4. Block VPN connections over TCP 443 with Suricata?

Block VPN connections over TCP 443 with Suricata?

  • P
    Banned

    Does anyone have or know of a ruleset that would detect/block VPN connections?

    I know of maintained IP lists (shallalist) that can be used to block connections to public VPN providers IP addresses.
    However, this does nothing to prevent a connection to a private VPN as it wouldn't be on any list.

    Obviously TCP 443 is going to stay open and everyone knows this. So how about inspecting headers and identifying a VPN SSL connection so it can be shut down? What would those rules be?

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy