anyone blocking skype ???

darkuserdarkuser Member Posts: 620 ■■■□□□□□□□
I'm looking ways to block skype.

I see cisco has a pdlm for skype, but it only runs under 12.4(4)T.

so .... does anyone have (or know about an effective way to whack skype ?>>>??? icon_twisted.gif
rm -rf /

Comments

  • RussSRussS Member Posts: 2,068 ■■■□□□□□□□
    Yup - block all ports unless absolutely necessary and most important ..... TURN OFF UPnP icon_wink.gif
    www.supercross.com
    FIM website of the year 2007
  • forbeslforbesl Member Posts: 454
    Here's an interesting article on it:

    http://www.computerworld.com/securitytopics/security/story/0,10801,105760,00.html

    Works 99 times out of 100 behind a firewall or NAT layer? Man, this thing has the potential of being a big security problem.
  • JDMurrayJDMurray MSIT InfoSec, CISSP, SSCP, GSEC, EnCE, C|EH, CySA+, PenTest+, CASP+, Security+ Surf City, USAAdmin Posts: 12,089 Admin
    forbesl wrote:
    Works 99 times out of 100 behind a firewall or NAT layer? Man, this thing has the potential of being a big security problem.
    Most firewalls have port 80 outbound opened for Web browser traffic. Network developers know this and use port 80 to have their software apps get through corporate firewalls. IT counters this by using a firewall that can filter packets at the application layer, and reject any port 80 outbound packets that are not part of an actual HTTP session. Of course, it's possible to wrap almost any other protocol in an HTTP session, so the firewall manufacturers have to build a signature database to detect application traffic that uses this trick. Back and forth and back and forth it goes.
  • forbeslforbesl Member Posts: 454
    JDMurray wrote:
    forbesl wrote:
    Works 99 times out of 100 behind a firewall or NAT layer? Man, this thing has the potential of being a big security problem.
    Most firewalls have port 80 outbound opened for Web browser traffic. Network developers know this and use port 80 to have their software apps get through corporate firewalls. IT counters this by using a firewall that can filter packets at the application layer, and reject any port 80 outbound packets that are not part of an actual HTTP session. Of course, it's possible to wrap almost any other protocol in an HTTP session, so the firewall manufacturers have to build a signature database to detect application traffic that uses this trick. Back and forth and back and forth it goes.
    Yes, I realized that this uses mainly port 80 and 443. Since most all firewalls are opened up outbound for these ports, it makes it hard to kill skype. I also read that skype will look for any open outbound port to use, which is doubly troubling.
  • forbeslforbesl Member Posts: 454
    darkuser wrote:
    I'm looking ways to block skype.

    I see cisco has a pdlm for skype, but it only runs under 12.4(4)T.

    so .... does anyone have (or know about an effective way to whack skype ?>>>??? icon_twisted.gif

    darth, are you all using 12.4 at NASA yet? If so, how is it working out for ya? I work at a DoD NOC and have been reluctant to flash it on my nodes until it's been "tried and tested".
  • darkuserdarkuser Member Posts: 620 ■■■□□□□□□□
    no 12.2(31) or something .... and nbar for blocking generic fileshare apps.
    but the skype question was posed to me ..... as was marketscore last year.
    and .... I don't really work for nasa ... they just pay my salary thru a research grant.....


    and thanks again .... to the fine people who created napster.
    they've found a way to make money and not get sued ... yet
    rm -rf /
Sign In or Register to comment.