mailing list archives
Re: [ Capture Skype trafic ]
From: Nick FitzGerald <nick () virus-l demon co uk>
Date: Mon, 30 Oct 2006 12:28:30 +1300
I need to match it on a gate, and I haven't found any "usefull" informations.
And I think you should realize by now _why_ you have not found such a
solution. By design, Skype should outrun such an approach. Thus, _if_
you are going to (somewhat/largely) beat it _with a technical solution_
you will need better control of the desktops. No more "local admin"
rights for those who really do not need it (most folk in most
companies, and most of them that _really_ do should only need it on
development and test machines that defintely should not have Internet
access, at least most of the time), no more "power user" rights for the
same reasons, etc, etc.
Yes, this will expose the excessive crappiness of most of the software
that your current obviously totally shambolic "IT infrastructure"
depends on, but that is a good thing, as in solving those problems,
you'll automatically remove an awful lot of your other IT problems,
many of which you were not previously aware of the scale (or even
existence) of and many of which you had no iea were actually related to
security and systems design...
_If_ management is sold on the idea that it _must_ deal with Skype,
this may be your best yet (even only) chance to get management sign-off
on actually designing a meaningful security policy _AND_ implementing
the proper enforcement of it.
Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia - http://secunia.com/
Re: [ Capture Skype trafic ] Fabian Wenk (Oct 29)