natecohen/microsoft-ips

本仓库提供多种格式的 Microsoft 拥有的 IP 地址范围和服务端点域名文本文件列表，适用于防火墙或 DNS 分类等软件。 对于某些类别，结果按端点进行划分，包括全球版、美国政府版 DoD、美国政府版 GCC High 和中国版 (21Vianet)。 有些可能会按服务进一步细分，并包含一个含有合并值的“All”子文件夹。 ## 格式 - 包含通配符的 FQDN - 不包含通配符的 FQDN - CIDR 表示法的 IPv4/IPv6 混合网络 - CIDR 表示法的 IPv6 网络 - CIDR 表示法的 IPv4 网络 ## 来源 ### 动态抓取来源 - `microsoft-365` - https://learn.microsoft.com/en-us/microsoft-365/enterprise/microsoft-365-endpoints - `azure` - https://azureipranges.azurewebsites.net/Home/About - `office-mac` - https://learn.microsoft.com/en-us/microsoft-365/enterprise/network-requests-in-office-2016-for-mac - `windows-11` - https://learn.microsoft.com/en-us/windows/privacy/manage-windows-11-endpoints - `entra-connect` - https://learn.microsoft.com/en-us/entra/identity/hybrid/connect/tshoot-connect-connectivity - 由于缺乏 Markdown 源，未包含中国 21Vianet 端点 - https://docs.azure.cn/zh-cn/entra/identity/hybrid/connect/tshoot-connect-connectivity - `entra-connect-health` - https://learn.microsoft.com/en-us/entra/identity/hybrid/connect/how-to-connect-health-agent-install - `windows-autopilot` - https://learn.microsoft.com/en-us/autopilot/requirements?tabs=networking - `power-bi` - https://learn.microsoft.com/en-us/fabric/security/power-bi-allow-list-urls ### 手动添加来源 - `wsus` - https://learn.microsoft.com/en-us/windows-server/administration/windows-server-update-services/deploy/2-configure-wsus#21-configure-network-connections - `microsoft-365-additional` - https://learn.microsoft.com/en-us/microsoft-365/enterprise/additional-office365-ip-addresses-and-urls - `skype-business-hybrid-and-meetings` - https://learn.microsoft.com/en-us/microsoftteams/troubleshoot/teams-sign-in/sign-in-loop - https://learn.microsoft.com/en-us/skypeforbusiness/plan-your-deployment/clients-and-devices/minimum-network-requirements - `azure-mfa-server` - https://learn.microsoft.com/en-us/entra/identity/authentication/howto-mfaserver-deploy - `copilot` - https://learn.microsoft.com/en-us/copilot/microsoft-365/microsoft-365-copilot-requirements ### 未涵盖来源 - [Intune](https://learn.microsoft.com/en-us/intune/intune-service/fundamentals/intune-endpoints) - [Intune 中国版](https://learn.microsoft.com/en-us/intune/intune-service/fundamentals/china-endpoints) - [Configuration Manager](https://learn.microsoft.com/en-us/intune/configmgr/core/plan-design/network/internet-endpoints) - [Windows Autopatch](https://learn.microsoft.com/en-us/windows/deployment/windows-autopatch/prepare/windows-autopatch-configure-network) - [Microsoft Edge](https://learn.microsoft.com/en-us/deployedge/microsoft-edge-security-endpoints) - [Defender for Endpoint](https://learn.microsoft.com/en-us/defender-endpoint/configure-environment) - [Defender for Cloud Apps](https://learn.microsoft.com/en-us/defender-cloud-apps/network-requirements) - [Azure Virtual Desktop](https://learn.microsoft.com/en-us/azure/virtual-desktop/required-fqdn-endpoint) - [Windows 365](https://learn.microsoft.com/en-us/windows-365/enterprise/requirements-network) - [Azure Arc](https://learn.microsoft.com/en-us/azure/azure-arc/network-requirements-consolidated) - [Microsoft 365 第三方服务](https://learn.microsoft.com/en-us/microsoft-365/enterprise/managing-office-365-endpoints?view=o365-worldwide#why-do-i-see-names-such-as-nsatcnet-or-akadnsnet-in-the-microsoft-domain-names) - [Microsoft Ajax CDN](https://learn.microsoft.com/en-us/microsoft-365/enterprise/content-delivery-networks?view=o365-worldwide#microsoft-ajax-cdn) 您可能会发现 Windows 尝试直接通过 IP 连接进行更新。那些属于 [ISP 版 Microsoft Connected Cache](https://techcommunity.microsoft.com/t5/windows-it-pro-blog/microsoft-connected-cache-for-isps-microsoft-s-distributed-cdn/ba-p/3891604) 的部分未发布。 ## 相关项目 - https://github.com/blrchen/azure-ip-lookup

标签：Azure, Beacon Object File, CIDR, DNS分类, FQDN, IP地址列表, IP 地址批量处理, Linux安全, MacOS取证, Microsoft 365, TGT, VX技术, Windows 11, 域名列表, 威胁情报, 开发者工具, 微软, 攻防演练, 数字取证, 流量控制, 混合云, 白名单管理, 端点安全, 系统管理员, 网络安全, 网络过滤, 网络配置, 自动化脚本, 补丁管理, 防火墙白名单, 隐私保护