Windows 10 Enterprise and 134.170.51.247

Discussion in 'privacy general' started by Rigz, Jun 19, 2016.

  1. Rigz

    Rigz Registered Member

    Joined:
    Jun 28, 2015
    Posts:
    65
    Location:
    Earth
    Last night I threw together a W10 Enterprise installation, started up Wireshark, went to bed, and let it run for around 10 hours. Around 4am there was a lot of chatter from 134.170.51.247. http://whois.domaintools.com/134.170.51.247

    Everything has been disabled in Start -> Settings -> Privacy. I've also stopped, and disabled services like Connected User Experiences and Telemetry, error reporting, etc., and modified the appropriate group policy and registry entries.

    Does anyone know what "feature" 134.170.51.247 is attached to? Is just an update server for patches, or something else?

    As far as I know Microsoft has always maintained that with Enterprise edition comes the ability to completely disable undesirable communications. I'm already finding that although it looks like quite a bit can be disabled it isn't as quick as hitting a toggle since so far it has involved disabling services, and changing registry entries. Yet even with that 134.170.51.247 persists.
     
  2. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    5,056
    IDK, but you can stop Windows update service and see if it goes away.

    Thanks for sharing your findings and please keep us up to date if you find something interesting.
     
  3. Rigz

    Rigz Registered Member

    Joined:
    Jun 28, 2015
    Posts:
    65
    Location:
    Earth
    I haven't had anymore instances of that IP address, however after the running the KB3163018 update the DWORD value I added to the registry to disable Telemetry was removed resulting in "Diagnostic and usage data" (Start -> Settings -> Privacy -> Feedback & diagnostics) being changed back to "Basic" instead of being grayed out and blank.
     
Loading...