This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Blocking Anydesk

I wanted to block Anydesk incoming and outgoing connections in Sophos UTM9 Please someone can help me on this how to do because I had tried several way's (Application control )still not working out



This thread was automatically locked due to age.
  • Just reading on other sites, you want to block TCP 6568 outgoing, it's apparently unique to Anydesk. So, for this I would just create a Network Definition (DNS Host) for the domain anydesk.com, then create a blackhole route for it in UTM.  Save it and toggle it on.

    OPNSense 64-bit | Intel Xeon 4-core v3 1225 3.20Ghz
    16GB Memory | 500GB SSD HDD | ATT Fiber 1GB
    (Former Sophos UTM Veteran, Former XG Rookie)

  •  I have tried this still no success :( 

  • Probably because it acts like the old, old torrent style software and can utilize any open port (80, 443) which is essential traffic, but that unique port is for Anydesk.  There are several write-ups online on how to combat this program.  

    My favorite when I was a domain administrator, using group policy to not allow anything like this to be run or installed on a machine if it were a domain client.  If you are running your own DNS server, you can also just point the domain back to a non-existent IP.

    OPNSense 64-bit | Intel Xeon 4-core v3 1225 3.20Ghz
    16GB Memory | 500GB SSD HDD | ATT Fiber 1GB
    (Former Sophos UTM Veteran, Former XG Rookie)

  • It's not domain unfortunately Still searching for what to do :( 

  • Hala Sreejith and welcome to the UTM Community!

    Please insert pictures of the Edits of the failed configurations - Firewall, Application Control, etc.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA