Educause Security Discussion mailing list archives

Re: Skype?

From: "Basgen, Brian" <bbasgen () PIMA EDU>
Date: Tue, 3 Feb 2009 10:19:34 -0700

a.      Supernode: Information on hundreds of other Skype users
could be routed through the PCC network. A PCC computer would act as
a "communications" hub for these users, with all call setups going
through the PCC computer. This "functionality" is on by default, but
can be disabled by altering the Windows Registry.


We find, by tracing Netflow records, that a supernode will contact
over 500,000 different remote machines a day (yes, 500K).
Typically, we disable machines once they get to this number of
NetFlow records.


 Interesting data! That is quite impressive. Any idea what version of Skype the machine was running?

 For the impact numbers we pulled from a SANS report:
   http://www.sans.org/reading_room/whitepapers/voip/skype_a_practical_security_analysis_32918?show=32918.php&cat=voip

 Someone else asked me offline about the privacy and monitoring section. We could have better rephrased this to "Skype 
may be able to decrypt communications, perhaps due to CALEA compliance." Source: 
http://www.networkworld.com/news/2008/072908-skype-voip-decrypt.html

~~~~~~~~~~~~~~~~~~
Brian Basgen
Information Security
Pima Community College

Current thread:

Skype? Clark, Sean (Feb 03)
- <Possible follow-ups>
- Re: Skype? Basgen, Brian (Feb 03)
- Re: Skype? Tupker, Mike (Feb 03)
- Re: Skype? Mike Porter (Feb 03)
- Re: Skype? Basgen, Brian (Feb 03)
- Re: Skype? Stanclift, Michael (Feb 03)
- Re: Skype? Mike Porter (Feb 03)
- Re: Skype? Tupker, Mike (Feb 03)