Tyop? wrote: > I need to match it on a gate, and I haven't found any "usefull" informations.
And I think you should realize by now _why_ you have not found such a solution. By design, Skype should outrun such an approach. Thus, _if_ you are going to (somewhat/largely) beat it _with a technical solution_ you will need better control of the desktops. No more "local admin" rights for those who really do not need it (most folk in most companies, and most of them that _really_ do should only need it on development and test machines that defintely should not have Internet access, at least most of the time), no more "power user" rights for the same reasons, etc, etc. Yes, this will expose the excessive crappiness of most of the software that your current obviously totally shambolic "IT infrastructure" depends on, but that is a good thing, as in solving those problems, you'll automatically remove an awful lot of your other IT problems, many of which you were not previously aware of the scale (or even existence) of and many of which you had no iea were actually related to security and systems design... _If_ management is sold on the idea that it _must_ deal with Skype, this may be your best yet (even only) chance to get management sign-off on actually designing a meaningful security policy _AND_ implementing the proper enforcement of it. Regards, Nick FitzGerald _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
