Educause Security Discussion mailing list archives
Re: Skype on the network
From: Mike Porter <mike () UDEL EDU>
Date: Thu, 9 Apr 2009 11:32:44 -0400
On Wed, 8 Apr 2009, Brian Epstein wrote: We find that supernodes contact a large number of remote hosts on a daily basis. If a supernode runs long enough, it can reach over 1,000,000 remote computers a day. We disable any machine contacting over some number of remote computers per day. Skype or not. We've also found that Skype will create as many supernodes within your IP range as they see fit. We've disabled 10 in one day at times. The bandwidth requirements of supernodes is not especially high, however the number of remote hosts contacted generates a great deal of NetFlow, which I believe is causing us to lose NetFlow data and therefore compromises our ability to monitor the network. I can not see making an argument to increase our NetFlow resources in order to support a vendor's servers. Skype is a poor choice, in my opinion. If Skype wants to run a service like this, then they should install servers like eveyone else. Mike Mike Porter Systems Programmer V IT/NSS University of Delaware
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 04/08/2009 11:00 AM, Todd Bossaller wrote: | I know this has been covered before but I would like to inquire again. | Do you allow Skype on your network? If not, why? | Have you had issues with security? We allow it. It is widely used by many of our faculty and members. I haven't found many issues with it. We do retain the right to throttle or block it if something malicious does come to light. Thanks, Brian - -- Brian Epstein <bepstein () ias edu> +1 609-734-8179 Network and Security Officer Institute for Advanced Study Key fingerprint = 128A 38F4 4CFA 5EDB 99CE 4734 6117 4C25 0371 C12A -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iD8DBQFJ3MgsYRdMJQNxwSoRAvURAJ0eMssZZBnbXmoxXxZDEvaZEwyFjwCguVW8 Y19DgD+JVoLclRzxNEIpWCI= =cHyD -----END PGP SIGNATURE-----
- Mike Porter PGP Fingerprint: F4 AE E1 9F 67 F7 DA EA 2F D2 37 F3 99 ED D1 C2
Current thread:
- Skype on the network Todd Bossaller (Apr 08)
- <Possible follow-ups>
- Re: Skype on the network Di Fabio, Andrea (Apr 08)
- Re: Skype on the network Todd Clementz (Apr 08)
- Re: Skype on the network Brian Epstein (Apr 08)
- Re: Skype on the network Joel Rosenblatt (Apr 08)
- Re: Skype on the network Michael Sinatra (Apr 08)
- Re: Skype on the network Gary Dobbins (Apr 08)
- Re: Skype on the network Allan Williams (Apr 08)
- Re: Skype on the network Russ Leathe (Apr 09)
- Re: Skype on the network Mike Porter (Apr 09)
- Re: Skype on the network Todd Bossaller (Apr 09)