Monday, March 13, 2006

Skype and security: SJSU useage considerations?

Some folks consider Skype a security threat
I am not trying to take a position on the matter, just point out what is a matter of conversation.

Traffic over the Internet uses a protocol (definition link) aptly named Internet Protocol (IP definition link). Protocols, like IP, often have sub-protocols. Protocols, like this, that link and work together are also known as stacks of protocols. There are several of these for IP. Two of these sub-protocols are of note for this conversation (regarding network traffic that is transmitted using Internet Protocol.) The first is Transmission Control Protocol (commonly called TCP) and the other one is User Datagram Protocol (commonly called UDP.) When you hear the term TCP/IP, this is what the term means. For this conversation the differences between TCP and UDP are not important. Most services over the Internet have numbered "ports" assigned to them that can are used to identify and potentially block related traffic. There are TCP ports and UDP ports. What a firewall does is block all but a few of these ports. For example web traffic uses TCP port 80.

Skype is different
Skype, a peer-to-peer voice, video, file sharing and instant message service [Link], does not have a numbered Internet Protocol port assigned to it. Instead what Skype does is it port hops. Skype is like those birds that reproduce by laying eggs in other birds nests. Skype is like a network virus in that it searches for open ports then uses those to get through a firewall. Skype will try UDP and TCP. Most firewalls have port 80 open to allow employees to gain web access. If so, Skype will use that. It is hard to block Skype. It is also hard to detect Skype.  This port hopping nature makes it appear as different types of traffic on the network.

Skype is peer-to-peer
Some networks, specifically in academic settings, have specific acceptable use policies that restrict the use of peer-to-peer networking. In a peer-to-peer network individual computers talk to each other and exchange data. This is different than typical client-server networks where data resides on a central server that is typically administered by a server administrator whom is accountable for content on the server. Skype, like many peer-to-peer technologies, can be used to distribute content in violation of copywrite laws. Though it has not happened, some folks allege that because of its ability to evade firewalls, if the Skype application was compromised by a virus, Skype itself could be used to attack networks and the computers on a network.


Technorati Tags: , , , , , ,

No comments: