|
Posted by Chris Webster on September 5, 2005, 12:26 am
If you were Registered and logged in, you could reply and use other advanced thread options
Hi,
Is installing and running Skype from workstations in a corporate network
considered a security risk for the network, servers and workstations?
Of course I mean using Skype binaries downloaded directly from www.skype.com
Thanks for comments on this issue
regards
Chris
|
|
Posted by Walter Roberson on September 5, 2005, 12:34 am
If you were Registered and logged in, you could reply and use other advanced thread options
:Is installing and running Skype from workstations in a corporate network
:considered a security risk for the network, servers and workstations?
Considered by whom?
I know that I block it in my role as security administrator.
- Skype appears to make deliberate attempts to find ways around
firewalls
- Skype attempts to contact an amazing number of remote devices
on random-looking ports -- not just occasionally, either.
- If Skype can figure out a way to get your system to accept
incoming connections from random outside systems, then your
system will be used for distributed processing to maintain the
skype infrastructure or to switch calls. Your acceptance of this
is part of the EULA.
If you are not careful with Skype, you could end up with nasty
excess-bandwidth bills. We have a gigabit connection to the 'net, so
you can imagine how much traffic Skype would think could be switched
through us... but we have to pay for non-research traffic.
It's a hidden cost of using Skype.
After that, one gets into questions of whether one trusts that
Skype has no security holes in its protocol. I don't recall seeing
the Skype security code ever published, and I don't like trusting
our information blindly to unknown protocols.
--
This signature intentionally left... Oh, darn!
|
| Similar Threads | Posted | | REVIEW: "Corporate Computer and Network Security", Raymond R. Panko | August 25, 2005, 8:25 pm |
| Sonic TZ170 for corporate use? | May 8, 2005, 2:15 am |
| How Big a Problem is Corporate Espionage? | June 19, 2006, 11:49 am |
| Corporate Information Security Jobs in Washington DC? | April 23, 2008, 1:06 am |
| Planning a Career in Corporate Security? Open CSO Project | August 18, 2004, 7:01 am |
| Top Ten Concerns to Skype Security | October 18, 2005, 11:47 pm |
| Efficient products to block Skype | June 27, 2007, 6:01 pm |
| Skype Based Remote Desktop & Netmeeting | January 6, 2006, 2:55 am |
| Windows Reboots Triggered Skype Glitch | August 20, 2007, 10:26 pm |
| Re: Deleting names from Skype login window dropdown list | September 6, 2007, 1:17 am |
|
XML site map