How to Block Zoom on the Router (Complete Guide)

How to block Zoom on the router
How to block Zoom on the router

Zoom as a video communication app, got famous during the current Corona pandemic situation. From big to small business enterprises, educational institutes, and government agencies started to lean over this particular app for basic functionality i.e., communication. Although, after a few months many glitches and security risks were discovered on this videoconferencing app, which has made people question the reliability of the app. And therefore, it has now become essential to block Zoom, in order to safeguard ourselves from these cyber security issues. But how it can be done? How to block Zoom on the router?

Let’s find out!

Contents

How to block Zoom on the Router?

If you are willing to block Zoom on the router level, you can easily do it by using the following mentioned methods:

Create local firewall rules:

You can block Zoom on the router by creating local firewall rules using Windows Firewall, which will block outgoing connections from Zoom.exe.

Block the resolutions of DNS records:

Another way to block Zoom on the router is by blocking the resolutions of the DNS record on the zoom.us domain.

However, if you run your own DNS servers like an “Active Directory Server” then you can simply follow these steps:

  • Open your “DNS Management Console.”
  • Now, create a top-level record for “zoom.us.”
  • Done, by doing this you will be able to stop all the connections to this domain as well as all subdomains.

 Use PiHole:

PiHole is a general-purpose network-wide ad blocker that helps in protecting your network from ads and trackers without requiring any setup on individual devices.

Therefore, PiHole is another way to use DNS blocking to stop or block Zoom on the router.

 Verify DNS connection:

Always verify that the only DNS connections allowed on your network are to your own internal DNS server, as this removes the possibility of the Zoom client checking DNS records against their own servers, instead of yours.

And to do so, add a new outgoing firewall rule to disallow TCP & UDP port 53 from all the source IP addresses, except for your own DNS servers.

 Block access to Zoom IP address ranges:

Zoom has provided a list of IP addresses on their website, and therefore you can simply add these IPs to Deny rules in your Firewall and block Zoom on the router.

Utilize Group Policy:

You can utilize Group Policy to restrict Zoom.exe from running. 

So, if you want to use this method, simply create a New Restriction Policy along with a Hash Rule for Zoom.exe.

Use Firewall that has Deep Packet Inspection:

So, if you have a firewall with Deep Packet Inspection, you can enable the in-built rules to block Zoom. Additionally, these firewalls help lessen your burden, as they often release new definition updates as the situation changes.

 Block outgoing UDP and outbound TCP ports:

Block the UDP ports 3478, 3479 & 8801 -8810 as well as TCP ports 8801 & 8802 by creating Deny rule in your firewall.

What are the main security concerns about Zoom?

So, after reading the above solutions you must have surely tried to dig up the internet to find the main security concerns about the Zoom app. And therefore, to help you with the same, I have jotted them down.

 Zoom Bombing:

Zoom Bombing is something where a third person enters a legitimate Zoom meeting without any invite link and then engages in obscene or inappropriate behavior. According to the reports, Zoom Bombing continues as legitimate conference members are sharing the password with a hacker, disguised as a legitimate person.

In fact, Zoom had taken steps to resolve it but had no luck. 

Unsecured Desktop app:

There are two options that Zoom gives you: the desktop app, or browser version, and I recommend you to use the browser version as it is more secure, gets faster security updates, and most importantly has fewer permissions to temper with your system, as it lives in a browser’s sandbox. 

Whereas the desktop app has more permissions and is vulnerable to attacks.

False end-to-end encryption claims:

Although, Zoom claimed end-to-end encryption video calls, it wasn’t true at all, because by default the option was turned off which made it difficult for the users to trust Zoom.

Plus, if you want to use the E2E function, you first need to head to the “Settings” menu, and then toggle the “Allow use of end-to-end encryption” option to enable the feature.

Malware bundled up with Installers:

Many applications like Zoom that are trending, are copied by hackers, which makes it easier for them to install malware into your computer. And the most famous example is the crypto-mining malware that was found on Zoom installers in April 2020.

However, it is not the fault of Zoom, but it shows how hackers can target it easily. Therefore, it is essential to download Zoom from the official website.

Illegal bunch data collection:

This one is big, as Zoom is entitled to collect and share your email addresses, as well as the information shared during video calls without your consent.

Moreover, it gets much worse if you have signed up for Zoom using your Google or Facebook ID and password, as it can access any data collected by these companies.

Leaked passwords:

A hacker can record your video call in 1080p, and then feed it through a computer system that removes the background, so that he can monitor your arms and shoulders and predict the exact password that you are entering.

Although, this can happen with most of the video calling apps, and therefore it is recommended to avoid entering passwords while on video call.

However, if the above points don’t convince you to block Zoom on the router, then think about the major organizations like; NASA, SpaceX, and Bank of America that have switched to Zoom alternatives.

Final Remarks on “How to block Zoom on the router

Now, as we all know that the famous video calling app “Zoom” has its own set of issues that are harmful to the users, it is very much advisable to block Zoom on the router using these methods, to avoid any further security breach.