Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: blocking SkyPE?

From: Alain Fauconnet <alain () ait ac th>
Date: Tue, 25 Jan 2005 13:03:17 +0700
On Tue, Jan 25, 2005 at 03:22:20PM +1100, Gregh wrote:


----- Original Message ----- 
From: "Alain Fauconnet" <alain () ait ac th>
To: <full-disclosure () lists netsys com>
Sent: Tuesday, January 25, 2005 2:05 PM
Subject: Re: [Full-disclosure] blocking SkyPE?



Hello list,

Thanks to all the tips and suggestions about my question on how to
block SkyPE traffic. I'll summarize and reply below:



...just a quick suggestion that may already have been said as I don't know much about Skype myself:

1) It works on VOIP phones and web cams.



Web cams? not that I know. Looks like pure telephony to me.
 

2) The sound is apparently like talking to someone in the room with you though they may well be the other side of the 
planet.


If you have a lot of b/w, yes. My experience using a regular dial-up
hasn't been too good. Speak Freely manages limited b/w way better.



So given those facts, surely it is using transfer similar to audio

streaming when a phone only and video streaming when not. Why not
download the prog, use it and sniff packets at the same time to see
what goes on. I did plug it in to see what it did to my firewall and
it correctly identified it as Skype.exe attempting to get out on a
hell of a lot of ports all at once. Looks like it is a torrent rather
than streaming normally to be honest.

Well, it's P2P, obviously. Not sure what you mean here, and whether
this is relevant to my question of blocking it.
Your host firewall has identified it because it knows the .EXE file
the connection originates from... nothing to do with protocol
recognition.



In short, the places it attempts to contact would all appear to be
hardcoded


No they aren't.


or in Windows case, likely stored in the registry.


Neither (although it was the case in some older version). It's an XML
file (see my previous posting). But this file is quite dynamic. It
gets updated all the time as long as information is received from the
supernodes.


I have not had time to check anything as yet to be honest, more than I have said
above.
Hope this, in some way, helps.


Honestly, no, it doesn't :-) But thanks for the reply anyway!

Greets,
_Alain_
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Previous By Date Next
Previous By Thread Next

Current thread: