Spotting and stopping Skype: Good luck

Spotting and stopping Skype: Good luck

Testing spots salient characteristics of Skype that make its detection and exclusion difficult:

Port numbers: Calls are set up on dynamically changing, random port numbers. The same port numbers are used for the duration of a particular call, and may remain in use, for a while, between the same two users on subsequent calls. But other users are likely to employ totally different port numbers.

* * *

Protocols: It appears that Skype has the ability to employ either UDP or TCP for call set-up. UDP seems preferred; TCP may be the fallback option. UDP is used for the RTP stream. But TCP packets are also periodically sent along with the UDP/RTP stream, maybe one TCP per every 100 UDP packets.

* * *

Packet size: Packets within the same Skype VoIP stream vary dynamically in size, typically from 115 to 190 bytes per packet.

* * *

Packet spacing: The spacing between VoIP packets subsequently varies, too, from about 27 to 40 milliseconds, making packet-per-second counts for identification of a Skype stream nearly impossible.

* * *

SuperNodes: The nodes involved in call setup are obscured by a blast of traffic that occurs in the second or so that a Skype call is established. We captured and traced the nodes involved - about a dozen nodes, probably Skype SuperNodes, are contacted. They are dispersed all over the world. And the nodes can change from one call to the next. It's likely only one or two are used for actual setup of the call. The rest are likely for robustness and survivability of call setup.

* * *

VoIP encryption: After call setup, Skype VoIP streams are encrypted, making all information above the IP level in Skype packets indiscernible.

* * *

IM encryption: Skype Instant Messaging and Skype file transfers are likewise encrypted.

Return to Skype Clear Choice Test

Learn more about this topic

Make free video calls with Skype's new software

12/01/05

Linksys VoIP phone for Vonage a treat

10/31/05

VoIP for soccer moms

10/17/05

U.S. company hopes to block Skype in China

11/08/05


A face-off: Is Skype enterprise-ready?


From CSO: 7 security mistakes people make with their mobile device
Join the discussion
Be the first to comment on this article. Our Commenting Policies