• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

Does Skype or any VOIP service make a system vulnerable?

F

Fraggable

Platinum Member
I'm a network admin of a small network, about 150 PCs with 1 Win 2003 server running Exchange 2003. I am technically a co-op employee so I'm still in the learning stages.

I have a user who wants me to install the Skype software on her laptop so she can do conference calls with a teacher who is overseas. I have no personal experience with VOIP software and don't really know how it works. I'm guessing it opens up a few ports on the local system and that's about it. What I'm wondering is how vulnerable the software makes the system. I'm pretty sure that the software would not pose any kind of a threat to the rest of the network or the server. We use the built-in Windows XP SP2 firewall on all clients as well as a firewall from Symantec on the server and whatever basic firewall services our 3Com internet filter/router offers.

Thanks for any insight.

EDIT: After reading the wiki on Skype, I'm more concerned:

The Skype communications system is notable for its broad range of features, including free voice and video conferencing, and its ability to use peer to peer (decentralized) technology to overcome common firewall and NAT problems.
Click to expand...

Not to mention it was founded by the Kazaa people...
 
First, I'm am NOT a VOIP expert.

I BELIEVE that Skype actually makes your PC part of a peer-to-peer network, and your PC performs a "Skype server" function. Also, Skype's encryption technology is NOT open, so nobody knows exactly how they do it.

Wikipedia: Skype
 
ANY network service/application opens you up to security concerns. It appears though, that you are doing your due diligence on understanding what risks you are enabling.


I think Skype is OK, but I've never sat down with a packet sniffer/security tools.


Scunia is a good place to look for vunlerabilities.
 
After reading the wiki on it, it appears that Skype is basically a P2P program that has no real protection on what's actually sent through its service. Sure it's encrypted so others can't see it but you can still share files and succ.

And apparently it can turn you into a 'supernode', making you a sort of server for other Skype users to use. You can't stop it from doing this.

I told the teacher no, I wasn't going to do it. I suggested Yahoo IM+Voice as an alternative.
 
Fraggable, from a computer security perspective, Skype is simply unacceptable. It's a big binary-only blob running an unknown and proprietary protocol that does a lot of talking to its source vendor and a lot of talking to unknown other systems on the Internet, possibly at high bandwidth. It should not be permitted on any network for a business or similar setting.

If your teacher wants to do conference calls with an overseas colleague, get them both a Linksys PAP2 and a Linksys BEFVP41. Set up a VPN from site to site using the BEFVP41s and then run VoIP over them with the PAP2s, and connect a POTS phone to it.
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top