Security Basics mailing list archives
Re: using Skype, hosted voip, etc. in SMB
From: "Morgan Reed" <morgan.s.reed () gmail com>
Date: Wed, 26 Jul 2006 13:57:26 +1000
On 7/26/06, Dragos Ruiu <dr () kyx net> wrote:
On July 25, 2006 06:14 am, Morgan Reed wrote: > The guys at http://www.rstack.org have done quite a bit of work on > Skype (and more particularly Skype security), the Chinese DIDN'T > "crack" the Skype protocol they were simply the first people to > release an alternative client. > > Rstack.org's were the first to "crack" the protocol, the details can > be found in Philippe Biondi's and Fabrice Desclaux's blackhat > briefings eu 2006 presentation "Silver Needle in Skype"; > http://www.blackhat.com/presentations/bh-europe-06/bh-eu-06-biondi/bh-eu-06 >-biondi-up.pdf > > Further work was done later into Skype-based botnets, details are > available in Cedric Blancher's "Fire in the Skype" presentation; > http://sid.rstack.org/pres/0606_Recon_Skype_Botnet.pdf > Actully not to belittle team RStack (hi guys, and girls) and their work but the first analysis I saw of the Skype protocol was the 2004 paper from Salman A. Baset and Henning Shulzrinne at the CS dept. of Columbia University. This paper started a lot of other research. Just to give credit where credit is due. cheers, --dr
Yes I agree credit where credit is due, the work in the paper from Salman A. Baset and Henning Shulzrinne is quite exceptional and was the catalyst for much further research it only provides a partial reversal of the protocol. http://www1.cs.columbia.edu/~library/TR-repository/reports/reports-2004/cucs-039-04.pdf The reason I credited RStack with "cracking" the protocol is because (to the best of my knowledge) they were the first to provide a full reversal of the protocol. Further to the original question there is also a product (interestingly enough it was released shortly after the Black Hat Briefings Europe 2006) called Uplink which acts as a Skype to SIP adapter which may also prove useful. --------------------------------------------------------------------------- This list is sponsored by: Norwich University EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINEThe NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life.
http://www.msia.norwich.edu/secfocus ---------------------------------------------------------------------------
Current thread:
- using Skype, hosted voip, etc. in SMB Andrew Stewart (Jul 21)
- Re: using Skype, hosted voip, etc. in SMB Daniel DeLeo (Jul 24)
- Re: using Skype, hosted voip, etc. in SMB Morgan Reed (Jul 25)
- Re: using Skype, hosted voip, etc. in SMB Dragos Ruiu (Jul 26)
- Re: using Skype, hosted voip, etc. in SMB Morgan Reed (Jul 27)
- Re: using Skype, hosted voip, etc. in SMB Morgan Reed (Jul 25)
- Re: using Skype, hosted voip, etc. in SMB Daniel DeLeo (Jul 24)
- Re: using Skype, hosted voip, etc. in SMB Michael Krymson (Jul 25)