there is an free extension in google chorme betternet free vpn which made bypassing any kind of content filtering unbelievably easy . i tried all kind of port blocking, gre blocking to block this kind of vpn , but no success .
any idea .. ?
Unfortunately there's no easy solution for this nor a solution that fixes everything. VPNs like OpenVPN for instance can bypass port blocking because you can choose what port to use and even the protocol.
If this is an enterprise where you've got control over the devices the employees use try:
- 1.- Using a UTM/NGFW, these devices can do deep packet inspection and detect app signatures so they can block these
2.- Use a web proxy and block any kind of access to the internet not passing via it, make the proxy work with HTTPS and block anything not allowed
3.- Block any port to any IP that has not been previously allowed by internal security policies
4.- Block devices usage of extensions on web browser
5.- Make computer firewall block DNS requests to non-allowed DNS servers, you can do it as well in a network wide policy via firewall, use a service like OpenDNS
Points 1 and 2 requires the use of a domain service and GPOs to make devices trust forged certificates for SSL/TLS connections, point 4 and 5 requieres GPO to lock the computer's functions
I'm quite sure there are a lot of other things you've gotta do, as mentioned, this is not an easy task nor one that can be achieved doing just a few commands over a single device.
Need a hotspot with facebook integration?
Send a PM!
Hablamos español, atendemos el mercado de latinoamérica visita nuestra página web: