Has anyone here successfully blocked TeamViewer?
I have tried blocking the TCP port 5389 (listed on their site) and it seems to work at first, but then it seems to fail over to either 80 or 443 and starts working again. Obviously I can't block those ports as other applications use them. I decided to go hardcore and block all ports for teamviewer.com. Even then the application still works. Even making the DNS resolve to nothing in the host file does nothing, it still works. So then I thought about blocking the executable name, but if someone renames their executable won't this just circumvent it easily? Looking deeper I got into file fingerprints for Application and Device Control, and that seems to be a lackluster solution as once it gets any updates at all, the hash will obviously change and I'll have to manage it again. Also seems very unreliable as someone can just try older versions until they hit one that works. What is the best practice solution to this? I have searched the forums and there seems to be no definite solution.