Solved

Blocking Hotspotshield

Posted on 2011-02-28
7
2,593 Views
Last Modified: 2012-05-11
My Lan having  Sonicwall Pro 4100. How can I block hotspot shield running from my clients
0
Comment
Question by:samithsukumar
7 Comments
 
LVL 14

Expert Comment

by:mds-cos
ID: 35004208
1)  Find out what port hotspot shild uses.  If it does not use a unique port, you are going to have to identify something else unique about it that you can block.  From a quick google search, it appears that port 895 can be blocked.

2)  Set up a new rule to block that port -- but unlike your other rules apply this rule from the internal (trust) port to the external (untrust) port.  Be sure to position the deny rule BEFORE your default accept any any rule.
0
 
LVL 33

Expert Comment

by:MikeKane
ID: 35007974
Have a look at a previous question I worked on about Hotspot:
http://www.experts-exchange.com/Security/Software_Firewalls/Enterprise_Firewalls/Cisco_PIX_Firewall/Q_24839750.html

This will be tough since hotspot uses a VPN to a remote host whose IPs rotate frequently.      Look at that post and let me know if that helps you out.

0
 
LVL 3

Author Comment

by:samithsukumar
ID: 35204433
i read those above post

i am looking for the setting on my sonic to Disable IPSEC . so that i can prevent outbound VPN
0
 
LVL 62

Accepted Solution

by:
btan earned 500 total points
ID: 35225625
From this forum, it is shared that blocking Hotspot Shield (used UDP protocol) can be done simply by only allowing outgoing UDP for the ports needed, ie 53 and block the rest. This will prevent Hotspot from connecting to the VPN service. This is the whitelisting approach - allow the legit and known ones

http://forums.whirlpool.net.au/archive/1045253

As for the configuration of sonicwall, can check out this link. I did not manage to find out the actual configuration but thought this link is useful, we just need to create 2 access rules - allowed service to be port 53 and the rest are denied service.

@ http://www.fuzeqna.com/sonicwallkb/consumer/kbdetail.asp?kbid=5623
@ http://www.fuzeqna.com/sonicwallkb/consumer/kbdetail.asp?kbid=7606

Actually there is application firewall and control module for latest Gen 5 Sonicwall version but not applicable for your Gen 4 though

@ http://www.fuzeqna.com/sonicwallkb/consumer/kbdetail.asp?kbid=8533
@ http://www.fuzeqna.com/sonicwallkb/consumer/kbdetail.asp?kbid=8317
@ http://www.fuzeqna.com/sonicwallkb/consumer/kbdetail.asp?kbid=8182
0

Featured Post

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When you try to share a printer , you may receive one of the following error messages. Error message when you use the Add Printer Wizard to share a printer: Windows could not share your printer. Operation could not be completed (Error 0x000006…
This article will inform Clients about common and important expectations from the freelancers (Experts) who are looking at your Gig.
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question