Skype firewall technology unveiled
-
-
Skype has been a nightmare to many IT administrators. Hopefully, an article from
Britishsecurity magazine Heise Security could help them prevent the VoIP peer-to-peer client to get round firewalls so easily. “The reason for this is that the inventors of Skype and similar software have come up with a solution,” said the article.“The trick used by VoIP software consists of persuading the firewall that a connection has been established, to which it should allocate subsequent incoming data packets. The fact that audio data for VoIP is sent using the connectionless UDP protocol acts to Skype’s advantage. In contrast to TCP, which includes additional connection information in each packet, with UDP, a firewall sees only the addresses and ports of the source and destination systems. If, for an incoming UDP packet, these match an NAT table entry, it will pass the packet on to an internal computer with a clear conscience.”
After some enlightening explanations, the British security company gave some recipe to whoever wants to punch holes in their firewall system. The process requires some tools, hping2 and netcat, that can be found in most Linux distributions, and asks for some patience.
Dec 18, 2006 | By Nuno
2 comments
-
-
-
- Stay in sync'
- Full content
- Content tagged VoIP
-
-
-
Heise is not British, it is a publishing house located in Germany.
Moondog, thanks a bunch. Can’t believe I can’t made such a stupid mistake.