[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20050125060317.GC20476@ait.ac.th>
From: alain at ait.ac.th (Alain Fauconnet)
Subject: blocking SkyPE?
On Tue, Jan 25, 2005 at 03:22:20PM +1100, Gregh wrote:
>
> ----- Original Message -----
> From: "Alain Fauconnet" <alain@....ac.th>
> To: <full-disclosure@...ts.netsys.com>
> Sent: Tuesday, January 25, 2005 2:05 PM
> Subject: Re: [Full-Disclosure] blocking SkyPE?
>
>
> > Hello list,
> >
> > Thanks to all the tips and suggestions about my question on how to
> > block SkyPE traffic. I'll summarize and reply below:
> >
>
> ...just a quick suggestion that may already have been said as I don't know much about Skype myself:
>
> 1) It works on VOIP phones and web cams.
>
Web cams? not that I know. Looks like pure telephony to me.
> 2) The sound is apparently like talking to someone in the room with you though they may well be the other side of the planet.
If you have a lot of b/w, yes. My experience using a regular dial-up
hasn't been too good. Speak Freely manages limited b/w way better.
>
> So given those facts, surely it is using transfer similar to audio
streaming when a phone only and video streaming when not. Why not
download the prog, use it and sniff packets at the same time to see
what goes on. I did plug it in to see what it did to my firewall and
it correctly identified it as Skype.exe attempting to get out on a
hell of a lot of ports all at once. Looks like it is a torrent rather
than streaming normally to be honest.
Well, it's P2P, obviously. Not sure what you mean here, and whether
this is relevant to my question of blocking it.
Your host firewall has identified it because it knows the .EXE file
the connection originates from... nothing to do with protocol
recognition.
>
> In short, the places it attempts to contact would all appear to be
>hardcoded
No they aren't.
> or in Windows case, likely stored in the registry.
Neither (although it was the case in some older version). It's an XML
file (see my previous posting). But this file is quite dynamic. It
gets updated all the time as long as information is received from the
supernodes.
> I have not had time to check anything as yet to be honest, more than I have said
>above.
>Hope this, in some way, helps.
Honestly, no, it doesn't :-) But thanks for the reply anyway!
Greets,
_Alain_
Powered by blists - more mailing lists