Solved

How to block teamviewer on the network

Posted on 2013-12-07
5
1,444 Views
Last Modified: 2014-12-22
I would like to block teamviewer in the network.

Is there any clear procedure to do it with ASA 5540 or Symantec EndPoint Manager 12.2

Thank you for any feedback
0
Comment
Question by:Ometa
5 Comments
 
LVL 4

Expert Comment

by:artsec
ID: 39703182
ASA 5540 is not able to block based on Application. Further, Teamviewer works on application layer and you cannot block HTTPS by ASA 5540 because it does not support SSL decryption .

Here you can find information for application control on Symantec EndPoint Manager.
http://www.symantec.com/business/support/index?page=content&id=TECH102525&locale=en_US
0
 
LVL 34

Expert Comment

by:Michael-Best
ID: 39703185
0
 
LVL 14

Accepted Solution

by:
Giovanni Heward earned 500 total points
ID: 39703295
You can start by blocking 5938/TCP outbound.  

TeamViewer will eventually use 443/TCP and 80/TCP, so you'll need to block by IP address or FQDN.

Due to the large IP/domain space used by TeamViewer, this may be an arduous process of monitoring its outbound connection attempts over time.  Use TCPView on a local Windows host to easily monitor connection attempts.  Of course if you're comfortable with WireShark you can filter these ports and log attempts over time.

Start by resolving master1.teamviewer.com incrementally upward (master2.teamviewer.com, etc.)
0
 
LVL 53

Expert Comment

by:McKnife
ID: 39745417
Is the topic still alive? http://www.symantec.com/connect/forums/block-teamviewer holds a HowTo for SEP 12.3 at least.
0
 
LVL 25

Expert Comment

by:madunix
ID: 40073161
As said above, I would block port 5938, that should stop the initial handshake.
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Suggested Solutions

Getting hacked is no longer a matter or "if you get hacked" — the 2016 cyber threat landscape is now titled "when you get hacked." When it happens — will you be proactive, or reactive?
Cybersecurity has become the buzzword of recent years and years to come. The inventions of cloud infrastructure and the Internet of Things has made us question our online safety. Let us explore how cloud- enabled cybersecurity can help us with our b…
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…
Illustrator's Shape Builder tool will let you combine shapes visually and interactively. This video shows the Mac version, but the tool works the same way in Windows. To follow along with this video, you can draw your own shapes or download the file…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now