Educause Security Discussion mailing list archives
Re: Skype?
From: Mike Porter <mike () UDEL EDU>
Date: Tue, 3 Feb 2009 12:03:43 -0500
On Tue, 3 Feb 2009, Basgen, Brian wrote:
We have historically blocked Skype through our IPS. However, we recently re-evaluated and found many of the early problems with Skype have been addressed. Here are our findings: 1. Resource Use: a. Supernode: Information on hundreds of other Skype users could be routed through the PCC network. A PCC computer would act as a "communications" hub for these users, with all call setups going through the PCC computer. This "functionality" is on by default, but can be disabled by altering the Windows Registry.
We find, by tracing Netflow records, that a supernode will contact over 500,000 different remote machines a day (yes, 500K). Typically, we disable machines once they get to this number of NetFlow records. Mike Mike Porter Systems Programmer V IT/NSS University of Delaware
~~~~~~~~~~~~~~~~~~ Brian Basgen Information Security Pima Community College-----Original Message----- From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Clark, Sean Sent: Tuesday, February 03, 2009 9:30 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] Skype? We are trying to gather info on how our peer institutions are handling Skype on their networks. The two biggest concerns that we have are the security risks associated with Skype and how universities are handling funding for the increased Internet bandwidth associated with Skype, since Skype is essentially transferring costs from long distance carrier expenditures to expenses associated with Internet bandwidth usage. Since we are a large university that includes a health sciences center (with all of the security concerns that come with handling private data such as PHI) I'm open to feedback from all universities, but particularly interested in those institutions that have health sciences centers. Specific questions Do you work for a university? If you work for a university, does that university have a health sciences center? Are you blocking Skype? If you are not blocking Skype, how are you handling the security concerns associates with Skype? If you are not blocking Skype, have you addressed the increased network bandwidth costs, or are you just eating the extra bandwidth? Other discussion, thoughts and responses are, of course, encouraged, but the above information would be particularly useful for me in preparation for the questions that I foresee coming from our upper management in the near future. Thank you. Sean Clark Manager, IT Security/Email/UNIX Systems UCDenver IT Services Sean.Clark () UCDenver edu
- Mike Porter PGP Fingerprint: F4 AE E1 9F 67 F7 DA EA 2F D2 37 F3 99 ED D1 C2
Current thread:
- Skype? Clark, Sean (Feb 03)
- <Possible follow-ups>
- Re: Skype? Basgen, Brian (Feb 03)
- Re: Skype? Tupker, Mike (Feb 03)
- Re: Skype? Mike Porter (Feb 03)
- Re: Skype? Basgen, Brian (Feb 03)
- Re: Skype? Stanclift, Michael (Feb 03)
- Re: Skype? Mike Porter (Feb 03)
- Re: Skype? Tupker, Mike (Feb 03)