True, but... As I'll keep hammering on - the traffic for other apps is much more transparent than that for skype, and NIDS systems, such as snort, etc., can help with the other apps, but absolutely cannot help with skype.
Kurt On Thu, Dec 30, 2010 at 21:28, Andrew S. Baker <[email protected]> wrote: >>>It's also precisely how exploitations begin, not merely DoSes. > > Well then, it's a good thing that none of the other software we > use ever behaves like that. > > ASB (My XeeSM Profile) > Exploiting Technology for Business Advantage... > > > > On Thu, Dec 30, 2010 at 11:29 PM, Kurt Buff <[email protected]> wrote: >> >> It's also precisely how exploitations begin, not merely DoSes. >> >> On Thu, Dec 30, 2010 at 14:51, Andrew S. Baker <[email protected]> wrote: >> >>>Really? A delay in response causes a crash in client software? Really? >> > Isn't that precisely how a DoS works? >> > Did you read the whole article or just the summary? The "client" >> > software, as you noted before, is operating in P2P mode, so it is both >> > client and server software, depending on the type of activity being >> > performed at that time. >> > While a regrettable problem, it wasn't inconceivable that something like >> > this could happen if things lined up right. >> > >> > ASB (My XeeSM Profile) >> > Exploiting Technology for Business Advantage... >> > >> > >> > >> > On Thu, Dec 30, 2010 at 5:02 PM, Kurt Buff <[email protected]> wrote: >> >> >> >> Oh, and I just saw this: >> >> >> >> http://blogs.skype.com/en/2010/12/cio_update.html: "On Wednesday, >> >> December 22, a cluster of support servers responsible for offline >> >> instant messaging became overloaded. As a result of this overload, >> >> some Skype clients received delayed responses from the overloaded >> >> servers. In a version of the Skype for Windows client (version >> >> 5.0.0152), the delayed responses from the overloaded servers were not >> >> properly processed, causing Windows clients running the affected >> >> version to crash." >> >> >> >> Really? A delay in response causes a crash in client software? Really? >> >> >> >> I'm glad it's fixed in the newest versions, but wow... >> >> >> >> Now, I must qualify my concern - I don't care nearly as much about >> >> skype on phones - they're not going to live on my production network, >> >> and phones running Good software have corporate data relatively well >> >> protected. Smartphones will live on a guest network. It's the >> >> workstations I'm concerned about. >> >> >> >> Kurt >> >> >> >> On Thu, Dec 30, 2010 at 12:25, Andrew S. Baker <[email protected]> >> >> wrote: >> >> > What's your main concern with Skype? >> >> > What aspect of security is your focus? >> >> > >> >> > ASB (My XeeSM Profile) >> >> > Exploiting Technology for Business Advantage... >> >> > >> >> > >> >> > >> >> > On Thu, Dec 30, 2010 at 3:15 PM, Kurt Buff <[email protected]> >> >> > wrote: >> >> >> >> >> >> This is pretty old, but I'm now being forced to allow skype on our >> >> >> network, and I'm pretty unhappy about it.. >> >> >> >> >> >> Ken, is your firm still allowing skype, and if so, can you speak to >> >> >> what your security folks did to make themselves happy about allowing >> >> >> skype? >> >> >> >> >> >> Has anyone else here done a security review that gave them a >> >> >> decision >> >> >> one way or the other about allowing it? >> >> >> >> >> >> Kurt >> >> >> >> >> >> On Thu, Jan 15, 2009 at 08:12, Ken Cornetet >> >> >> <[email protected]> >> >> >> wrote: >> >> >> > We are deploying it here to a few users. >> >> >> > >> >> >> > >> >> >> > >> >> >> > I’m using group policy to turn off being a supernode, downloads, >> >> >> > listening >> >> >> > on tcp ports, and 3rd party access to the Skype API. >> >> >> > >> >> >> > >> >> >> > >> >> >> > Our security folks reviewed it and are happy. >> >> >> > >> >> >> > >> >> >> > >> >> >> > From: Tim Evans [mailto:[email protected]] >> >> >> > Sent: Thursday, January 15, 2009 11:01 AM >> >> >> > To: NT System Admin Issues >> >> >> > Subject: Skype >> >> >> > >> >> >> > >> >> >> > >> >> >> > Has anyone looked at Skype recently? We’ve got a client that >> >> >> > wants >> >> >> > us >> >> >> > to >> >> >> > use Skype for communications with them. I’ve always been a little >> >> >> > leery >> >> >> > of >> >> >> > using them in a business environment, but looking at it now, I see >> >> >> > they >> >> >> > have >> >> >> > a MSI download for easy deployment and a group policy template for >> >> >> > central >> >> >> > administration of settings. It all looks pretty cool. While the >> >> >> > security >> >> >> > guy >> >> >> > in me wants to say no, I’m having a hard time finding a reason not >> >> >> > to >> >> >> > say >> >> >> > OK. >> >> >> > >> >> >> > >> >> >> > >> >> >> > I’m curious what the members of this esteemed group think about it >> >> >> > >> >> >> > >> >> >> > >> >> >> > >> >> >> > >> >> >> > …Tim >> >> >> > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to [email protected] > with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
