[Dshield] Question on Skype
jeff-kell at utc.edu
Sat Feb 18 15:36:38 GMT 2006
Chris C. wrote:
> So I'm not so much concerned with decrypting the communication as I am
> carrying unknown traffic, from unknown people, and broadcasting my IP as
> in existence and running Skype. If a nasty zero day exploit for Skype
> came along, it would be easy, easy, easy to target people.
> Oh, and in the TOS for Skype -- you agree to share your bandwidth. It's
> been a while since I read it, but I would assume it's still in there.
That was my concern. Some, but not all Skypes seem to go wacky with
bandwidth, and in particular, connections. If you're running a stateful
firewall or traffic shaper, it (can|does) eat up flows/connections at an
astounding rate. Since it uses a later variation on fast track [Kazaa]
protocol, I'm guessing it (can|does) operate in a "supernode" role. The
question that remains unanswered in my book is how it determines to be a
"supernode". Is it default? Is it user-configurable? Is it a
disguised user setting that somehow says "click me"? Does the software
make the determination based on your connection with a peer?
And the $64K question, is there a snort [etc] signature for the
More information about the list