Reply to post: Blocking Microshaft - that's what you think

Microsoft accused of sharing data of Office 365 business subscribers with Facebook and its app devs


Blocking Microshaft - that's what you think

Going off at a tangent - I run a Windows 10 Pro (2004) VM on my Linux Mint desktop. I also run a pfsense firewall with the pfblockerNG package installed.

Obviously I have blocked Microsoft at a DNS level but have also blocked all Microsoft ASN I can find (25 so far). I will allow access to Microshaft but only when I decide its appropriate (eg Windows update check) otherwise the VM Win 10 client is blocked.

As soon as I booted the Windows 10 VM this afternoon pfsense reported that it tried to establish a connection (443) to these IP's

Whois shows they are both Microshaft

NetRange: -


NetName: MSFT

NetHandle: NET-52-96-0-0-1

Parent: NET52 (NET-52-0-0-0-0)

NetType: Direct Assignment


Organization: Microsoft Corporation (MSFT)

RegDate: 2015-11-24

Updated: 2015-11-24



You may block Microsfaft at an DNS level but it appears to have some hard coding for IP addresses to circumvent this.

As I am somewhat neurotic I operate a similar ASN policy for Facebook. Google, Oracle, Adobe, Yahoo. Twitter, Telegram and Amazon. It can be a bit wearing at times but at least I decide who has access to what.

Whilst I am only a home user I also operate a default block outbound policy on pfsense - stops any IOT devices phoning home unless specifically authorised.

Think I'll go for a lie down now ....

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon