I may be wrong on how they “detect” VPN traffic but the lazy way would be to block the common “default” ports used by those services. If they are just blocking this port you could change what port you use. While it does come with its own issues as its a common scanned port changing the port to something like 80 or 443 and “look” like normal internet traffic. Might get around their block.
There’s a few ways to “detect” VPN traffic, and you’re missing some but port blocking is one of them. Rerouting over 443 is a possible workaround, but depending on the network architecture they can still detect VPN traffic using deep packet inspection.
Blocking ports is a very simple mechanism to prevent things and it doesn’t take long for a business to grow into IT management that involves more sophisticated methods like DPI.
VPN protocols have distinguishable packet headers/metadata/handshakes/etc. DPI can easily identify and block those, or any other known protocols, if they have it configured to do so.
Ah nice to know. I’m just an amateur hobbyists. I just remember years ago the company I worked for(somewhat large) blocked ports 80 and 443 but left almost everything else open. Stop employees from browsing the web. I went home hosted a web page served on some random high port that worked as a proxy and loaded pages I wanted then used it to play flash ( shows my age) games at work to kill time. Looking back guess I could of gotten into some shit but no longer work for them. It was a fun time though.
I may be wrong on how they “detect” VPN traffic but the lazy way would be to block the common “default” ports used by those services. If they are just blocking this port you could change what port you use. While it does come with its own issues as its a common scanned port changing the port to something like 80 or 443 and “look” like normal internet traffic. Might get around their block.
There’s a few ways to “detect” VPN traffic, and you’re missing some but port blocking is one of them. Rerouting over 443 is a possible workaround, but depending on the network architecture they can still detect VPN traffic using deep packet inspection.
Blocking ports is a very simple mechanism to prevent things and it doesn’t take long for a business to grow into IT management that involves more sophisticated methods like DPI.
VPN protocols have distinguishable packet headers/metadata/handshakes/etc. DPI can easily identify and block those, or any other known protocols, if they have it configured to do so.
Ah nice to know. I’m just an amateur hobbyists. I just remember years ago the company I worked for(somewhat large) blocked ports 80 and 443 but left almost everything else open. Stop employees from browsing the web. I went home hosted a web page served on some random high port that worked as a proxy and loaded pages I wanted then used it to play flash ( shows my age) games at work to kill time. Looking back guess I could of gotten into some shit but no longer work for them. It was a fun time though.
The ones that maintain a whitelist of connections are the hardest to get through