HotSpot Sheild

Taking care of your Linux box.
Post Reply
Kamranalilakhnavi
Lance Naik
Posts: 25
Joined: Thu Mar 31, 2005 2:26 am

HotSpot Sheild

Post by Kamranalilakhnavi »

Dear All,

I want to block http://hotspotshield.com/ (ha proxy software) via Iptables, this software can be installed on client machine(windows) and then can be used to by pass gateway restriction(linux in my case). Ha proxy has many ips, it is not possible to control it by blocking its server ip addresses. I believe there is only one solution is possible i.e to get signature and block it via iptables. Please share your thoughts If anyone have any knowledge regarding blocking HA proxy. It would be better to install it on your VM then try to block it via linux server(gateway) by this way you can get real experience.
Regards,
Pasha
kbukhari
Major General
Posts: 1222
Joined: Sat Dec 31, 2005 12:29 am
Location: Lahore
Contact:

Re: HotSpot Sheild

Post by kbukhari »

its simple but required some tweaking.

here we go.
1. install this software on some testing machines run it and try to surf internet from this application.
2. use tcpdump on your gatway to check what destination IP is used by your testing machine to get connected with the application server.
b3. lock that IP.
--
Syed Kashif Ali Bukhari
+92-345-8444420
http://sysadminsline.com
http://kashifbukhari.com
luqmaankhaan598
Cadet
Posts: 6
Joined: Wed Jan 16, 2013 12:24 pm

Re: HotSpot Sheild

Post by luqmaankhaan598 »

i used it . and i dont think it can be block. :roll:
intizar
Cadet
Posts: 8
Joined: Tue Jul 15, 2008 8:11 pm
Location: Multan

Re: HotSpot Sheild

Post by intizar »

use iptables with l7 , and insert a rule for vpn traffic matching , then make it jump to Drop . identify the traffic in prerouting -> mangle chain and in forward chain mark it , then connection track and then simply do whatever you want to do with it . second method can be little bit rusty , run hotspot sheild client on your pc and then run wireshark and try to find it's destination servers , add them to a list and block access to those server with ipset. though vpn use packet/connection encryption but yet they expose their destination servers ip address due to the nature of TCP/IP .
just do it,
Post Reply