Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Blocking Hotspotshield

Posted on 2011-02-28
7
Medium Priority
?
2,717 Views
Last Modified: 2012-05-11
My Lan having  Sonicwall Pro 4100. How can I block hotspot shield running from my clients
0
Comment
Question by:samithsukumar
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
7 Comments
 
LVL 14

Expert Comment

by:mds-cos
ID: 35004208
1)  Find out what port hotspot shild uses.  If it does not use a unique port, you are going to have to identify something else unique about it that you can block.  From a quick google search, it appears that port 895 can be blocked.

2)  Set up a new rule to block that port -- but unlike your other rules apply this rule from the internal (trust) port to the external (untrust) port.  Be sure to position the deny rule BEFORE your default accept any any rule.
0
 
LVL 33

Expert Comment

by:MikeKane
ID: 35007974
Have a look at a previous question I worked on about Hotspot:
http://www.experts-exchange.com/Security/Software_Firewalls/Enterprise_Firewalls/Cisco_PIX_Firewall/Q_24839750.html

This will be tough since hotspot uses a VPN to a remote host whose IPs rotate frequently.      Look at that post and let me know if that helps you out.

0
 
LVL 3

Author Comment

by:samithsukumar
ID: 35204433
i read those above post

i am looking for the setting on my sonic to Disable IPSEC . so that i can prevent outbound VPN
0
 
LVL 64

Accepted Solution

by:
btan earned 2000 total points
ID: 35225625
From this forum, it is shared that blocking Hotspot Shield (used UDP protocol) can be done simply by only allowing outgoing UDP for the ports needed, ie 53 and block the rest. This will prevent Hotspot from connecting to the VPN service. This is the whitelisting approach - allow the legit and known ones

http://forums.whirlpool.net.au/archive/1045253

As for the configuration of sonicwall, can check out this link. I did not manage to find out the actual configuration but thought this link is useful, we just need to create 2 access rules - allowed service to be port 53 and the rest are denied service.

@ http://www.fuzeqna.com/sonicwallkb/consumer/kbdetail.asp?kbid=5623
@ http://www.fuzeqna.com/sonicwallkb/consumer/kbdetail.asp?kbid=7606

Actually there is application firewall and control module for latest Gen 5 Sonicwall version but not applicable for your Gen 4 though

@ http://www.fuzeqna.com/sonicwallkb/consumer/kbdetail.asp?kbid=8533
@ http://www.fuzeqna.com/sonicwallkb/consumer/kbdetail.asp?kbid=8317
@ http://www.fuzeqna.com/sonicwallkb/consumer/kbdetail.asp?kbid=8182
0

Featured Post

Understanding Web Applications

Without even knowing it, most of us are using web applications on a daily basis. Gmail and Yahoo email, Twitter, Facebook, and eBay are used by most of us daily—and they are web applications. We often confuse these web applications tools for websites.  So, what is the difference?

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you’re involved with your company’s wide area network (WAN), you’ve probably heard about SD-WANs. They’re the “boy wonder” of networking, ostensibly allowing companies to replace expensive MPLS lines with low-cost Internet access. But, are they …
Make the most of your online learning experience.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question