home bbs files messages ]

Forums before death by AOL, social media and spammers... "We can't have nice things"

   alt.msdos.batch      Fun with MS-DOS batch files      42,547 messages   

[   << oldest   |   < older   |   list   |   newer >   |   newest >>   ]

   Message 42,523 of 42,547   
   Marion to All   
   Re: Tutorial: Build a one-click Windows    
   17 Oct 25 05:40:54   
   
   XPost: alt.comp.os.windows-10, alt.comp.os.windows-11   
   From: marionf@fact.com   
      
   UPDATE   
      
   Q: How would Microsoft Windows Update know my IP address?   
   A: It can't. It only sees the proxy. Or VPN. But not my real IP address.   
      
   Whew! Good news.   
   Windows Update was NOT seeing my real IP as tested thoroughly   
   in multiple ways in the attached script that I wrote today.   
      
   Using the existing psiphon.bat starter, the Windows Update Service   
   (wuauserv) was is always flowing through the proxy service.   
      
   This is how to tell if Windows Update is CONFIGURED to use the proxy.   
      
   Win+R > cmd {ctrl+shft+rtn}   
    C:\> netsh winhttp show proxy   
      
   a. If it shows this, Windows Update is going straight out to the internet:   
      Direct access (no proxy server)   
   b. If it shows something like this, Windows Update is using the proxy:   
      Proxy Server(s) :  http=127.0.0.1:8080;https=127.0.0.1:8080   
      
   Mine showed this (when Psiphon is running):   
    Current WinHTTP proxy settings:   
   Proxy Server(s) :   
   http=127.0.0.1:3095;https=127.0.0.1:3095;socks=127.0.0.1:1080   
   Bypass List     :   
   ;10.*;172.16.*;172.17.*;172.18.*;172.19.*;172.20.*;172.21   
   *;172.22.*;172.23.*;172.24.*;172.25.*;172.26.*;172.27.*;172.28.*   
   172.29.*;172.30.*;172.31.*;192.168.*;169.254.*;[fc*];[fd*];[fe8*   
   [fe9*];[fea*];[feb*]   
      
   Regarding: http=127.0.0.1:3095;https=127.0.0.1:3095   
   This means WinHTTP (and therefore Windows Update) is configured to send all   
   HTTP and HTTPS traffic through a local proxy listening on port 3095.   
      
   Regarding: socks=127.0.0.1:1080   
   Unfortunately, even though there is a socks line, WinHTTP does not support   
   SOCKS. It will ignore that part. Only the HTTP/HTTPS entries matter.   
      
   Regarding: ;10.*;172.16.* ¡K 192.168.*;169.254.*;[fc*];[fd*];[fe*]   
   This means private/internal addresses are excluded from the proxy.   
      
   This is how to tell if Windows Update is actually USING the proxy!   
      
   Set up two windows, one of which is an admin window for Powershell:   
   Trigger a Windows Update scan manually in the Powershell admin window.   
    PS:> usoclient StartScan   
   Trigger a scan to watch port 3095 while that's running:   
    C:\> netstat -ano | findstr :3095   
     TCP    127.0.0.1:3095         0.0.0.0:0              LISTENING       9452   
     TCP    127.0.0.1:3095         127.0.0.1:3151         ESTABLISHED     9452   
     TCP    127.0.0.1:3143         127.0.0.1:3095         TIME_WAIT       0   
     TCP    127.0.0.1:3144         127.0.0.1:3095         TIME_WAIT       0   
     TCP    127.0.0.1:3145         127.0.0.1:3095         TIME_WAIT       0   
     TCP    127.0.0.1:3151         127.0.0.1:3095         ESTABLISHED     9108   
      
   Rather than race the clock, we can run the netstat every second first.   
    C:\> netstat -ano 1 | findstr :3095   
      
   I tested Windows Update which is using the proxy as we would want it to   
   with Psiphon (even with the PAC file set which blocks microsoft.com).   
      
   On purpose, I waited to see what would happen when Microsoft stopped   
   updating Windows 10, and specifically if a free ESU would be offered.   
      
   At midnight, on October 14th to 15th, I watched Windows Update finish &   
   show this prompt to get the ESU if I create an MSA & set up a backup.   
       
      
   I have NOT created the MSA yet, because it takes about a month on TOR to   
   get ProtonMail to reliably accept verification emails (ask me how I know   
   that, where ProtonMail will permanently disable verifications if you rush).   
      
   In the interim, I wrote up my best guess as to the absolute bare minimum a   
   user in the USA would need to do in order to qualify for the free ESU.   
     *Tutorial:*   
    *How to set up Windows 10 free ESU using bare-minimum requirements*   
       
      
   With that done, what's left is to create a private email on TOR   
   which doesn't ask for another email or for a phone number to create   
   and use it for about a month with "normal-looking traffic.   
      
   Then I can create the MSA account.   
   But in the interim, I need to keep Microsoft from seeing my real IP   
   during the Windows Update process (which uses WinHTTP when proxied).   
      
   Strategy:   
   a. Microsoft does NOT get your real IP address   
   b. Microsoft does not get any information from your email address MSA   
      
   For that strategy, you can be on VPN all the time, but a proxy is faster.   
   Much faster. And you can always tack on the VPN before or after the proxy.   
      
   Since I already have the psiphon.bat script starting the proxy, I wrote and   
   tested the script below, which "could" run the Windows Update but I   
   hesitated to allow the script itself to run the Windows Update from inside   
   the script because then it would only work on a system that has added   
   specific PowerShell compoents (necessary to run the Windows Update).   
      
   Instead, I made the script need an OUTSIDE manual call to the Windows   
   Update GUI (which is the most reliable way & still be compatible for   
   everyone).   
      
   Below is the script that I tested on my machine to check if Windows Update   
   is getting my real IP address, or the Psiphon proxy IP address instead.   
      
   The use model is simple:   
   a. Run the script   
   b. While the script is running, manually run a Windows Update check   
   c. Kill the script   
      
   The log file will look something like this if your proxy is trapping calls.   
     ==============================================   
     [Thu 10/16/2025  6:01:07.59] Starting scan   
     [Thu 10/16/2025  6:01:07.63] PID=9452 Proc=psiphon-tunnel-core.exe   
     [Thu 10/16/2025  6:01:07.82] monitoring...   
     [Thu 10/16/2025  6:01:12.22] PID=0 Proc=System   
     [Thu 10/16/2025  6:01:12.22] *** WINDOWS UPDATE HIT *** PID=5712   
   Proc=svchost.exe   
     [Thu 10/16/2025  6:01:12.22] PID=9452 Proc=psiphon-tunnel-core.exe   
     [Thu 10/16/2025  6:01:12.22] PID=9452 Proc=psiphon-tunnel-core.exe   
     [Thu 10/16/2025  6:01:15.31] monitoring...   
     [Thu 10/16/2025  6:01:20.16] PID=0 Proc=System   
     [Thu 10/16/2025  6:01:20.16] *** WINDOWS UPDATE HIT *** PID=5712   
   Proc=svchost.exe   
     [Thu 10/16/2025  6:01:20.16] PID=9452 Proc=psiphon-tunnel-core.exe   
     [Thu 10/16/2025  6:01:20.16] PID=9452 Proc=psiphon-tunnel-core.exe   
     [Thu 10/16/2025  6:01:22.87] monitoring...   
     [Thu 10/16/2025  6:01:27.15] PID=0 Proc=System   
     [Thu 10/16/2025  6:01:27.15] *** WINDOWS UPDATE HIT *** PID=5712   
   Proc=svchost.exe   
     [Thu 10/16/2025  6:01:27.15] PID=9452 Proc=psiphon-tunnel-core.exe   
     [Thu 10/16/2025  6:01:27.15] PID=9452 Proc=psiphon-tunnel-core.exe   
     [Thu 10/16/2025  6:01:29.89] monitoring...   
     [Thu 10/16/2025  6:01:34.18] PID=0 Proc=System   
     [Thu 10/16/2025  6:01:34.18] PID=0 Proc=System   
     [Thu 10/16/2025  6:01:34.18] PID=0 Proc=System   
     [Thu 10/16/2025  6:01:34.18] PID=9452 Proc=psiphon-tunnel-core.exe   
     [Thu 10/16/2025  6:01:34.61] monitoring...   
      
   [continued in next message]   
      
   --- SoupGate-Win32 v1.05   
    * Origin: you cannot sedate... all the things you hate (1:229/2)   

[   << oldest   |   < older   |   list   |   newer >   |   newest >>   ]


(c) 1994,  bbs@darkrealms.ca