Hotspot Shield is a free vpn service for you to access blocked websites. With hotspot shield, you can bypass internet filter on your network.
So, to implement internet access policies in business networks, it is required to block hotspot shield traffic.
This tutorial will guide you to block hotspot shield with WFilter.
Add hotspot shield protocol
Because “hotspot shield” is not a default protocol of WFilter, you need to define it manually in “Customize Protocols”.
As in the above figure, add a new protocol named “HotSpot” in “Customize Protocols”. Three patterns are required:
UDP send pattern 1: “^\x88[\x00-\xff]{8}(\x00){5}$”
UDP send pattern 2: “^\x28[\x00-\xff]{9}(\x00){4}”
TCP send pattern: “\x00\x0e\x88[\x00-\xff]{8}(\x00){5}$”
Enable blocking of “hotspot shield”
Now, by enabling “Block hotspot” in blocking level settings, hotspot will be blocked.
Please notice:
Hotspot can be completely blocked when your WFilter is deployed in “pass-through” mode. However, in “pass-by” mode, for complete blocking of hotspot, you also need to block udp ports 900-65534 in your router or firewall. check: How to block certain UDP ports in router/firewall?