Do you **currently** have any visibility into SSL traffic in your environment?
*ASB *(My XeeSM Profile) <http://XeeSM.com/AndrewBaker> *Exploiting Technology for Business Advantage...* * * On Fri, Dec 31, 2010 at 2:01 AM, Kurt Buff <kurt.b...@gmail.com> wrote: > True, but... > > As I'll keep hammering on - the traffic for other apps is much more > transparent than that for skype, and NIDS systems, such as snort, > etc., can help with the other apps, but absolutely cannot help with > skype. > > Kurt > > On Thu, Dec 30, 2010 at 21:28, Andrew S. Baker <asbz...@gmail.com> wrote: > >>>It's also precisely how exploitations begin, not merely DoSes. > > > > Well then, it's a good thing that none of the other software we > > use ever behaves like that. > > > > ASB (My XeeSM Profile) > > Exploiting Technology for Business Advantage... > > > > > > > > On Thu, Dec 30, 2010 at 11:29 PM, Kurt Buff <kurt.b...@gmail.com> wrote: > >> > >> It's also precisely how exploitations begin, not merely DoSes. > >> > >> On Thu, Dec 30, 2010 at 14:51, Andrew S. Baker <asbz...@gmail.com> > wrote: > >> >>>Really? A delay in response causes a crash in client software? > Really? > >> > Isn't that precisely how a DoS works? > >> > Did you read the whole article or just the summary? The "client" > >> > software, as you noted before, is operating in P2P mode, so it is both > >> > client and server software, depending on the type of activity being > >> > performed at that time. > >> > While a regrettable problem, it wasn't inconceivable that something > like > >> > this could happen if things lined up right. > >> > > >> > ASB (My XeeSM Profile) > >> > Exploiting Technology for Business Advantage... > >> > > >> > > >> > > >> > On Thu, Dec 30, 2010 at 5:02 PM, Kurt Buff <kurt.b...@gmail.com> > wrote: > >> >> > >> >> Oh, and I just saw this: > >> >> > >> >> http://blogs.skype.com/en/2010/12/cio_update.html: "On Wednesday, > >> >> December 22, a cluster of support servers responsible for offline > >> >> instant messaging became overloaded. As a result of this overload, > >> >> some Skype clients received delayed responses from the overloaded > >> >> servers. In a version of the Skype for Windows client (version > >> >> 5.0.0152), the delayed responses from the overloaded servers were not > >> >> properly processed, causing Windows clients running the affected > >> >> version to crash." > >> >> > >> >> Really? A delay in response causes a crash in client software? > Really? > >> >> > >> >> I'm glad it's fixed in the newest versions, but wow... > >> >> > >> >> Now, I must qualify my concern - I don't care nearly as much about > >> >> skype on phones - they're not going to live on my production network, > >> >> and phones running Good software have corporate data relatively well > >> >> protected. Smartphones will live on a guest network. It's the > >> >> workstations I'm concerned about. > >> >> > >> >> Kurt > >> >> > >> >> On Thu, Dec 30, 2010 at 12:25, Andrew S. Baker <asbz...@gmail.com> > >> >> wrote: > >> >> > What's your main concern with Skype? > >> >> > What aspect of security is your focus? > >> >> > > >> >> > ASB (My XeeSM Profile) > >> >> > Exploiting Technology for Business Advantage... > >> >> > > >> >> > > >> >> > > >> >> > On Thu, Dec 30, 2010 at 3:15 PM, Kurt Buff <kurt.b...@gmail.com> > >> >> > wrote: > >> >> >> > >> >> >> This is pretty old, but I'm now being forced to allow skype on our > >> >> >> network, and I'm pretty unhappy about it.. > >> >> >> > >> >> >> Ken, is your firm still allowing skype, and if so, can you speak > to > >> >> >> what your security folks did to make themselves happy about > allowing > >> >> >> skype? > >> >> >> > >> >> >> Has anyone else here done a security review that gave them a > >> >> >> decision > >> >> >> one way or the other about allowing it? > >> >> >> > >> >> >> Kurt > >> >> >> > >> >> >> On Thu, Jan 15, 2009 at 08:12, Ken Cornetet > >> >> >> <ken.corne...@kimball.com> > >> >> >> wrote: > >> >> >> > We are deploying it here to a few users. > >> >> >> > > >> >> >> > > >> >> >> > > >> >> >> > I’m using group policy to turn off being a supernode, downloads, > >> >> >> > listening > >> >> >> > on tcp ports, and 3rd party access to the Skype API. > >> >> >> > > >> >> >> > > >> >> >> > > >> >> >> > Our security folks reviewed it and are happy. > >> >> >> > > >> >> >> > > >> >> >> > > >> >> >> > From: Tim Evans [mailto:tev...@sparling.com] > >> >> >> > Sent: Thursday, January 15, 2009 11:01 AM > >> >> >> > To: NT System Admin Issues > >> >> >> > Subject: Skype > >> >> >> > > >> >> >> > > >> >> >> > > >> >> >> > Has anyone looked at Skype recently? We’ve got a client that > >> >> >> > wants > >> >> >> > us > >> >> >> > to > >> >> >> > use Skype for communications with them. I’ve always been a > little > >> >> >> > leery > >> >> >> > of > >> >> >> > using them in a business environment, but looking at it now, I > see > >> >> >> > they > >> >> >> > have > >> >> >> > a MSI download for easy deployment and a group policy template > for > >> >> >> > central > >> >> >> > administration of settings. It all looks pretty cool. While the > >> >> >> > security > >> >> >> > guy > >> >> >> > in me wants to say no, I’m having a hard time finding a reason > not > >> >> >> > to > >> >> >> > say > >> >> >> > OK. > >> >> >> > > >> >> >> > > >> >> >> > > >> >> >> > I’m curious what the members of this esteemed group think about > it > >> >> >> > > >> >> >> > > >> >> >> > > >> >> >> > > >> >> >> > > >> >> >> > …Tim > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin