+ Post New Thread
Results 1 to 5 of 5
IT News Thread, UKERNA and JANETs' investigation into Skype in Other News; This makes interesting reading. It neither says one thing or another really, and it will be down to each sub-organisation ...
  1. #1

    Dos_Box's Avatar
    Join Date
    Jun 2005
    Location
    Preston, Lancashire
    Posts
    10,400
    Thank Post
    602
    Thanked 2,171 Times in 994 Posts
    Blog Entries
    23
    Rep Power
    630

    UKERNA and JANETs' investigation into Skype

    This makes interesting reading. It neither says one thing or another really, and it will be down to each sub-organisation as to how it either allows or controls it (should they see fit to). Nice stats though and intersting to see how the super-nodes work.
    Attached Files Attached Files

  2. #2

    Geoff's Avatar
    Join Date
    Jun 2005
    Location
    Fylde, Lancs, UK.
    Posts
    11,804
    Thank Post
    110
    Thanked 583 Times in 504 Posts
    Blog Entries
    1
    Rep Power
    224

    Re: UKERNA and JANETs' investigation into Skype

    Very difficult to control unless you block HTTPS. But you should be doing that anyway to stop people tunnelling. Right?

  3. #3


    Join Date
    Jan 2006
    Posts
    8,202
    Thank Post
    442
    Thanked 1,032 Times in 812 Posts
    Rep Power
    339

    Re: UKERNA and JANETs' investigation into Skype

    [/quote]Very difficult to control [quote]

    I consider that an understatement! I briefly looked into doing it but when I found this paper I gave up:
    http://www.di.ens.fr/~chaintre/desk/...acterizing.pdf

    Our ISP blocks almost everything, except https - how else could I tunnel home

  4. #4

    Geoff's Avatar
    Join Date
    Jun 2005
    Location
    Fylde, Lancs, UK.
    Posts
    11,804
    Thank Post
    110
    Thanked 583 Times in 504 Posts
    Blog Entries
    1
    Rep Power
    224

    Re: UKERNA and JANETs' investigation into Skype

    Well Snort has rules for it. So I can detect and block skype activity. Personally, lacking any directive from upon high, I've not blocked it. I only log installation and usage with snort.

    Code:
    alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg: "BLEEDING-EDGE Policy Skype VOIP Checking Version (Startup)"; flow: to_server,established; uricontent:"/ui/"; nocase; uricontent:"/getlatestversion?ver="; nocase; reference:url,www1.cs.columbia.edu/~library/TR-repository/reports/reports-2004/cucs-039-04.pdf; classtype: policy-violation; sid: 2001595; rev:6; )
    alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg: "BLEEDING-EDGE Policy Skype VOIP Reporting Install"; flow: to_server,established; uricontent:"/ui/"; nocase; uricontent:"/installed"; nocase; reference:url,www1.cs.columbia.edu/~library/TR-repository/reports/reports-2004/cucs-039-04.pdf; classtype: policy-violation; sid: 2001596; rev:6; )
    
    alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg: "BLEEDING-EDGE POLICY Skype User-Agent detected"; flow:to_server,established; pcre:"/User-Agent\:[^(\n|\r)]+Skype/i"; classtype: policy-violation; sid:2002157; rev:1;)
    If your proxy allows blocking clients via User Agent that would be effective. Squid/Dansguardian certainly can.

  5. #5


    Join Date
    Jan 2006
    Posts
    8,202
    Thank Post
    442
    Thanked 1,032 Times in 812 Posts
    Rep Power
    339

    Re: UKERNA and JANETs' investigation into Skype

    cool, I got the impression the only way to do that was header inspection which wasn't possible with encrypted https.

SHARE:
+ Post New Thread

Similar Threads

  1. Skype phones
    By FN-GM in forum Hardware
    Replies: 10
    Last Post: 1st August 2007, 02:37 PM
  2. UKERNA Issues RealVNC Security Alert
    By Dos_Box in forum IT News
    Replies: 0
    Last Post: 18th May 2006, 10:31 AM
  3. SKYPE
    By Face-Man in forum Educational Software
    Replies: 6
    Last Post: 27th March 2006, 01:09 PM
  4. Skype
    By russdev in forum General Chat
    Replies: 19
    Last Post: 27th June 2005, 03:47 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •