Drmayhem@gmail.com
SANS Institute InfoSec Reading Room
This paper is from the SANS Institute Reading Room site. Reposting is not permitted without express written permission.
Skype: A Practical Security Analysis
The purpose of this paper is to suggest best practices and recommendations when running Skype. Although Skype is available for myriad different hardwareplatforms, this document will focus on the Mac, Windows, and Linux environments.
Copyright SANS Institute Author Retains Full Rights
AD
Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46 Skype: A Practical Security
08 ,
Au
tho
rr
GSEC Gold Certification
©
Bert Hayes
SA
NS
Ins titu
Adviser: Dominicus Adriyanto
te
Author: Bert Hayes,bhayes@infosec.utexas.edu
Accepted: October 9 2008
20
eta
ins
Analysis
ful l
1
© SANS Institute 2008, Author retains full rights.
rig
hts
Skype: A Practical Security Analysis
.
2. Definitions....................................................... 4 3. Major Points...................................................... 5
4.Observations...................................................... 9
2. Skype’s Network Behavior......................................11 5. Practical Advice and Real World Recommendations...................21
Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46
6. Conclusions.......................................................23 7. Links and Additional Information..................................24 8. AppendixA: A Brief History of Skype’s Security Vulnerabilities..25 9. Appendix B: Registry and Config Settings for Skype on Windows.... 28 10. References .....................................................31
©
Bert Hayes
SA
NS
Ins titu
te
20
08 ,
Au
tho
1. Network Utilization............................................ 9
rr
eta
ins
ful l
2
Author retainsfull rights.
1. Introduction...................................................... 3
© SANS Institute 2008,
rig
Table of Contents
hts
Skype: A Practical Security Analysis
.
Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46
©
Bert Hayes
SA
NS
Ins titu
te
20
08 ,
Au
tho
rr
eta
ins
ful l
3
© SANS Institute 2008,Author retains full rights.
rig
hts
Skype: A Practical Security Analysis
.
Skype is communications software that allows users to communicate with each other in
(Peer to Peer) network rather than routing all communications packets through a central server. Skype is designed to work out of the box on modern networks, and has no problems working behind a NAT (Network AddressTranslation) device or other firewalls. Because of its decentralized architecture, Skype makes extensive use of strong encryption, making casual
Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46
combination of Skype's encryption and its binary only, closed-source nature make it a black box, or complete unknown that has no place being on a well-maintained network. While these are allvalid concerns, they should be considered in the context of local network policies
well-managed environment can mitigate these risks.
©
Bert Hayes
SA
and weighed against the benefits that Skype can provide. In many cases running Skype in a
NS
Ins titu
inherent ability to traverse firewalls is a security risk. And some administrators feel the
te
use has shown that itcan be a bandwidth hog. Other administrators fear that Skype's
20
Many network and systems administrators take a dim view of Skype because historical
08 ,
eavesdropping or impersonation all but impossible.
Au
tho
rr
eta
among other IM (Instant Messaging) applications in that Skype runs over a decentralized P2P
ins
real time using VOIP (Voice Over IP), video chat,...
Regístrate para leer el documento completo.