I wanted to block Anydesk incoming and outgoing connections in Sophos UTM9 Please someone can help me on this how to do because I had tried several way's (Application control )still not working out
This thread was automatically locked due to age.
I wanted to block Anydesk incoming and outgoing connections in Sophos UTM9 Please someone can help me on this how to do because I had tried several way's (Application control )still not working out
Just reading on other sites, you want to block TCP 6568 outgoing, it's apparently unique to Anydesk. So, for this I would just create a Network Definition (DNS Host) for the domain anydesk.com, then create a blackhole route for it in UTM. Save it and toggle it on.
OPNSense 64-bit | Intel Xeon 4-core v3 1225 3.20Ghz
16GB Memory | 500GB SSD HDD | ATT Fiber 1GB
(Former Sophos UTM Veteran, Former XG Rookie)
Probably because it acts like the old, old torrent style software and can utilize any open port (80, 443) which is essential traffic, but that unique port is for Anydesk. There are several write-ups online on how to combat this program.
My favorite when I was a domain administrator, using group policy to not allow anything like this to be run or installed on a machine if it were a domain client. If you are running your own DNS server, you can also just point the domain back to a non-existent IP.
OPNSense 64-bit | Intel Xeon 4-core v3 1225 3.20Ghz
16GB Memory | 500GB SSD HDD | ATT Fiber 1GB
(Former Sophos UTM Veteran, Former XG Rookie)
Hala Sreejith and welcome to the UTM Community!
Please insert pictures of the Edits of the failed configurations - Firewall, Application Control, etc.
Cheers - Bob