Whitelist Windows Update Servers

3

I have a router that supports white listing by website domain name. I have a Windows 7 machine that I would like to allow my young kids to use for accessing a selection of white-listed websites. Is it possible to also white list Microsoft's update servers to keep the OS up-to-date?

Could the advice in this answer be followed in reverse? Does anyone know if this list of domain names is still accurate?

user3692971

Posted 2015-08-17T17:43:54.023

Reputation: 33

Is your router blocking windows update ? Better you check if your router allows blacklisting websites – pun – 2015-08-17T18:37:25.137

@The_IT_Guy_You_Don't_Like With white listing enabled and nothing in the white list, I believe that it is blocking everything including Windows updates for that machine. Blacklisting is supported by the router but at this point my preference was to only allow specific websites. – user3692971 – 2015-08-17T19:49:30.873

Answers

0

Try this at: http://www.pcsympathy.com/2015/08/16/list-of-windows-10-phone-home-domains/

For updates, leave these whitelisted:

download.windowsupdate.com  -w7 xp
update.microsoft.com    - w7 xp
sls.update.microsoft.com.akadns.net - w8.1
vortex.data.microsoft.com   - w8.1
vortex-win.data.microsoft.com   - w8.1
fe2.update.microsoft.com.akadns.net - w8.1
statsfe2.update.microsoft.com.akadns.net    -w8.1 not required at the moment ?

foresthus

Posted 2015-08-17T17:43:54.023

Reputation: 16

I cannot believe that Microsoft does not publish a list of their update servers to make this very thing possible. Without an official source, this will have to do. Thanks! – user3692971 – 2015-11-06T18:21:14.190

0

Microsoft keeps a list with wildcards at https://technet.microsoft.com/en-us/library/bb693717.aspx

There are however quite a lot of routers that do not allow wildcards, or call "http", "https" and "www" all URL-prefixes.

So in practice this is quite a bit of fiddling and a free tool like DNS Query Sniffer can help: https://www.nirsoft.net/utils/dns_query_sniffer.html

Basically you:

  1. unblock your firewall
  2. run the DNS Query Sniffer tool
  3. let Windows Update do its work
  4. note the domain names used
  5. whitelist those for the next time
  6. block your firewall

Repeat these steps as soon as Windows Update fails.

Jeroen Wiert Pluimers

Posted 2015-08-17T17:43:54.023

Reputation: 2 373

Asked: 2015-08-17T17:43:54.023

Viewed: 7 077 times

Active: 2018-04-20T09:13:28.043