Network Security: Detailed info on Re: [Full-disclosure] [ Capture Skype trafic ]

Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.

Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.

Network Security FullDisclosure

[Top] [All Lists]

Re: [Full-disclosure] [ Capture Skype trafic ]

from [gabriel rosenkoetter] Network Security

[Permanent Link]

Subject:	Re: [Full-disclosure] [ Capture Skype trafic ]
Date:	Sat, 28 Oct 2006 11:53:27 -0400

On Sat, Oct 28, 2006 at 11:24:40AM +0200, Cedric Blancher wrote:

Have you ever header of Skype API that basicly allows two application to
communicate on top of Skype network, thus inheriting Skype resilience,
encryption, obfuscation and firewall punching capapbilities ?


I don't see how this isn't still an HR problem.

Unless you're concerned about infected systems communicating in this
way as part of a zombie network? In that case, your vector to fix it
is dealing with your broken virus checking.

Setting up network filtering to keep your internal users from doing
something, rather than persuading them that they should not do that,
will never, ever work.

-- 
gabriel rosenkoetter
gr@eclipsed.net

pgp4rgpMNJeTY.pgp
Description: PGP signature

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[More messages with this same subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
[Full-disclosure] [ Capture Skype trafic ], Tyop? Re: [Full-disclosure] [ Capture Skype trafic ], Exibar Re: [Full-disclosure] [ Capture Skype trafic ], Tyop? Re: [Full-disclosure] [ Capture Skype trafic ], gabriel rosenkoetter Re: [Full-disclosure] [ Capture Skype trafic ], Nick FitzGerald Re: [Full-disclosure] [ Capture Skype trafic ], gabriel rosenkoetter Re: [Full-disclosure] [ Capture Skype trafic ], Nick FitzGerald Re: [Full-disclosure] [ Capture Skype trafic ], Peter Thoenen Re: [Full-disclosure] [ Capture Skype trafic ], Cedric Blancher Re: [Full-disclosure] [ Capture Skype trafic ], gabriel rosenkoetter <= Re: [Full-disclosure] [ Capture Skype trafic ], Cedric Blancher Re: [Full-disclosure] [ Capture Skype trafic ], Brian Eaton Re: [Full-disclosure] [ Capture Skype trafic ], Tyop? Re: [Full-disclosure] [ Capture Skype trafic ], Nick FitzGerald Re: [Full-disclosure] [inbox] Re: [ Capture Skype trafic ], Exibar Re: [Full-disclosure] [inbox] Re: [ Capture Skype trafic ], form guru Re: [Full-disclosure] [ Capture Skype trafic ], Fabian Wenk

Previous by Date:	[Full-disclosure] Removing Hidden fields automatically in Paros, Richard Braganza
Next by Date:	[Full-disclosure] Asteroid SIP Denial of Service Tool, J. Oquendo
Previous by Thread:	Re: [Full-disclosure] [ Capture Skype trafic ], Cedric Blancher
Next by Thread:	Re: [Full-disclosure] [ Capture Skype trafic ], Cedric Blancher
Indexes:	[Date] [Thread] [Top] [All Lists]