Description
Hopster works by tunneling everything though corporate proxies as HTTP requests back to their own servers, and then proxying anything that the end-user is using.
The program acts as a socks proxy on the local PC and can be used by any program that supports the use of a socks proxy.
Symptoms
End-users can browse to all sites and use Hopster messenger clients without being blocked.
Cause
The Hopster client hides the clients' traffic by tunneling all traffic using the HTTP protocol to a central Hopster proxy server.
It uses the corporate proxy server to connect to this Hopster proxy server but bypasses the corporate proxy policy.
Solution
Create an URL list containing the Hopster proxy server(s) on the internet.
Currently there is only one with IP: 62.116.83.62
Create a policy rule that blocks tunneled http traffic to the URL list defined above.
A similar solution might be applicable for the alternative clients listed above.
Software Version
8.3.x
8.4.x
8.5.0
- This article was previously published as:
- Finjan KB 1439