I was just wondering if anyone has views on security issues with Skype.
Having read a few threads on the issue from various forums it would appear not to be totally safe.
As it appears to use a sort of P2P system (correct me if I’m wrong) would it be possible to receive nasties via this system?
I’m not sure whether the reports of this refer to just the speech side or video side; but I have seen unsubstantiated reports of people being infected in this way.
With CFP and BOClean running, as well as AV and AS, do you think it is a safe system to use.
I rarely use it and only switch it on when required.
I would assume that leaving it running in the background all the time could incease the risk, if there is one.
Your understanding of Skype is pretty much the same as mine, Mike. However, I do not use it, so I have no first-hand knowledge.
If I remember correctly (you can find stuff in the FW Help forums) Skype needs an Inbound Network Monitor rule to allow traffic, just like a p2p app. This of course is limited to certain port requirements, just like p2p.
While this obviously creates some risk, it’s not too great with a FW like CFP. However, that doesn’t address risk of viruses passed with the received transmissions. Is that really a risk? Logic alone says it probably is, just as with IM software. I’m sure there are regular patches. The need for up-to-date AV is obvious. CFP, again, will help protect by notifying you if there’s a hijack going on for Skype.
Turning off while not in use is definitely a good idea, simply because it makes sure that port remains inactive and closed.
Thanks Little Mac,
I did find one forum discussing it that said the way it worked was that if it could not connect with one port it would keep looking around for a port that was open, or one that it could open in order to make a contact.
That did sound a little worrying, but as I use it so rarely I suppose it’s a small risk.
Mike.
You’d need to specify the port (or ports, if different for each protocol) within Skype’s configuration. Then create Network Monitor rules to Allow those Protocols In to Destination Port whatever you picked in Skype.
The Application Monitor rule for Skype would need to be In/Out at the minimum (depending on your Alert Frequency level). If your AF Level is High (to include Port info) then you’d want separate In and Out rules for each Protocol, and specify the Destination Port on the In rules.
If you have a router, you’d want to do port forwarding as well.
All this would be to make sure that Skype doesn’t go looking for ports.
But that’s really getting more into a firewall discussion. I should be setting a better example, shouldn’t I?
