adnxs.com
0.0.0.0 secure.flashtalking.com
0.0.0.0 services.wes.df.telemetry.microsoft.com
0.0.0.0 settings-sandbox.data.microsoft.com
0.0.0.0 settings-win.data.microsoft.com
0.0.0.0 settings.data.glbdns2.microsoft.com
0.0.0.0 skyapi.live.net
0.0.0.0 skyapi.skyprod.akadns.net
0.0.0.0 skydrive.wns.windows.com
0.0.0.0 sls.update.microsoft.com.akadns.net
0.0.0.0 sm.mcafee.com
0.0.0.0 so.2mdn.net
0.0.0.0 solitaireprod.maelstrom.xboxlive.com
0.0.0.0 spynetus.microsoft.akadns.net
0.0.0.0 sqm.df.telemetry.microsoft.com
0.0.0.0 sqm.telemetry.microsoft.com
0.0.0.0 sqm.telemetry.microsoft.com.nsatc.net
0.0.0.0 ssw.live.com
0.0.0.0 ssw.live.com.nsatc.net
0.0.0.0 static.2mdn.net
0.0.0.0 statsfe1.ws.microsoft.com
0.0.0.0 statsfe2.update.microsoft.com.akadns.net
0.0.0.0 statsfe2.ws.microsoft.com
0.0.0.0 storeedgefd.dsx.mp.microsoft.com
0.0.0.0 su3.mcafee.com
0.0.0.0 survey.watson.microsoft.com
0.0.0.0 telecommand.telemetry.microsoft.com
0.0.0.0 telecommand.telemetry.microsoft.com.nsatc.net
0.0.0.0 telemetry.appex.bing.net
0.0.0.0 telemetry.appex.bing.net:443
0.0.0.0 telemetry.microsoft.com
0.0.0.0 telemetry.urs.microsoft.com
0.0.0.0 travel.tile.appex.bing.com
0.0.0.0 tunnel.cfw.trustedsource.org
0.0.0.0 ui.skype.com
0.0.0.0 updatekeepalive.mcafee.com
0.0.0.0 urs.microsoft.com.nsatc.net
0.0.0.0 v10.vortex-win.data.metron.life.com.nsatc.net
0.0.0.0 v10.vortex-win.data.microsoft.com
0.0.0.0 view.atdmt.com
0.0.0.0 vortex-bn2.metron.live.com.nsatc.net
0.0.0.0 vortex-cy2.metron.live.com.nsatc.net
0.0.0.0 vortex-hk2.metron.live.com.nsatc.net
0.0.0.0 vortex-sandbox.data.microsoft.com
0.0.0.0 vortex-win.data.microsoft.com
0.0.0.0 vortex.data.microsoft.com
0.0.0.0 watson.live.com
0.0.0.0 watson.microsoft.com
0.0.0.0 watson.ppe.telemetry.microsoft.com
0.0.0.0 watson.telemetry.microsoft.com
0.0.0.0 watson.telemetry.microsoft.com.nsatc.net
0.0.0.0 wes.df.telemetry.microsoft.com
0.0.0.0 wildcard.appex-rf.msn.com.edgesuite.net
0.0.0.0 wildcard.twimg.com
0.0.0.0 win10.ipv6.microsoft.com
0.0.0.0 win10.ipv6.microsoft.com.nsatc.net
0.0.0.0 wns.notify.windows.com.akadns.net
0.0.0.0 wns.windows.com
0.0.0.0 www.bing.com
0.0.0.0 www.go.microsoft.akadns.net
#0.0.0.0 fe2.update.microsoft.com.akadns.net # MICROSOFT UPDATE - UNCOMMENT TO BLOCK       
#0.0.0.0 fe2.update.microsoft.com.nsatc.net  # MICROSOFT UPDATE - UNCOMMENT TO BLOCK     
#0.0.0.0 a767.dspw65.akamai.net              # MICROSOFT UPDATE - UNCOMMENT TO BLOCK       
#0.0.0.0 sls.update.microsoft.com.akadns.net # MICROSOFT UPDATE - UNCOMMENT TO BLOCK         
#0.0.0.0 ui.skype.com                        # MICROSOFT SKYPE - UNCOMMENT TO BLOCK         
#0.0.0.0 pricelist.skype.com                 # MICROSOFT SKYPE - UNCOMMENT TO BLOCK         
#0.0.0.0 apps.skype.com                      # MICROSOFT SKYPE - UNCOMMENT TO BLOCK

Some say blocking the DNS addresses isn't the best way because Win10 has hard-coded IP addresses but afaik, that's only for the Windows Connect feature to let you know you're connected. But if I have to go through any more trouble to keep the products I buy from spying on me, I'm moving to Linux.
 
I think i know the answer to this, but there should be no perceivable speed difference using a USB2 stick vs a USB3 one should there?
 
If anyone's interested, here's my somewhat custom blacklist for Windows 10, aka, Enhanced Interrogation Edition to do away with the telemetry crap:

Code:
#Microsoft
0.0.0.0 a-0001.a-msedge.net
0.0.0.0 a-0002.a-msedge.net
0.0.0.0 a-0003.a-msedge.net
0.0.0.0 a-0004.a-msedge.net
0.0.0.0 a-0005.a-msedge.net
0.0.0.0 a-0006.a-msedge.net
0.0.0.0 a-0007.a-msedge.net
0.0.0.0 a-0008.a-msedge.net
0.0.0.0 a-0009.a-msedge.net
0.0.0.0 a-msedge.net
0.0.0.0 a.ads1.msn.com
0.0.0.0 a.ads2.msads.net
0.0.0.0 a.ads2.msn.com
0.0.0.0 a.rad.msn.com
0.0.0.0 a0001.a-msedge.net
0.0.0.0 a0002.a-msedge.net
0.0.0.0 a0003.a-msedge.net
0.0.0.0 a0004.a-msedge.net
0.0.0.0 a0005.a-msedge.net
0.0.0.0 a0006.a-msedge.net
0.0.0.0 a0007.a-msedge.net
0.0.0.0 a0008.a-msedge.net
0.0.0.0 a0009.a-msedge.net
0.0.0.0 a1621.g.akamai.net
0.0.0.0 a1856.g2.akamai.net
0.0.0.0 a1961.g.akamai.net
0.0.0.0 a23-218-212-69.deploy.static.akamaitechnologies.com
0.0.0.0 a248.e.akamai.net
0.0.0.0 a978.i6g1.akamai.net
0.0.0.0 ac3.msn.com
0.0.0.0 ad.doubleclick.net
0.0.0.0 adnexus.net
0.0.0.0 adnxs.com
0.0.0.0 ads.msn.com
0.0.0.0 ads1.msads.net
0.0.0.0 ads1.msn.com
0.0.0.0 aidps.atdmt.com
0.0.0.0 aka-cdn-ns.adtech.de
0.0.0.0 aka.ms
0.0.0.0 americas2.notify.windows.com.akadns.net
0.0.0.0 any.edge.bing.com
0.0.0.0 apps.skype.com
0.0.0.0 atlas.c10r.facebook.com
0.0.0.0 az361816.vo.msecnd.net
0.0.0.0 az512334.vo.msecnd.net
0.0.0.0 b.ads1.msn.com
0.0.0.0 b.ads2.msads.net
0.0.0.0 b.rad.msn.com
0.0.0.0 bing.com
0.0.0.0 bingads.microsoft.com
0.0.0.0 bl3302.storage.live.com
0.0.0.0 bl3302geo.storage.dkyprod.akadns.net
0.0.0.0 bn1wns2011508.wns.windows.com
0.0.0.0 bs.serving-sys.com
0.0.0.0 c-0001.c-msedge.net
0.0.0.0 c.atdmt.com
0.0.0.0 c.msn.com
0.0.0.0 c.msn.com.nsatc.net
0.0.0.0 cdn.atdmt.com
0.0.0.0 cdnjs.cloudflare.com.cdn.cloudflare.net
0.0.0.0 cdp1.public-trust.com
0.0.0.0 cds26.ams9.msecn.net
0.0.0.0 choice.microsoft.com
0.0.0.0 choice.microsoft.com.nsatc.net
0.0.0.0 client.wns.windows.com
0.0.0.0 compatexchange.cloudapp.net
0.0.0.0 corp.sts.microsoft.com
0.0.0.0 corpext.msitadfs.glbdns2.microsoft.com
0.0.0.0 cs1.wpc.v0cdn.net
0.0.0.0 cy2.displaycatalog.md.mp.microsoft.com.akadns.net
0.0.0.0 db3aqu.atdmt.com
0.0.0.0 dc.services.visualstudio.com
0.0.0.0 df.telemetry.microsoft.com
0.0.0.0 diagnostics.support.microsoft.com
0.0.0.0 directory.services.live.com
0.0.0.0 directory.services.live.com.akadns.net
0.0.0.0 dns.msftncsi.com
0.0.0.0 download-ssl.msgamestudios.com
0.0.0.0 dt.adsafeprotected.com
0.0.0.0 e-0009.e-msedge.net
0.0.0.0 e2835.dspb.akamaiedge.net
0.0.0.0 e7341.g.akamaiedge.net
0.0.0.0 e7502.ce.akamaiedge.net
0.0.0.0 e8218.ce.akamaiedge.net
0.0.0.0 ec.atdmt.com
0.0.0.0 en-us.appex-rf.msn.com
0.0.0.0 eu.vortex.data.microsoft.com
0.0.0.0 fe2.update.microsoft.com.akadns.net
0.0.0.0 fe2.ws.microsoft.com.nsatc.net
0.0.0.0 fe3.delivery.dsp.mp.microsoft.com.nsatc.net
0.0.0.0 fe3.delivery.mp.microsoft.com
0.0.0.0 feedback.microsoft-hohm.com
0.0.0.0 feedback.search.microsoft.com
0.0.0.0 feedback.windows.com
0.0.0.0 flex.msn.com
0.0.0.0 fw.adsafeprotected.com
0.0.0.0 g.msn.com
0.0.0.0 go.microsoft.com
0.0.0.0 googleads4.g.doubleclick.net
0.0.0.0 h1.msn.com
0.0.0.0 hostedocsp.globalsign.com
0.0.0.0 i1.services.social.microsoft.com
0.0.0.0 i1.services.social.microsoft.com.nsatc.net
0.0.0.0 ieonlinews.microsoft.com
0.0.0.0 inference.location.livenet.akadns.net
0.0.0.0 ipv6.msftncsi.com
0.0.0.0 ipv6.msftncsi.com.edgesuite.net
0.0.0.0 lb1.www.ms.akadns.net
0.0.0.0 li581-132.members.linode.com
0.0.0.0 licensing.md.mp.microsoft.com
0.0.0.0 live.rads.msn.com
0.0.0.0 login.live.com.nsatc.net
0.0.0.0 m.adnxs.com
0.0.0.0 m.hotmail.com
0.0.0.0 m221.absolute.com
0.0.0.0 mobileads.msn.com
0.0.0.0 mpd.mxptint.net
0.0.0.0 mscrl.microsoft.com
0.0.0.0 msedge.net
0.0.0.0 msftncsi.com
0.0.0.0 msnbot-65-55-108-23.search.msn.com
0.0.0.0 msntest.serving-sys.com
0.0.0.0 ns1.msft.net
0.0.0.0 ns2.msft.net
0.0.0.0 ns3.msft.net
0.0.0.0 ns4.msft.net
0.0.0.0 ns5.msft.net
0.0.0.0 ns6.msft.net
0.0.0.0 oca.telemetry.microsoft.com
0.0.0.0 oca.telemetry.microsoft.com.nsatc.net
0.0.0.0 OneSettings-bn2.metron.live.com.nsatc.net
0.0.0.0 onesettings-cy2.metron.live.com.nsatc.net
0.0.0.0 origin.windows.microsoft.com.akadns.net
0.0.0.0 osiprod-scus-snow-000.cloudapp.net
0.0.0.0 pre.footprintpredict.com
0.0.0.0 preview.msn.com
0.0.0.0 pricelist.skype.com
0.0.0.0 prod-w.nexus.live.com.akadns.net
0.0.0.0 rad.live.com
0.0.0.0 rad.msn.com
0.0.0.0 redir.metaservices.microsoft.com
0.0.0.0 register.mesh.com
0.0.0.0 reports.wes.df.telemetry.microsoft.com
0.0.0.0 s.gateway.messenger.live.com
0.0.0.0 sc.iasds01.com
0.0.0.0 schemas.microsoft.akadns.net
0.0.0.0 secure.adnxs.com
0.0.0.0 secure.flashtalking.com
0.0.0.0 services.wes.df.telemetry.microsoft.com
0.0.0.0 settings-sandbox.data.microsoft.com
0.0.0.0 settings-win.data.microsoft.com
0.0.0.0 settings.data.glbdns2.microsoft.com
0.0.0.0 skyapi.live.net
0.0.0.0 skyapi.skyprod.akadns.net
0.0.0.0 skydrive.wns.windows.com
0.0.0.0 sls.update.microsoft.com.akadns.net
0.0.0.0 sm.mcafee.com
0.0.0.0 so.2mdn.net
0.0.0.0 solitaireprod.maelstrom.xboxlive.com
0.0.0.0 spynetus.microsoft.akadns.net
0.0.0.0 sqm.df.telemetry.microsoft.com
0.0.0.0 sqm.telemetry.microsoft.com
0.0.0.0 sqm.telemetry.microsoft.com.nsatc.net
0.0.0.0 ssw.live.com
0.0.0.0 ssw.live.com.nsatc.net
0.0.0.0 static.2mdn.net
0.0.0.0 statsfe1.ws.microsoft.com
0.0.0.0 statsfe2.update.microsoft.com.akadns.net
0.0.0.0 statsfe2.ws.microsoft.com
0.0.0.0 storeedgefd.dsx.mp.microsoft.com
0.0.0.0 su3.mcafee.com
0.0.0.0 survey.watson.microsoft.com
0.0.0.0 telecommand.telemetry.microsoft.com
0.0.0.0 telecommand.telemetry.microsoft.com.nsatc.net
0.0.0.0 telemetry.appex.bing.net
0.0.0.0 telemetry.appex.bing.net:443
0.0.0.0 telemetry.microsoft.com
0.0.0.0 telemetry.urs.microsoft.com
0.0.0.0 travel.tile.appex.bing.com
0.0.0.0 tunnel.cfw.trustedsource.org
0.0.0.0 ui.skype.com
0.0.0.0 updatekeepalive.mcafee.com
0.0.0.0 urs.microsoft.com.nsatc.net
0.0.0.0 v10.vortex-win.data.metron.life.com.nsatc.net
0.0.0.0 v10.vortex-win.data.microsoft.com
0.0.0.0 view.atdmt.com
0.0.0.0 vortex-bn2.metron.live.com.nsatc.net
0.0.0.0 vortex-cy2.metron.live.com.nsatc.net
0.0.0.0 vortex-hk2.metron.live.com.nsatc.net
0.0.0.0 vortex-sandbox.data.microsoft.com
0.0.0.0 vortex-win.data.microsoft.com
0.0.0.0 vortex.data.microsoft.com
0.0.0.0 watson.live.com
0.0.0.0 watson.microsoft.com
0.0.0.0 watson.ppe.telemetry.microsoft.com
0.0.0.0 watson.telemetry.microsoft.com
0.0.0.0 watson.telemetry.microsoft.com.nsatc.net
0.0.0.0 wes.df.telemetry.microsoft.com
0.0.0.0 wildcard.appex-rf.msn.com.edgesuite.net
0.0.0.0 wildcard.twimg.com
0.0.0.0 win10.ipv6.microsoft.com
0.0.0.0 win10.ipv6.microsoft.com.nsatc.net
0.0.0.0 wns.notify.windows.com.akadns.net
0.0.0.0 wns.windows.com
0.0.0.0 www.bing.com
0.0.0.0 www.go.microsoft.akadns.net
#0.0.0.0 fe2.update.microsoft.com.akadns.net # MICROSOFT UPDATE - UNCOMMENT TO BLOCK     
#0.0.0.0 fe2.update.microsoft.com.nsatc.net  # MICROSOFT UPDATE - UNCOMMENT TO BLOCK   
#0.0.0.0 a767.dspw65.akamai.net              # MICROSOFT UPDATE - UNCOMMENT TO BLOCK     
#0.0.0.0 sls.update.microsoft.com.akadns.net # MICROSOFT UPDATE - UNCOMMENT TO BLOCK       
#0.0.0.0 ui.skype.com                        # MICROSOFT SKYPE - UNCOMMENT TO BLOCK       
#0.0.0.0 pricelist.skype.com                 # MICROSOFT SKYPE - UNCOMMENT TO BLOCK       
#0.0.0.0 apps.skype.com                      # MICROSOFT SKYPE - UNCOMMENT TO BLOCK

Some say blocking the DNS addresses isn't the best way because Win10 has hard-coded IP addresses but afaik, that's only for the Windows Connect feature to let you know you're connected. But if I have to go through any more trouble to keep the products I buy from spying on me, I'm moving to Linux.
Please re-post in the new thread AB-Solution: Combined shared whitelist/blacklist contribution Project
 
Last edited:
The thought occurred to me that it might be of some value going forward to have an "AB-Solution Whitelist" thread created where everyone could post what URLs they have whitelisted, and why, and - if known - which host file created the need for their whitelisting(s). Having that information consolidated in a single thread could make life a lot easier for someone installing AB-Solution for the first time. Building and maintaining a custom whitelist from those posts might be something that someone would want to do as well...
It's on: AB-Solution: Combined shared whitelist/blacklist contribution Project
 
Last edited:
I think i know the answer to this, but there should be no perceivable speed difference using a USB2 stick vs a USB3 one should there?
There really shouldn't be. Even if logging is enabled, dnsmasq log file writing is set to a lower priority with the 'log-async' flag.
And the hosts-adblock and blacklist.txt files are loaded into the routers memory when the router boots or dnsmasq is restarted.
 
So I installed this today and unfortunately I found a weakness: it fails to block IPv6 enabled ad services (google mostly) since 0.0.0.0 is an IPv4 address, when the browser asks for an AAAA record dnsmasq will fetch it from the upstream dns instead.
 
Well, fixed it for now by replacing awk '{print \$1 " " \$2}' with '{print $1 " " $2"\n:: " $2}'.
 
And noticed another issue, wget dies with segmentation fault!

EDIT: only way to workaround that was to replace that long wget line with a single wget for each hosts file and appending the results. Don't know why it segfaults, but it does if I leave it as a long line.
 
Last edited:
And noticed another issue, wget dies with segmentation fault!

EDIT: only way to workaround that was to replace that long wget line with a single wget for each hosts file and appending the results. Don't know why it segfaults, but it does if I leave it as a long line.
Those hosts file hosters block you after a certain amount of downloads per day for a time. This might be the segmentation fault.
 
Well, fixed it for now by replacing awk '{print \$1 " " \$2}' with '{print $1 " " $2"\n:: " $2}'.
Thanks, input like this is always welcome. Although, none of the hosts files contain IPv6 addresses.
 
Thanks, input like this is always welcome. Although, none of the hosts files contain IPv6 addresses.
Well, the google ad services included in the hosts files has both A records and AAAA records, so unless you create entries for both IPv4 and IPv6 the IPv6 one will be used. I have native IPv6 from my ISP for 5 years already...
 
Well, the google ad services included in the hosts files has both A records and AAAA records, so unless you create entries for both IPv4 and IPv6 the IPv6 one will be used. I have native IPv6 from my ISP for 5 years already...
Since about 3 years my ISP says IPv6 is coming soon.
Sooner or later it eventually will reach my place of abode. Until then I cannot test it.
 
Well, fixed it for now by replacing awk '{print \$1 " " \$2}' with '{print $1 " " $2"\n:: " $2}'.
So I just change that line and it will work?
 
So I just change that line and it will work?
Basically, yes, it will duplicate all entries creating an entry like this for each one:

Code:
::     www.youradhost.com

:: corresponds to 0.0.0.0 in IPv6 terms ( :: is expanded automatically to 0000:0000:0000:0000:0000:0000:0000:0000) . I also added these lines in the ab_dnsmasq_postconf.sh
Code:
pc_append "address=/::/::" $CONFIG
pc_append "ptr-record=0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa,::" $CONFIG
 
@charlie2alpha Thanks, I've added this to the future-features list for AB-Solution 1.08, to be released whenever I feel it's justified to release another script-only version.
 
Last edited:
First of all thanks so much, this project allowed me to get my first taste of scripts on my AC88U.

I wanted to share some enhancements I added:

For the update-hosts.sh I replaced the get hosts file and combine section with:

SQ=1
rm -f $dir/db/names
for i in $(cat $dir/db/db); do
wget -qO $dir/db/$SQ.txt $i
if [ $? -eq 0 ]; then
echo $i >> $dir/db/names
printf "$SQ - $i downloaded\n"
cat $dir/db/$SQ.txt >> $dir/temp1
let SQ=SQ+1
else
printf "$i was NOT downloaded\n"
fi
done

This gives me:
- a single file ($dir/db/db) listing the host files to download for a custom mix of lists
- an output to show whether or not files were downloaded
- list of URLs of downloaded files in /db/names
- each individual host file stored in /db/db as 1.txt 2.txt etc

I also have an iptables INPUT insert before and a delete after the above to temporarily allow access to download the lists (not shown)

The above points (excluding iptables) become useful when I want to see what lists contained a specific domain:

find-domain.sh
#!/bin/sh
dir=/tmp/mnt/USB/adblocking/db
printf "Enter domain: "
read domain
SQ=1
printf '\n'
for i in $dir/*.txt ; do
if grep -q $domain $i ; then
file=$(sed -n $SQ"p" $dir/names)
printf ''$file':\n'
cat $i | grep $domain -n
printf '\n'
let SQ=SQ+1
fi
done


This will list all of the matching files along with the matching line and line number, example:

admin@AC88U:/tmp/mnt/USB/adblocking/scripts# sh find-domain.sh
Enter domain: display.ugc.bazaarvoice.com

http://winhelp2002.mvps.org/hosts.txt:
27228:127.0.0.1 display.ugc.bazaarvoice.com

http://someonewhocares.org/hosts/zero/hosts:
94020:127.0.0.1 display.ugc.bazaarvoice.com

If there are multiple matches within a file it will list them all.

A couple of other modifications to update-hosts.sh:

For amalgamate the hosts files, removing duplicates and sort in alphabetical order section I have:

cat $dir/temp1 | sed 's/127.0.0.1/0.0.0.0/g;s/\r$//' | grep -w ^0.0.0.0 | awk '{print $1 " " $2}' > $dir/temp2
sort -u $dir/temp2 > $dir/temp3
TOTALLINES=$(wc -l < $dir/temp2)
UNIQUELINES=$(wc -l < $dir/temp3)

Then for remove localhost and whitelisted entries section:

cat $dir/temp3 | sed '/\b\(localhost\|local\)\b/d;/localhost.localdomain/d' | fgrep -vf $dir/whitelist.txt > $dir/hosts-adblock
NUMOFLINES=$(wc -l < "$dir/hosts-adblock")
printf "Duplicates removed: %s" "$(($TOTALLINES - $UNIQUELINES))"
printf "\nUnique ad domains blocked: %s" "$NUMOFLINES"

Example output:

admin@AC88U:/tmp/mnt/USB/adblocking/scripts# sh update-hosts.sh
www.thisshouldnotwork.com was NOT downloaded
1 - http://winhelp2002.mvps.org/hosts.txt downloaded
2 - http://someonewhocares.org/hosts/zero/hosts downloaded
3 - http://pgl.yoyo.org/adservers/serverlist.php?hostformat=hosts&showintro=0&startdate[day]=&startdate[month]=&startdate[year]=&mimetype=plaintext&useip=0.0.0.0 downloaded
4 - http://www.malwaredomainlist.com/hostslist/hosts.txt downloaded
5 - http://support.it-mate.co.uk/downloads/hosts.txt downloaded
6 - http://hosts-file.net/hphosts-partial.txt downloaded
7 - http://www.hosts-file.net/emd.txt downloaded
8 - http://hosts-file.net/grm.txt downloaded
9 - http://hosts-file.net/mmt.txt downloaded
10 - http://hosts-file.net/ad_servers.txt downloaded
11 - http://adaway.org/hosts.txt downloaded
12 - http://hosts-file.net/exp.txt downloaded
13 - http://hosts-file.net/fsa.txt downloaded
14 - http://hosts-file.net/hfs.txt downloaded
15 - http://hosts-file.net/hjk.txt downloaded
16 - http://hosts-file.net/pha.txt downloaded
17 - http://hosts-file.net/psh.txt downloaded
Duplicates removed: 374543
Unique ad domains blocked: 386813
Done.


Before the above, the first things I actually did were to setup update-whitelist.sh and update-blacklist.sh scripts so I could make modifications without having to wait for the files to download and other parts not needed from update-hosts.sh

I have an add-whitelist.sh script:

#!/bin/sh
dir=/tmp/mnt/USB/adblocking
sed -i '/^[[:blank:]]*$/d;s/\r$//' $dir/whitelist.txt
mv $dir/hosts-adblock $dir/hosts-adblock-temp
NOWL=$(wc -l < "$dir/hosts-adblock-temp")
cat $dir/hosts-adblock-temp | fgrep -vf $dir/whitelist.txt > $dir/hosts-adblock
NUMOFLINES=$(wc -l < "$dir/hosts-adblock")
WHITELISTED=$(($NOWL - $NUMOFLINES))
printf "$WHITELISTED additional domains whitelisted\nUnique ad domains currently blocked: %s" "$NUMOFLINES"
service restart_dnsmasq
rm $dir/hosts-adblock-temp
logger "EAZ updated the ad-blocker whitelist - $WHITELISTED additional domains whitelisted - currently $NUMOFLINES domains blocked"

This gives me:
- a quicker way to add whitelist entries
- an output to confirm the domains just added were actually on the blacklist to begin with
- an output of the total domains now blocked
- a log entry of the above two

Example output:

admin@AC88U:/tmp/mnt/USB/adblocking/scripts# sh add-whitelist.sh
2 additional domains whitelisted
Unique ad domains currently blocked: 386393
Done.

It should be noted that REMOVING domains from the whitelist file will only take effect after running update-hosts.sh

And finally, update-blacklist.sh:

#!/bin/sh
dir=/tmp/mnt/USB/adblocking
sed -i '/^[[:blank:]]*$/d;s/\r$//' $dir/blacklist.txt
NUMOFLINES=$(wc -l < "$dir/hosts-adblock")
NUMOFNAMESTEMP=$NUMOFLINES
printf "Unique ad domains blocked: %s\n" "$NUMOFLINES"
NUMOFLINES=$(cat $dir/blacklist.txt | sort -u | grep -c 10.0.0.1)
printf "Unique custom domains blocked: %s" "$NUMOFLINES"
NUMOFNAMES=$(($NUMOFLINES + $NUMOFNAMESTEMP))
service restart_dnsmasq
logger "EAZ updated the ad-blocker blacklist - currently $NUMOFLINES custom and $NUMOFNAMES ad domains blocked"

This gives me:
- a quicker way to add/remove blacklist entries
- an output of the total ad domains now blocked
- an output of the total custom/blacklist domains now blocked
- a log entry of the above two

Example output:

admin@AC88U:/tmp/mnt/USB/adblocking/scripts# sh update-blacklist.sh
Unique ad domains blocked: 386393
Unique custom domains blocked: 7
Done.


The only thing you should need to do to get the above scripts working on your router is to:
-create the /adblocking/db/ directory
-create the 'db' file within with your list of URLs
-change the value of dir variable to match your adblocking directory (add /db for find-domain.sh), you could pull this from the existing update-hosts file to get the value for your setup (run exact below from adblocking/scripts/):

cat update-hosts.sh | grep "dir="

And of course make them executable eg: chmod a+rx update-blacklist.sh

For the blacklist instead of 0.0.0.0 I use a private/unused IP outside of my local subnet, advantages this gives are:

- can grep the logs for this IP to see only blacklisted requests
- when some applications receive 0.0.0.0 this results in them constantly requesting the domain which is not desired (have logging on so every single request is logged)
- if the domain resolves and passes through the router it can be dropped with iptables or Network Services Filter, this typically means you should see a lot less name requests (depending on the application) which will make your log file a lot more readable and should be easier on resources

One other point to note is that the blacklist can be used for any custom name modification and also that clients can be excluded from all adblocking by being added to DNS-based Filtering (individually with Global Filter Mode set to No Filtering)

It would be great to see some of the new features included in future versions of AB-Solution and I would very much welcome any criticism/suggestions to improve the above scripts if there is a better way of doing things - thanks very much again.
 
@eaz Thanks a lot for your code improvements. I like the download check and the verbosity of it. I wanted to build in a download check as well but I can be impatient at times and left it as it is.
I'd like to reuse some of your code in the next version. Is that OK by you?
Your contribution will be mentioned in the code of course, as are the others that have so far.
 
Please do re-use, and change as it suits - you are most welcome and it would be an honour to be included.

My update-hosts.sh download section should also have 'rm -f $dir/db/*.txt' at the top, this means if you remove a URL from /db/db it won't store unnecessary files and ensures find-domain.sh will only search through files currently in use.

Eagerly awaiting the next version :)
 
@thelonelycoder, is possible when ab-solution do update once a week that i still have my router IP in adblock hosts? now when do update adblock hosts file goes to 0.0.0.0. and then pixelserv-tls not working corectly? where in your script can change 0.0.0.0 to my router IP?

ab_dnsmasq_postconf.sh
Code:
cru a UpdateHosts "00 02 * * 0 /tmp/mnt/sda1/adblocking/scripts/update-hosts.sh"
CONFIG=$1
source /usr/sbin/helper.sh
logger "AB-Solution added entries via ab_dnsmasq_postconf.sh"
pc_append "address=/0.0.0.0/0.0.0.0" $CONFIG
pc_append "ptr-record=0.0.0.0.in-addr.arpa,0.0.0.0" $CONFIG
pc_append "addn-hosts=/tmp/mnt/sda1/adblocking/hosts-adblock" $CONFIG
pc_append "addn-hosts=/tmp/mnt/sda1/adblocking/blacklist.txt" $CONFIG

update-hosts.sh
Code:
#!/bin/sh
# generated by AB-Solution 1.07

# set directory
dir=/tmp/mnt/sda1/adblocking

# removing blank, empty and Windows EOL in white- and blacklist
    sed -i '/^[[:blank:]]*$/d;s/\r$//' $dir/whitelist.txt
    sed -i '/^[[:blank:]]*$/d;s/\r$//' $dir/blacklist.txt

# get hosts files and combine
wget -qO- \
"http://winhelp2002.mvps.org/hosts.txt" \
"http://someonewhocares.org/hosts/zero/hosts" \
"http://pgl.yoyo.org/adservers/serverlist.php?hostformat=hosts&showintro=0&startdate[day]=&startdate[month]=&startdate[year]=&mimetype=plaintext&useip=0.0.0.0" \
"http://www.malwaredomainlist.com/hostslist/hosts.txt" \
"http://adaway.org/hosts.txt" \
"http://hosts-file.net/emd.txt" \
"http://hosts-file.net/ad_servers.txt" \
"http://hosts-file.net/grm.txt" \
"http://hosts-file.net/mmt.txt" \
> $dir/temp1

# amalgamate the hosts files, removing duplicates and sort in alphabetical order
cat $dir/temp1 | sed 's/127.0.0.1/0.0.0.0/g;s/\r$//' | grep -w ^0.0.0.0 | awk '{print $1 " " $2}' | sort -u > $dir/temp2
 

Similar threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top