lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Mon, 30 Oct 2006 12:28:30 +1300
From: Nick FitzGerald <nick@...us-l.demon.co.uk>
To: full-disclosure@...ts.grok.org.uk
Subject: Re: [ Capture Skype trafic ]

Tyop? wrote:

> I need to match it on a gate, and I haven't found any "usefull" informations.

And I think you should realize by now _why_ you have not found such a 
solution.  By design, Skype should outrun such an approach.  Thus, _if_ 
you are going to (somewhat/largely) beat it _with a technical solution_ 
you will need better control of the desktops.  No more "local admin" 
rights for those who really do not need it (most folk in most 
companies, and most of them that _really_ do should only need it on 
development and test machines that defintely should not have Internet 
access, at least most of the time), no more "power user" rights for the 
same reasons, etc, etc.

Yes, this will expose the excessive crappiness of most of the software 
that your current obviously totally shambolic "IT infrastructure" 
depends on, but that is a good thing, as in solving those problems, 
you'll automatically remove an awful lot of your other IT problems, 
many of which you were not previously aware of the scale (or even 
existence) of and many of which you had no iea were actually related to 
security and systems design...

_If_ management is sold on the idea that it _must_ deal with Skype, 
this may be your best yet (even only) chance to get management sign-off 
on actually designing a meaningful security policy _AND_ implementing 
the proper enforcement of it.


Regards,

Nick FitzGerald

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ