IDS mailing list archives
Re: Skype & IPS vendor claims
From: "ROB DIXON" <rdixon () workforcewv org>
Date: Wed, 17 May 2006 11:06:28 -0400
Has anyone, tried to connect and run ethereal to see where it is connecting? Does it change everytime? Unless the client updates its connection info everytime, in preparation for the next login, wouldn't the client always connect to the same host name or IP for the initial login? Does Skype own a block of public Ips? Block em all :-) I may be off track here. My wife tells me that all the time ;-) Robert L. Dixon, C|HFI State of West Virginia's West Virginia Office of Technology Infrastructure Applications Netware/GroupWise Administrator Telephone: (304)-558-5472 ex.4225 ------------------------------------------ If you spend more on coffee than on IT security, you will be hacked. What's more, you deserve to be hacked. -- former White House cybersecurity czar Richard Clarke
Vladimir Parkhaev <vladimir () arobas net> >>>
Quoting Matt Jonkman (mjonkman () infotex com):
What these vendors may be doing it trying to block access to
centralized
login or directory servers by known IP ranges... I don't know if
that'll
be completely effective.
If I understand the protocol correctly, central servers are contacted only on a first run (after install). I(D|P)S systems can have sigs with IP addresses of those servers, but if user X installs Skype client on his corp. laptop at home... it doesn't help much. -- .signature: No such file or directory ------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more. ------------------------------------------------------------------------ ------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more. ------------------------------------------------------------------------
Current thread:
- Skype & IPS vendor claims Vladimir Parkhaev (May 16)
- Re: Skype & IPS vendor claims Jackie Lai (May 17)
- Re: Skype & IPS vendor claims Kevin (May 17)
- Message not available
- Re: Skype & IPS vendor claims Vladimir Parkhaev (May 17)
- Re: Skype & IPS vendor claims Matt Jonkman (May 17)
- Re: Skype & IPS vendor claims Vladimir Parkhaev (May 17)
- Re: Skype & IPS vendor claims Matt Jonkman (May 17)
- Re: Skype & IPS vendor claims Vladimir Parkhaev (May 17)
- <Possible follow-ups>
- RE: Skype & IPS vendor claims John Brightwell (May 17)
- Re: Skype & IPS vendor claims Jason Haar (May 18)
- Re: Skype & IPS vendor claims ROB DIXON (May 17)
- Re: Skype & IPS vendor claims Christian Kreibich (May 18)
- Re: Skype & IPS vendor claims Matt Jonkman (May 18)
- RE: Skype & IPS vendor claims William Bell (May 18)
- RE: Skype & IPS vendor claims Dante Mercurio (May 18)
- RE: Skype & IPS vendor claims okolesnikov (May 18)
- RE: Skype & IPS vendor claims Basgen, Brian (May 19)
- RE: Skype & IPS vendor claims Clemens, Dan (May 20)
- RE: Skype & IPS vendor claims Basgen, Brian (May 25)