The problem with blocking Skype is that it was designed to get behind
firewalls, so if you do want to block it (perhaps it's against your AUP) it
is more difficult than just closing some ports. The other problem is that it
can sometime generate a lot of traffic and use a lot of bandwidth when it is
relaying conversations for other peers, although I think that can be set.
Other chat programs usually need to be blocked as well, but because of the
peer to peer nature of Skype it is harder to block. (For example the latest
Snort rules has a pretty up to date list of AIM servers that you can use to
block AIM regardless of what port it uses by blocking the IP).
Regards,
Cosmin Stejerean
-----Original Message-----
From: Morten Torstensen [mailto:morten@mortent.org]
Sent: Wednesday, November 16, 2005 12:49 PM
To: dsluser@emirates.net.ae
Cc: firewalls@securityfocus.com
Subject: Re: Blocking Skype
dsluser@emirates.net.ae wrote:
Blocking Skype Using Squid and OpenBSD
Nice writeup. But why? Why block Skype? It it really worse than MSN or
GoogleTalk? Has anyoen demonstrated serious flaws in Skype that could threat
security? There has been bugs, and there have been patches. But that is
SNAFU
for all networking apps.
What is it about Skype that get some network/security people all worked up?
--
//Morten Torstensen
//Email: morten@mortent.org
//IM: Cartoon@jabber.no morten.torstensen@gmail.com
If you ever go temporarily insane, don't shoot somebody, like a lot of
people do. Instead, try to get some weeding done, because
you'd really be surprised.
smime.p7s
Description: S/MIME cryptographic signature
