Spotting and stopping Skype: Good luck
Testing spots salient characteristics of Skype that make its detection and exclusion difficult:
Port numbers: Calls are set up on dynamically changing, random port numbers. The same port numbers are used for the duration of a particular call, and may remain in use, for a while, between the same two users on subsequent calls. But other users are likely to employ totally different port numbers.
* * *
Protocols: It appears that Skype has the ability to employ either UDP or TCP for call set-up. UDP seems preferred; TCP may be the fallback option. UDP is used for the RTP stream. But TCP packets are also periodically sent along with the UDP/RTP stream, maybe one TCP per every 100 UDP packets.
* * *
Packet size: Packets within the same Skype VoIP stream vary dynamically in size, typically from 115 to 190 bytes per packet.
* * *
Packet spacing: The spacing between VoIP packets subsequently varies, too, from about 27 to 40 milliseconds, making packet-per-second counts for identification of a Skype stream nearly impossible.
* * *
SuperNodes: The nodes involved in call setup are obscured by a blast of traffic that occurs in the second or so that a Skype call is established. We captured and traced the nodes involved - about a dozen nodes, probably Skype SuperNodes, are contacted. They are dispersed all over the world. And the nodes can change from one call to the next. It's likely only one or two are used for actual setup of the call. The rest are likely for robustness and survivability of call setup.
* * *
VoIP encryption: After call setup, Skype VoIP streams are encrypted, making all information above the IP level in Skype packets indiscernible.
* * *
IM encryption: Skype Instant Messaging and Skype file transfers are likewise encrypted.
Learn more about this topicMake free video calls with Skype's new software
12/01/05Linksys VoIP phone for Vonage a treat
10/31/05VoIP for soccer moms
10/17/05U.S. company hopes to block Skype in China
A face-off: Is Skype enterprise-ready?
Microsoft's Project Spark is dead, not just resting.
Red Hat expands its partnership with Ericsson to focus on OpenStack, NFV infrastructure,...
By forcing Windows 10 on users, Microsoft has lost the tenuous trust and credibility users had in the...
Among Gartner's 10 predictions for the near term are a fast move to augmented reality, the decline of...
The goal of security awareness training is to help employees recognize and avoid security risks. The...
What every citizen should know about the state of our voting systems and the security of our elections....
Top CIOs bank millions in cash, equity, extras