Update hosts for extra, spy and update rules

Update IPs for extra, spy and update rules

Author: crazy-max

README.md

@@ -40,11 +40,6 @@ Tools used to capture traffic :
 * [Sysmon](../../wiki/appDevSysmon) : capture + logs
 * [Proxifier](../../wiki/devProxifier) : logs
 
-All traffic events are available in the `logs` folder :
-
-* `*-hosts-count.csv` : number of events per host
-* `*-unique.csv` : first trigger of an event per host / process / destination port
-
 The `data` folder contains the blocking rules based on domains or IPs detected during the capture process :
 
 * `data/<type>/extra.txt` : Block third party applications

app/bindata/bindata.go

@@ -60,7 +60,7 @@ func testIpsByRule(rule string) {
 
 	testCsv := path.Join(pathu.Logs, fmt.Sprintf("firewall-test-%s.csv", rule))
 
-	fmt.Printf("Get IPs for %s %s... ", rule)
+	fmt.Printf("Get IPs for %s... ", rule)
 	fwIps, err := data.GetFirewallIpsByRule(rule)
 	if err != nil {
 		print.Error(err)

app/cmds/dev/firewall/firewall.go

@@ -1,12 +1,19 @@
 *.2mdn.net
+*.appex-rf.msn.com
 *.messenger.live.com
 *.msedge.net
 *.msftncsi.com
+*.services.appex.bing.com
 *.smartscreen.microsoft.com
+*.tile.appex.bing.com
 *.vo.msecnd.net
 *.weather.microsoft.com
 *.xboxlive.com
+activation-v2.sls.microsoft.com
+activation.sls.microsoft.com
 answers.microsoft.com
+api.bing.com
+appex-rf.msn.com
 apps.skype.com
 candycrushsoda.king.com
 cdn.content.prod.cms.msn.com
@@ -15,36 +22,53 @@ choice.microsoft.com
 choice.microsoft.com.nsatc.net
 client.wns.windows.com
 clientconfig.passport.net
+co2.sls.microsoft.com
+crl.microsoft.com
 deploy.static.akamaitechnologies.com
 dmd.metaservices.microsoft.com
 feedback.microsoft-hohm.com
 feedback.search.microsoft.com
 feedback.windows.com
+g.bing.com
 g.live.com
+global.sam.msn.com
 iecvlist.microsoft.com
 img-s-msn-com.akamaized.net
+img.stb.s-msn.com
 insiderppe.cloudapp.net
 insiderservice.microsoft.com
 licensing.mp.microsoft.com
 login.live.com
 m.hotmail.com
 mediaredirect.microsoft.com
 msftncsi.com
+next-services.apps.microsoft.com
 officeclient.microsoft.com
 oneclient.sfx.ms
+otf.msn.com
 pricelist.skype.com
 pti.store.microsoft.com
 query.prod.cms.rt.microsoft.com
+r20swj13mr.microsoft.com
 register.cdpcs.microsoft.com
 search.msn.com
 storage.live.com
 store-images.s-microsoft.com
 storeedgefd.dsx.mp.microsoft.com
 support.microsoft.com
+t.urs.microsoft.com
 time.windows.com
 tk2.plt.msn.com
+uhf.microsoft.com
 ui.skype.com
+urs.microsoft.com
+validation-v2.sls.microsoft.com
+validation.sls.microsoft.com
 wdcp.microsoft.com
 wdcpalt.microsoft.com
 wscont.apps.microsoft.com
-www.msftconnecttest.com
+wscont.apps.microsoft.com.edgesuite.net
+wscont1.apps.microsoft.com
+wscont2.apps.microsoft.com
+www.msftconnecttest.com
+www.windowssearch.com

data/dnscrypt/extra.txt

@@ -20,6 +20,7 @@
 a-msedge.net
 ac3.msn.com
 activity.windows.com
+adl.windows.com
 adnexus.net
 adnxs.com
 ads.msn.com
@@ -84,21 +85,106 @@ by3301-c.1drv.com
 by3301-e.1drv.com
 c.msn.com
 cache.datamart.windows.com
+cds1143.lon.llnw.net
+cds1203.lon.llnw.net
 cds1204.lon.llnw.net
+cds1209.lon.llnw.net
+cds1219.lon.llnw.net
+cds1228.lon.llnw.net
+cds1244.lon.llnw.net
+cds1257.lon.llnw.net
+cds1265.lon.llnw.net
+cds1269.lon.llnw.net
+cds1273.lon.llnw.net
+cds1285.lon.llnw.net
+cds1287.lon.llnw.net
 cds1289.lon.llnw.net
 cds1293.lon.llnw.net
+cds1307.lon.llnw.net
+cds1310.lon.llnw.net
+cds1325.lon.llnw.net
 cds1327.lon.llnw.net
+cds177.dus.llnw.net
+cds20005.stn.llnw.net
+cds20404.lcy.llnw.net
+cds20411.lcy.llnw.net
+cds20415.lcy.llnw.net
+cds20416.lcy.llnw.net
 cds20417.lcy.llnw.net
+cds20424.lcy.llnw.net
+cds20425.lcy.llnw.net
 cds20431.lcy.llnw.net
+cds20435.lcy.llnw.net
+cds20440.lcy.llnw.net
+cds20443.lcy.llnw.net
+cds20445.lcy.llnw.net
 cds20450.lcy.llnw.net
+cds20452.lcy.llnw.net
 cds20457.lcy.llnw.net
+cds20461.lcy.llnw.net
+cds20469.lcy.llnw.net
 cds20475.lcy.llnw.net
+cds20482.lcy.llnw.net
+cds20485.lcy.llnw.net
+cds20495.lcy.llnw.net
+cds21205.lon.llnw.net
+cds21207.lon.llnw.net
+cds21225.lon.llnw.net
+cds21229.lon.llnw.net
+cds21233.lon.llnw.net
+cds21238.lon.llnw.net
 cds21244.lon.llnw.net
+cds21249.lon.llnw.net
+cds21256.lon.llnw.net
+cds21257.lon.llnw.net
+cds21258.lon.llnw.net
+cds21261.lon.llnw.net
+cds21267.lon.llnw.net
+cds21278.lon.llnw.net
+cds21281.lon.llnw.net
+cds21293.lon.llnw.net
+cds21309.lon.llnw.net
+cds21313.lon.llnw.net
+cds21321.lon.llnw.net
 cds299.lcy.llnw.net
+cds308.lcy.llnw.net
+cds310.lcy.llnw.net
+cds320.lcy.llnw.net
+cds333.lcy.llnw.net
+cds334.lcy.llnw.net
+cds335.lcy.llnw.net
+cds339.lcy.llnw.net
+cds344.lcy.llnw.net
 cds405.lcy.llnw.net
+cds406.lcy.llnw.net
+cds407.fra.llnw.net
+cds416.lcy.llnw.net
+cds421.lcy.llnw.net
+cds422.lcy.llnw.net
 cds425.lcy.llnw.net
+cds426.lcy.llnw.net
+cds447.lcy.llnw.net
+cds458.lcy.llnw.net
 cds459.lcy.llnw.net
+cds461.lcy.llnw.net
+cds468.lcy.llnw.net
+cds469.lcy.llnw.net
+cds471.lcy.llnw.net
+cds483.lcy.llnw.net
+cds484.lcy.llnw.net
+cds489.lcy.llnw.net
+cds493.lcy.llnw.net
 cds494.lcy.llnw.net
+cds812.lon.llnw.net
+cds815.lon.llnw.net
+cds818.lon.llnw.net
+cds832.lon.llnw.net
+cds836.lon.llnw.net
+cds840.lon.llnw.net
+cds843.lon.llnw.net
+cds857.lon.llnw.net
+cds868.lon.llnw.net
+cds869.lon.llnw.net
 cds965.lon.llnw.net
 ch1-cor001.api.p001.1drv.com
 ch1-cor002.api.p001.1drv.com
@@ -114,6 +200,8 @@ cp101-prod.do.dsp.mp.microsoft.com
 cp201-prod.do.dsp.mp.microsoft.com
 cp401-prod.do.dsp.mp.microsoft.com
 cs1.wpc.v0cdn.net
+cy2.settings.data.microsoft.com.akadns.net
+db5.settings.data.microsoft.com.akadns.net
 diagnostics.support.microsoft.com
 disc101-prod.do.dsp.mp.microsoft.com
 disc201-prod.do.dsp.mp.microsoft.com
@@ -122,7 +210,9 @@ flex.msn.com
 fs.microsoft.com
 g.msn.com
 geo-prod.do.dsp.mp.microsoft.com
+geo.settings.data.microsoft.com.akadns.net
 geover-prod.do.dsp.mp.microsoft.com
+gwx.windows.com
 h1.msn.com
 h2.msn.com
 hk2.wns.windows.com
@@ -246,6 +336,7 @@ survey.watson.microsoft.com
 telemetry.appex.bing.net
 telemetry.microsoft.com
 telemetry.urs.microsoft.com
+teredo.ipv6.microsoft.com
 test.activity.windows.com
 tsfe.trafficshaping.dsp.mp.microsoft.com
 version.hybrid.api.here.com
@@ -257,4 +348,5 @@ vortex.data.microsoft.com
 watson.live.com
 watson.microsoft.com
 win10.ipv6.microsoft.com
-win1710.ipv6.microsoft.com
+win1710.ipv6.microsoft.com
+win8.ipv6.microsoft.com

data/dnscrypt/spy.txt

@@ -277,6 +277,7 @@ db6sch102091606.wns.windows.com
 db6sch102091607.wns.windows.com
 displaycatalog.mp.microsoft.com
 download.microsoft.com
+fe2.wq.microsoft.com
 microsoftwindowsupdate.net
 windowsupdate.com
 windowupdate.org

data/dnscrypt/update.txt

@@ -1,14 +1,19 @@
-### firewall extra (07/05/2018 02:26)
+### firewall extra (02/06/2018 22:32)
 ### More info: https://github.com/crazy-max/WindowsSpyBlocker
 
+13.78.235.126
+13.78.235.247
 13.79.239.69
 13.79.239.82
 13.80.12.54
 13.107.3.128
+13.107.3.254
 13.107.5.80
 13.107.5.88
 13.107.13.88
 13.107.21.200
+13.107.46.88
+13.107.47.88
 23.96.52.53
 23.96.208.208
 23.97.178.173
@@ -39,6 +44,7 @@
 52.164.191.55
 52.164.227.208
 52.166.110.64
+52.166.110.215
 52.166.120.77
 52.169.71.150
 52.170.194.77
@@ -64,6 +70,7 @@
 65.52.108.153
 65.52.108.154
 65.52.108.185
+65.55.130.50
 65.55.223.0-65.55.223.255
 65.55.252.43
 104.40.210.32
@@ -76,6 +83,7 @@
 104.214.77.221
 104.215.146.200
 131.253.61.0-131.253.61.255
+134.170.178.97
 134.170.185.70
 134.170.188.248
 137.117.235.16
@@ -92,6 +100,7 @@
 157.55.134.140
 157.55.135.128
 157.55.135.130
+157.56.57.5
 168.63.18.79
 191.232.139.2
 191.237.208.126