[Samba] snooping windows 10 - how to stop it on a linux gateway?
Karel Lang AFD
lang at afd.cz
Sat Mar 5 13:02:26 UTC 2016
Hi all,
guys, first and foremost, i apologize, as this is not really about
samba, but i'm basically at 'ground zero' with windows 10 and how to
stop them from snooping information of the LAN PC windows users.
And i know there is some great people with windows network understanding
here on list, that is why i ask here, so please don't stone me :-)
I think everyone heard already about how windows 10 badly treat its
users privacy (and recently i learned those 'great' features are now
backported even to windows 7 so..).
I'm now thinking about a way howto stop a windows 10 sending these data
mining results to a microsoft telemetry servers and filter it on our
linux gateway.
I think it could be (maybe?) done via DPI (deep packet inspection). I
similarly filter torrent streams on our linux gateway - i use patched
standard Scientific linux 6 kernel with 'xtables' (ipp2p enhancement)
and it is working extremely well.
Also people from scientific linux community suggested it might be
filtered via transparent https proxy.
Also, i read (not sure if true) that some DNS resolutions to M$ servers
are even 'hardwired' via some .dll library, so it makes it even harder.
I'm no windows expert, but i'm and unix administrator concerned about
privacy of windows desktop/laptop users sitting inside my LAN.
The point of what i'd like to do, is to come up is some general idea, be
it iptables rules, or general proxy solution, rather than blocking
specific IP addresses or names, because, apparently they may change in
any incoming windows update ...
Anyone gave this thought already? Anyone else's concerned the way i am?
cheers
--
*Karel Lang*
*Unix/Linux Administration*
lang at afd.cz | +420 731 13 40 40
AUFEER DESIGN, s.r.o. | www.aufeerdesign.cz
More information about the samba
mailing list