This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

How do I justify shutting down Skype?

0

First off, Laura is great! Gerald is great! Wireshark is great!

I've been digging into how Wireshark can help me detect security problems on my corporate network. I hear lots of talk about how bad Skype is and how nobody should allow it on their network. But I can't seem to find anything that clearly shows why it is bad. How can I use Wireshark to plainly show why Skype should be banned from my network? I'm fighting an uphill battle because of the potential cost savings for employees traveling, especially internationally. Any help would be greatly appreciated.

asked 05 Nov '10, 12:46

Network%20Dude's gravatar image

Network Dude
1222
accept rate: 0%

I can't speak to skype itself. But to me the answer would be to use some other VOIP protocol within your network. Use scype as a network transport outside your own network, convert at the DMZ, transport it via VPN to your phone room, unpackage it there, and inject into your PBX. Remember too that the phone system itself is a black box; that a lot of the switching box's hardware is not exactly bullet proof. And the cost of phone calls compared to the other costs of having an employee traveling is peanuts.

(13 Feb '11, 07:27) SGBotsford

3 Answers:

2

http://blackhat.com/presentations/bh-europe-06/bh-eu-06-biondi/bh-eu-06-biondi-up.pdf

This one gives a more deep technical analysis of Skype, and is the base of why I don't trust Skype. To quote the summary:

  • Good points
    • Skype was made by clever people
    • Good use of cryptograph
  • Bad points

    • Hard to enforce a security policy with Skype
    • Jams traffic, can’t be distinguished from data exfiltration
    • Incompatible with traffic monitoring, IDS
    • Impossible to protect from attacks (which would be obfuscated)
    • Total blackbox. Lack of transparency.
    • No way to know if there is/will be a backdoor
    • Fully trusts anyone who speaks Skype.

And ask yourself: Can I really trust an application which does try so hard to limit me in figuring out what is going on? Can I trust an application which IDS's struggles to control? Can I trust a complete blackbox application, where it can't be verified that there are no security issues or a backdoor?

answered 04 Feb '11, 14:53

dazo's gravatar image

dazo
312
accept rate: 0%

0

A little googling:

Of course it is not all bad, Skype does work pretty well, you just have to decide for your company if the pros outweigh the cons and consider alternatives. Every company will have to do their own calculation.

answered 06 Nov '10, 03:38

SYN-bit's gravatar image

SYN-bit ♦♦
17.1k957245
accept rate: 20%

0

Without reading those articles and just basing this on customer networks...

Many companies do not want Skype on their network because of bandwidth issues, use of personal time issues and security issues.

I use Skype as a business tool in my office, but I certainly wouldn't deploy it for everyone to use here. Like Sake said, it's a business decision. Have some fun and analyze some Skype traffic in a test environment!

answered 06 Nov '10, 19:50

lchappell's gravatar image

lchappell ♦
1.2k2730
accept rate: 8%