Solved

Blocking Hotspotshield

Posted on 2011-02-28
7
2,545 Views
Last Modified: 2012-05-11
My Lan having  Sonicwall Pro 4100. How can I block hotspot shield running from my clients
0
Comment
Question by:samithsukumar
7 Comments
 
LVL 14

Expert Comment

by:mds-cos
Comment Utility
1)  Find out what port hotspot shild uses.  If it does not use a unique port, you are going to have to identify something else unique about it that you can block.  From a quick google search, it appears that port 895 can be blocked.

2)  Set up a new rule to block that port -- but unlike your other rules apply this rule from the internal (trust) port to the external (untrust) port.  Be sure to position the deny rule BEFORE your default accept any any rule.
0
 
LVL 33

Expert Comment

by:MikeKane
Comment Utility
Have a look at a previous question I worked on about Hotspot:
http://www.experts-exchange.com/Security/Software_Firewalls/Enterprise_Firewalls/Cisco_PIX_Firewall/Q_24839750.html

This will be tough since hotspot uses a VPN to a remote host whose IPs rotate frequently.      Look at that post and let me know if that helps you out.

0
 
LVL 3

Author Comment

by:samithsukumar
Comment Utility
i read those above post

i am looking for the setting on my sonic to Disable IPSEC . so that i can prevent outbound VPN
0
 
LVL 61

Accepted Solution

by:
btan earned 500 total points
Comment Utility
From this forum, it is shared that blocking Hotspot Shield (used UDP protocol) can be done simply by only allowing outgoing UDP for the ports needed, ie 53 and block the rest. This will prevent Hotspot from connecting to the VPN service. This is the whitelisting approach - allow the legit and known ones

http://forums.whirlpool.net.au/archive/1045253

As for the configuration of sonicwall, can check out this link. I did not manage to find out the actual configuration but thought this link is useful, we just need to create 2 access rules - allowed service to be port 53 and the rest are denied service.

@ http://www.fuzeqna.com/sonicwallkb/consumer/kbdetail.asp?kbid=5623
@ http://www.fuzeqna.com/sonicwallkb/consumer/kbdetail.asp?kbid=7606

Actually there is application firewall and control module for latest Gen 5 Sonicwall version but not applicable for your Gen 4 though

@ http://www.fuzeqna.com/sonicwallkb/consumer/kbdetail.asp?kbid=8533
@ http://www.fuzeqna.com/sonicwallkb/consumer/kbdetail.asp?kbid=8317
@ http://www.fuzeqna.com/sonicwallkb/consumer/kbdetail.asp?kbid=8182
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

Suggested Solutions

Transferring data across the virtual world became simpler but protecting it is becoming a real security challenge.  How to approach cyber security  in today's business world!
ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

9 Experts available now in Live!

Get 1:1 Help Now