Quoting Matt Jonkman ([EMAIL PROTECTED]): > What these vendors may be doing it trying to block access to centralized > login or directory servers by known IP ranges... I don't know if that'll > be completely effective. >
If I understand the protocol correctly, central servers are contacted only on a first run (after install). I(D|P)S systems can have sigs with IP addresses of those servers, but if user X installs Skype client on his corp. laptop at home... it doesn't help much. -- .signature: No such file or directory ------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more. ------------------------------------------------------------------------
