IDS mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Skype & IPS vendor claims

From: Matt Jonkman <mjonkman () infotex com>
Date: Tue, 16 May 2006 13:30:55 -0400
Agreed. If you have a product that claims to block skype, I'd give it a
test....

Matt

Vladimir Parkhaev wrote:

Quoting Matt Jonkman (mjonkman () infotex com):

What these vendors may be doing it trying to block access to centralized
login or directory servers by known IP ranges... I don't know if that'll
be completely effective.



If I understand the protocol correctly, central servers are contacted only on a first run
(after install). I(D|P)S systems can have sigs with IP addresses of those servers, but if user X installs Skype 
client on his corp. laptop at home... it doesn't help much.



-- 
--------------------------------------------
Matthew Jonkman, CISSP
Senior Security Engineer
Infotex
765-429-0398 Direct Anytime
765-448-6847 Office
866-679-5177 24x7 NOC
http://my.infotex.com
http://www.infotex.com
http://www.bleedingsnort.com
--------------------------------------------



------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it 
with real-world attacks from CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 
to learn more.
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: