Skype

I am forced to allow skype on my business network. :-(

I created a dedicated socks server for skype. The problem is even though you provide a socks server to Skype, it will still try to go on the internet directly when a socks connection is established.

This generates thousands of logs on the firewalls, making the firewall log reading impossible.

I'm using Cisco PIX.

Any solution for not logging Skype activity or forcing Skype to use the Socks server only?

Thank you.

Reply to
choowie
Loading thread data ...

could you tall how you block skype on pix firewall ?

Reply to
Tomek W.

I forbid direct Internet access. Internet acces goes thru a filtering proxy. Skype access through this proxy doesn't work.

Reply to
choowie

Skype is one of those applications that does not work through proxies, and does not work over firewalls. You will have to find a way to allow Skype to use direct internet access. I have to turn off my firewall if I want to use Skype.

Reply to
Charles Newman

I haven't used Skype for a while, but it's installed here, recently updated and the last time I used it, I had no problem going through two firewalls (Windows Firewall + Look 'n' Stop) and a router with it.

Does Skype on your system complain about not being able to access the net?

Tom

Reply to
Tom Hall

What kindaa of Proxy are you using..... And what kindaa logging did you enabled or skypes logs are for which level.

CK

Tom Hall wrote:

Reply to
NETADMIN

No proxy here - and AFAIK Skype doesn't log anything. I use it so seldom it's hardly worth bothering to look :-)

Tom

Reply to
Tom Hall

Skype works fine behind a firewall or router or whole bunch of them. But you must know what your firewalls are blocking and provide an unblocked port for Skype to use.

First make sure you install the latest version of Skype; there are frequent updates.

Then go through all your Skype configuration settings. The one you MUST pay careful attention to is this one:

Tools - Options - Connection - "Use Port xxxxx for incoming connections"

Skype will suggest a randomly-selected port. But you can specify any port you want to use. (It does NOT have to be the same as the port used by anyone you call.)

The trick is to specify a port your firewall is not blocking! This port is used to improve the sound quality of your Skype conversations.

For security reasons, there is no one standard port used by Skype. I suggest you use one of the obscure, higher numbered ports, but I will NOT recommend one to you! You can choose a port up to 65536 ! If you want to learn more about common port assignments, do a Google search. Gibson's website may also provide some useful information:

formatting link

But you really do NOT have to do this research. Just pick a port number and make sure you don't block it in your firewall settings!

You can also check the box right after: "Use port 80 and 443 as alternatives for incoming connections". If you do, you obviously do not want your firewalls to block these ports.

Then choose, "Automatic proxy detection", unless you have a special reason to select one of the other choices and know what you are doing.

I hope this helps you and clears up the mystery. Skype is really very easy to use. And it's fun too!

Survivor @ Ground.Zero

Reply to
Survivor

What a bullshit.

Even more bullshit. Please read the Services table from IANA.

Now I wonder if you can even outnumber this big bullshit.

And it's a trojan, a black box, a known security vulnerability, a technical back-evolution and utterly useless.

Reply to
Sebastian Gottschalk

Sebastian Gottschalk, you are a classic moronic troll. People ask for help and you respond with irrelevant comments. No one asked for your poorly expressed opinions.

I haven't said anything about whether Skype is good or bad, I just explained how to get it working. Anyone who wants opinions about whether or not it is a security risk can read about it after doing a Google search.

I have. But I'm not going to debate you. I'm plonking you; three months in the penalty box for rudeness; I can't be bothered to deal with rants from the likes of you.

Gee, I'm really awed by your large vocabulary.

Yeah, sure. Right. Go ahead; give your money to the phone companies.

But first, learn some manners. And let the rest of us make our own decisions.

Survivor @ Ground.Zero

Reply to
Survivor

Well, you were the one who claimed that choosing a port that seems to be unknown to an attacker would provide any security. Well, exactly 16 Bits (because there're only 65535 ports per TCP or UDP session). And that's basically nothing. No security. And this is not just an opinion, it's a well-known fact. So you're talking nonsense.

I'm not awed by your long introduction line. Or your long list of broken headers.

Geez, you don't even know SIP.

Huh, I'd hate my parents for such a stupid prename.

Reply to
Sebastian Gottschalk

formatting link

Reply to
David Smith

I have to keep Windows firewall off, becuase some Flight Sim addons cannot work with it, I just have Tiny on the gateway machine.

Reply to
Charles Newman

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.