Sonicwall Signatures

Go to All Categories list.
Go to All Applications list.

Application: Hexatech VPN

Hexatech VPN is a freemium model VPN application for mobile devices (e.g. Apple iPhone and Android). This application uses advanced obfuscation and evasion techniques to avoid firewall detection. It does two things: (A) it tries to open random, unidentified protocols over TCP and UDP using the Encrypted Key Exchange techniques, and (B) it uses standard HTTPS protocol to tunnel user traffic. For these reasons, to block Hotspot Shield VPN you must: (1) enable our Encrypted Key Exchange (EKE) application signatures, SID 5 (TCP) and SID 7 (UDP); (2) enable DPI-SSL Client Inspection (DPI-SSL CI); and (3) enable the Hexatech VPN application signatures. (Note: there may be side effects to enabling EKE signatures, namely, applications like Skype and others may also be blocked. There is no work-around, other than adding private IPs to the exclusion lists for this application, or individually by EKE signature.)

  Hexatech VPN -- UDP Activity 1
  Hexatech VPN -- UDP Activity 2
  Hexatech VPN -- TCP Activity 1
  Hexatech VPN -- UDP Activity 3

Relevant Information