On 7/31/07, michael.hendrickx <[EMAIL PROTECTED]> wrote: > > > > > > > > Nope, that's how its managed to evade most filtering > > until recently. You have to examine the characteristics > > of the packets internally to get an idea where it came from. > > Skype is using AES (go belgium), so you can't get much from the packet > data I think, unless you're able to analyse the connection setup > packets, and change your rules accordingly. > > Or unless it is indeed a seperate port, or a wrapped, say HTTP header > around their data? Any more technical nitty gritty insight?
Cisco routers can block skype by parsing the headers [1]. I haven't tried the filtering code in Linux with regards to skype, but it should be possible. [1] http://www.cisco.com/en/US/products/ps6723/products_white_paper0900aecd80633b0a.shtml Manu
