Re: Skype?

[Mike Porter <mike () UDEL EDU>]

On Tue, 3 Feb 2009, Basgen, Brian wrote:

> We have historically blocked Skype through our IPS. However, we recently re-evaluated and found many of the early 
> problems with Skype have been addressed. Here are our findings:
>
> 1.      Resource Use:
> a.      Supernode: Information on hundreds of other Skype users
> could be routed through the PCC network. A PCC computer would act as
> a "communications" hub for these users, with all call setups going
> through the PCC computer. This "functionality" is on by default, but
> can be disabled by altering the Windows Registry.

We find, by tracing Netflow records, that a supernode will contact
over 500,000 different remote machines a day (yes, 500K).
Typically, we disable machines once they get to this number of
NetFlow records.

Mike

Mike Porter
Systems Programmer V
IT/NSS
University of Delaware

> ~~~~~~~~~~~~~~~~~~
> Brian Basgen
> Information Security
> Pima Community College
>
>
>
> > -----Original Message-----
> > From: The EDUCAUSE Security Constituent Group Listserv
> > [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Clark, Sean
> > Sent: Tuesday, February 03, 2009 9:30 AM
> > To: SECURITY () LISTSERV EDUCAUSE EDU
> > Subject: [SECURITY] Skype?
> >
> > We are trying to gather info on how our peer institutions are handling
> > Skype on their networks.  The two biggest concerns that we have are the
> > security risks associated with Skype and how universities are handling
> > funding for the increased Internet bandwidth associated with Skype,
> > since Skype is essentially transferring costs from long distance
> > carrier expenditures to expenses associated with Internet bandwidth
> > usage.
> >
> > Since we are a large university that includes a health sciences center
> > (with all of the security concerns that come with handling private data
> > such as PHI) I'm open to feedback from all universities, but
> > particularly interested in those institutions that have health sciences
> > centers.
> >
> > Specific questions
> >
> > Do you work for a university?
> >
> > If you work for a university, does that university have a health
> > sciences center?
> >
> > Are you blocking Skype?
> >
> > If you are not blocking Skype, how are you handling the security
> > concerns associates with Skype?
> >
> > If you are not blocking Skype, have you addressed the increased network
> > bandwidth costs, or are you just eating the extra bandwidth?
> >
> > Other discussion, thoughts and responses are, of course, encouraged,
> > but the above information would be particularly useful for me in
> > preparation for the questions that I foresee coming from our upper
> > management in the near future.
> >
> > Thank you.
> >
> > Sean Clark
> > Manager, IT Security/Email/UNIX Systems
> > UCDenver IT Services
> > Sean.Clark () UCDenver edu

-
Mike Porter
PGP Fingerprint: F4 AE E1 9F 67 F7 DA EA  2F D2 37 F3 99 ED D1 C2