Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: [ Capture Skype trafic ]
From: gabriel rosenkoetter <gr () eclipsed net>
Date: Sat, 28 Oct 2006 11:53:27 -0400

On Sat, Oct 28, 2006 at 11:24:40AM +0200, Cedric Blancher wrote:
Have you ever header of Skype API that basicly allows two application to
communicate on top of Skype network, thus inheriting Skype resilience,
encryption, obfuscation and firewall punching capapbilities ?

I don't see how this isn't still an HR problem.

Unless you're concerned about infected systems communicating in this
way as part of a zombie network? In that case, your vector to fix it
is dealing with your broken virus checking.

Setting up network filtering to keep your internal users from doing
something, rather than persuading them that they should not do that,
will never, ever work.

gabriel rosenkoetter
gr () eclipsed net

Attachment: _bin

Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]