Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Blocking Hotspotshield

Posted on 2011-02-28
7
Medium Priority
?
2,735 Views
Last Modified: 2012-05-11
My Lan having  Sonicwall Pro 4100. How can I block hotspot shield running from my clients
0
Comment
Question by:samithsukumar
7 Comments
 
LVL 14

Expert Comment

by:mds-cos
ID: 35004208
1)  Find out what port hotspot shild uses.  If it does not use a unique port, you are going to have to identify something else unique about it that you can block.  From a quick google search, it appears that port 895 can be blocked.

2)  Set up a new rule to block that port -- but unlike your other rules apply this rule from the internal (trust) port to the external (untrust) port.  Be sure to position the deny rule BEFORE your default accept any any rule.
0
 
LVL 33

Expert Comment

by:MikeKane
ID: 35007974
Have a look at a previous question I worked on about Hotspot:
http://www.experts-exchange.com/Security/Software_Firewalls/Enterprise_Firewalls/Cisco_PIX_Firewall/Q_24839750.html

This will be tough since hotspot uses a VPN to a remote host whose IPs rotate frequently.      Look at that post and let me know if that helps you out.

0
 
LVL 3

Author Comment

by:samithsukumar
ID: 35204433
i read those above post

i am looking for the setting on my sonic to Disable IPSEC . so that i can prevent outbound VPN
0
 
LVL 65

Accepted Solution

by:
btan earned 2000 total points
ID: 35225625
From this forum, it is shared that blocking Hotspot Shield (used UDP protocol) can be done simply by only allowing outgoing UDP for the ports needed, ie 53 and block the rest. This will prevent Hotspot from connecting to the VPN service. This is the whitelisting approach - allow the legit and known ones

http://forums.whirlpool.net.au/archive/1045253

As for the configuration of sonicwall, can check out this link. I did not manage to find out the actual configuration but thought this link is useful, we just need to create 2 access rules - allowed service to be port 53 and the rest are denied service.

@ http://www.fuzeqna.com/sonicwallkb/consumer/kbdetail.asp?kbid=5623
@ http://www.fuzeqna.com/sonicwallkb/consumer/kbdetail.asp?kbid=7606

Actually there is application firewall and control module for latest Gen 5 Sonicwall version but not applicable for your Gen 4 though

@ http://www.fuzeqna.com/sonicwallkb/consumer/kbdetail.asp?kbid=8533
@ http://www.fuzeqna.com/sonicwallkb/consumer/kbdetail.asp?kbid=8317
@ http://www.fuzeqna.com/sonicwallkb/consumer/kbdetail.asp?kbid=8182
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article, WatchGuard's Director of Security Strategy and Research Teri Radichel, takes a look at insider threats, the risk they can pose to your organization, and the best ways to defend against them.
Unable to change the program that handles the scan event from a network attached Canon/Brother printer/scanner. This means you'll always have to choose which program handles this action, e.g. ControlCenter4 (in the case of a Brother).
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…

927 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question