Penetration Testing mailing list archives
Re: Skype use obligation - Security x Productivity
From: Cedric Blancher <blancher () cartel-securite fr>
Date: Tue, 17 Jul 2007 08:08:41 +0200
Le lundi 16 juillet 2007 à 18:56 -0300, M.B.Jr. a écrit :
What to do? Risk their efforts in obtaining ISO certification? Guess we need to hear some other professionals.
Some useful informations on Skype: . http://secdev.org/conf/skype_BHEU06.pdf . http://recon.cx/en/f/vskype-part1.pdf http://recon.cx/en/f/vskype-part2.pdf . http://sid.rstack.org/pres/0610_Hacklu_Skype_Botnet.pdf My main concern regarding Skype is the Skype API that allows applications to use Skype as an overlay network, bypassing any network security policy. However, Skype has providing an "enterprise" client to which you can push policies, disabling lots of features. Never tried it, but might worth having a look. -- http://sid.rstack.org/ PGP KeyID: 157E98EE FingerPrint: FA62226DA9E72FA8AECAA240008B480E157E98EE
Hi! I'm your friendly neighbourhood signature virus. Copy me to your signature file and help me spread!
------------------------------------------------------------------------ This List Sponsored by: Cenzic Swap Out your SPI or Watchfire app sec solution for Cenzic's robust, accurate risk assessment and management solution FREE - limited Time Offer http://www.cenzic.com/c/wf-spi ------------------------------------------------------------------------
Current thread:
- Re: Skype use obligation - Security x Productivity, (continued)
- Re: Skype use obligation - Security x Productivity Roland Dobbins (Jul 20)
- Re: Skype use obligation - Security x Productivity M . B . Jr . (Jul 20)
- Re: Skype use obligation - Security x Productivity Mister Dookie (Jul 20)
- Re: Skype use obligation - Security x Productivity Javier Reyna Padilla (Jul 17)
- RE: Skype use obligation - Security x Productivity Pradeep-Kumar . Karavadi (Jul 17)
- Re: Skype use obligation - Security x Productivity Roland Dobbins (Jul 17)
- Re: Skype use obligation - Security x Productivity Cedric Blancher (Jul 17)
- Re: Skype use obligation - Security x Productivity Roland Dobbins (Jul 17)
- Re: Skype use obligation - Security x Productivity Justin Ferguson (Jul 20)
- Re: Skype use obligation - Security x Productivity Roland Dobbins (Jul 20)
- Re: Skype use obligation - Security x Productivity Cedric Blancher (Jul 17)
- Re: Skype use obligation - Security x Productivity Cedric Blancher (Jul 17)
- RE: Skype use obligation - Security x Productivity aSEC (Jul 20)
- Re: Skype use obligation - Security x Productivity Doug Schlachta (Jul 17)