Zoom is a very popular video conferencing system. However, sometimes it is not desirable to have Zoom running on your network for security reasons. This article shows you the ports used by Zoom, and explains how to block this software from running on your network.
Ports used by Zoom
Zoom primarily uses ports TCP 80 and TCP 443, but also TCP 8801 – 8802 and UDP 3478, 3479, 8801 – 8810.
Zoom does not require any public-facing open ports to operate. It initiates the outbound connections to the Zoom servers, and uses this for all communications.
How to Block Zoom On Your Network
If you want to block Zoom on your network, there are a few measures you can put in place:
- Create local firewall rules using Windows Firewall to block outgoing connections from Zoom.exe
- Block the resolution of DNS records on the zoom.us domain. If you run your own DNS server (such as an Active Directory server) then this is easy:
- Open your DNS Management Console
- Create a top-level record for ‘zoom.us‘
- Do nothing else. By pointing this record nowhere you will stop connections to this domain and all of it’s subdomains
- Block zoom.us in PiHole – this is another way to use DNS blocking to stop Zoom from connecting out via your network
- Ensure the only DNS connections allowed on your network are to your own internal DNS servers (which contain the above dummy-record). This removes the possibility of the Zoom client checking DNS records against their own servers, instead of yours. To do so, add a new outgoing firewall rule to disallow TCP & UDP port 53 from all source IP addresses, EXCEPT the addresses of your own DNS servers.
- Block access to the Zoom IP Address Ranges. Zoom supplies a list of IP addresses on their website. You can simply add these as DENY rules in your firewall.
- You can utilise Group Policy to deny Zoom.exe from running. To do this, create a new Software Restriction Policy with a Hash Rule for Zoom.exe.
- Finally, if you have a firewall with Deep Packet Exception, you can enable the in-built rules to block Zoom. These firewalls often release new definition updates as the situation changes, so a lot of the hard work is handled for you.
- Block outgoing UDP Ports 3478, 3479, & 8801 – 8810. You can create a DENY rule in your firewall to do this. Also ensure you block outbound TCP ports 8801 & 8802.