UDP Hole Punching - a problem?

Came across this article today about how Skype punches holes in firewalls to operate -


Since the first Network Control Rule allows any UDP out, does this make us susceptible to an attack through this technique?

Well with a software firewall it is aware of the Application part of the ISO model, since this is the case if you block skype at the application level then it will not be able to connect.

This is more aimed at routers/firewalls that are not aware of which application is trying to access the internet.

cheers, rotty

Thanks rotty!

Reading the article again, I see it does relate to router firewalls.

Thanks for the quick reply! I should have known Comodo had me covered…


Any virus or trojan can poke a hole in any router firewall simply by connection out through the http port in use, which can be retrieved in the registry from internet explorer (-:

cheers, rotty