[Dshield] can anyone sniff Skype

Peter Conrad peter at iq-one.com
Wed Aug 2 20:31:30 GMT 2006


On Wed, Aug 02, 2006 at 03:53:39PM +0000, stcarey at juno.com wrote:
> Two different times you should be able to detect Skype, when it looks for latest version (looks every time) and when it initially connects.  IntruShield has signatures that look for both. Stan Carey I was wondering if anyone has found a method of picking up Skype trafficwith Wireshark / Ethereal. I've been looking around for a while now but due to the way Skype worksI don't seem to be able to find much info. Any suggestions would be welcomed. Many thanks, Seth.

There was an interesting presentation on the last European BlackHat
Conference (I have only read the papers). Have a look at "Silver Needle
in the Skype":

http://www.blackhat.com/html/bh-media-archives/bh-multi-media-archives.html
http://www.blackhat.com/presentations/bh-europe-06/bh-eu-06-biondi/bh-eu-06-biondi-up.pdf

Regards

Peter



More information about the list mailing list