Protection against VPN connections, Witopia, Hotspot Shield etc

Posted on 2009-05-21
Medium Priority
Last Modified: 2012-06-22
Given that it's hard to take the install applications rights away from my users, from their assigned workstations, what's the easiest mechanism to block connections initiated by Hotspot Shield and Witopia etc.

We have an internal proxy (webwasher) which is defined as proxy for all users and also have ASA 5520 beyond it. I need to define mechanism to detect and terminate the connections emanating off HotSpot Shield other VPNs off my workstations?

I can block launching of hotspot.exe from my GPO but user can easily bypass it by renaming the file.

Any other clues?
Question by:fahim
LVL 33

Assisted Solution

by:Dave Howe
Dave Howe earned 800 total points
ID: 24448511
usually they have a limited number of "must contact" IP addresses - those vary from app to app, but if you get a copy, install it, then see where it connects to, eventually you can access control list entries for them all, one by one, until the app stops connecting.
LVL 10

Accepted Solution

stsonline earned 1200 total points
ID: 24455246
Set up your ASA5520 to force all outbound HTTP/S traffic thru your webwasher proxy, then drop in a 'default deny' policy on the inside interface. This will effectively block all outbound connections unless you explicitly allow them in the ACL. Bear in mind this means you'll need to create new rules for approved services, and you need to review your business needs carefully to ensure you have everything opened you need for normal operations, but it will block these apps from 'phoning home'. You'll still have some get through, mainly those who use HTTP/S as a transport mechanism - but you'll get most of the junk.

Author Closing Comment

ID: 31583972
Would appreciate if one of you can host the latest HotSpot shield file somewhere so that I can evaluate the ports it uses.

Featured Post

Get 10% Off Your First Squarespace Website

Ready to showcase your work, publish content or promote your business online? With Squarespace’s award-winning templates and 24/7 customer service, getting started is simple. Head to Squarespace.com and use offer code ‘EXPERTS’ to get 10% off your first purchase.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Data security in the cloud is very much like a security in an on-premises data center - only without costs for maintaining facilities and computer hardware.
You do not need to be a security expert to make the RIGHT security. You just need some 3D guidance, to help lay out an action plan to secure your business operations. It does not happen overnight. You just need to start now and do the first thin…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

627 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question