Security Basics mailing list archives
Re: Skype / Vsee
From: W W <crackd () gmail com>
Date: Mon, 22 Mar 2010 09:17:19 -0400
Can you provide a reason as to why you chose not to use Skype on your network? Reading some of the other posts to my question I see some adversity because there is potential for an individual to use the chat program to "leak" sensitive information. However, the other argument to that would be users can use any number of other methods to accomplish the same thing. I could use gmail, yahoo mail, etc. Or I could setup my own web based email system at home to connect to. Then you have USB devices to contend with. So unless you have secured everyone of those avenues blocking out Skype or other IM client seems almost like a waste of time. I guess what I'm looking for are there any good practices for setting up Skype or Vsee that doesn't expose the system itself to compromise? Some of the Skype documentation is dated. Appreciate your feedback. Thanks. W On Fri, Mar 19, 2010 at 8:51 PM, Mork <martyfromork () gmail com> wrote:
Hi, We've just finished a security review on Skype for a part of a provincial government . Our recommendation was not to use Skype, unless the machine using Skype is NOT connected to the main network, a stansalone machine hooked up independently to a service provider. Mork 2010/3/17 W W <crackd () gmail com>Does anyone have any recommendations or thoughts on the use of Skype or Vsee in the enterprise. I have done some research on the vulnerabilities found in the products themselves. Quite frankly most software have vuls so that doesn't buy me a whole lot. What security risks are we exposing ourselves too by allowing these products into our network? Are there any good references or guidelines for locking these products down in order to mitigate any risks? (I know this may have been talked about in the past, but there isn't a way to search through the archives of this list. At least not through the "new" web interface" of SecurityFocus.) Thanks. W ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 -------------------------------------------------------------------------- ***************** Mork
------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- Skype / Vsee W W (Mar 18)
- Re: Skype / Vsee Shawn Merdinger (Mar 19)
- Re: Skype / Vsee M.D.Mufambisi (Mar 19)
- Message not available
- Re: Skype / Vsee W W (Mar 22)
- Re: Skype / Vsee Shawn Merdinger (Mar 19)