Can somebody explain to me why our firewall logs are full of entries
from skype clients even when they're not being used. The program tries
to connect directly to several sites :
lutn.cable.ntl.com
newt.blueyonder.co.uk
quicknet.nl
onocable.ono.com
webspeed.dk
etc...
Is this a threat to the security of the client ?
If it is can it be stopped ?
<viperdudeuk@gmail.com> wrote in message
news:1130496612.388955.81360@z14g2000cwz.googlegro ups.com...
> Because Skype is peer to peer so even when your not using your
> bandwidth other Skype users are.
>
What for?
Shurely, if someone calls another Skype user, the traffic will go directly
from A->B?
Well you would have thought so. Nobody knows how Skype truely works
apart from Skype as its closed source. Additionally the traffic is
encryted. However the perceived wisdom I have read online is that it
consumes your bandwidth for stuff other than your own use. If you look
into it more closely there are Skype users who are nodes and super
nodes. If you have become a super node then ordinary uses will be using
some of your bandwidth to register with skype.
<viperdudeuk@gmail.com> wrote in message
news:1130506436.925055.292550@g49g2000cwa.googlegr oups.com
> Well you would have thought so. Nobody knows how Skype
> truely works apart from Skype as its closed source.
> Additionally the traffic is encryted. However the
> perceived wisdom I have read online is that it consumes
> your bandwidth for stuff other than your own use. If you
> look into it more closely there are Skype users who are
> nodes and super nodes. If you have become a super node
> then ordinary uses will be using some of your bandwidth
> to register with skype.
>
> Take a look at this
>
> http://arxiv.org/ftp/cs/papers/0412/0412017.pdf
>
> I choose not to run skype as I dont trust software that
> is allowed to take over my bandwidth for other users.
Cobblers. How can an ordinary end user's bandwidth be used for anything
except communications between that user and their ISP..?
On Fri, 28 Oct 2005 15:00:04 +0100, Ivor Jones wrote:
>
>
> <viperdudeuk@gmail.com> wrote in message
> news:1130506436.925055.292550@g49g2000cwa.googlegr oups.com
>> Well you would have thought so. Nobody knows how Skype
>> truely works apart from Skype as its closed source.
>> Additionally the traffic is encryted. However the
>> perceived wisdom I have read online is that it consumes
>> your bandwidth for stuff other than your own use. If you
>> look into it more closely there are Skype users who are
>> nodes and super nodes. If you have become a super node
>> then ordinary uses will be using some of your bandwidth
>> to register with skype.
>>
>> Take a look at this
>>
>> http://arxiv.org/ftp/cs/papers/0412/0412017.pdf
>>
>> I choose not to run skype as I dont trust software that
>> is allowed to take over my bandwidth for other users.
>
> Cobblers. How can an ordinary end user's bandwidth be used for anything
> except communications between that user and their ISP..?
>
> Ivor
These are from the skype knowledgebase:
----------------------
Is Skype secure?
Yes. When you call another Skype user your call is encrypted with strong
encryption algorithms ensuring you privacy. In some cases your Skype
communication may be routed via other users in the peer-to-peer network.
Skype encryption protects you from potential eavesdropping from malicious
users.
----------------------
Skype is encrypted end-to-end because it uses the public Internet to
transport your voice calls and text messages and sometimes these calls are
routed through other peers. Skype encryption ensures that no other party
can eavesdrop on your call or read your instant messages.
---------------------
It would seem from the above that your calls are likely to go via another
users copy of skype, and therefore that your copy of skype may route calls
between other users. The faq also mentions that the directory is stored
in a p2p network and that the background traffic for this is about 0.5KB/s.
"Steven Sumpter" <ssumpter@gmail.com> wrote in message
news:pan.2005.10.28.14.23.17.782852@gmail.com
[snip]
> It would seem from the above that your calls are likely
> to go via another users copy of skype, and therefore that
> your copy of skype may route calls between other users.
> The faq also mentions that the directory is stored in a
> p2p network and that the background traffic for this is
> about 0.5KB/s.
>
> Steve.
Fair enough, I only ever fire it up if I specifically want to talk to
someone who I know uses it, I never leave it running.
> No calls are *ALWAYS* from point A to B direct. However the presence
> and registration traffic can go via supernodes.
I draw your attention to this quote taken directly from Skypes own web
site:
"Skype is encrypted end-to-end because it uses the public Internet to
transport your voice calls and text messages and *sometimes these calls
are routed through other peers.*"
"saf" <scottfindlay@hotmail.com> wrote in message
news:1130512429.738473.112200@f14g2000cwb.googlegr oups.com...
> Thanks for your comments, but I still don't understand why the software
> is trying to communicate when your not having a conversation.
>
What Peer to Peer means is, instead of a load of central servers, the
traffic is routed via other people using their PC and connection. - The
servers (every Skype client) are then everywhere - so it saves their
bandwidth (and makes the infrastructure a lot more resilient.
<viperdudeuk@gmail.com> wrote in message
news:1130510275.384688.320010@g49g2000cwa.googlegr oups.com
> Check your facts:
>
> 1, Calls are direct A -> B
>
> 2. IM are direct A -> B
>
> 3. If you are a super node then you are used by Skype for
> helping to register other users and to maintain presence.
>
> You can become a supernode if you have a publicly
> available IP.
Isn't everybody's IP address publicly available..? How else would you be
able to communicate at all..?
In article <1130510275.384688.320010@g49g2000cwa.googlegroups .com>, viperdudeuk@gmail.com <viperdudeuk@gmail.com> writes
>Check your facts:
>
>1, Calls are direct A -> B
>
>2. IM are direct A -> B
>
>3. If you are a super node then you are used by Skype for helping to
>register other users and to maintain presence.
>
>You can become a supernode if you have a publicly available IP.
>
If you have a publicly available IP, can you choose whether or not to
become a supernode?
--
Thoss
[It would be nice to get the context in which you are posting. I
believe google does provide an option for quoting. Please correct me if
I am mistaken about this.]
On 2005-10-28, saf <scottfindlay@hotmail.com> wrote:
>
> Thanks for your comments, but I still don't understand why the software
> is trying to communicate when your not having a conversation.
There is an enormous amount of information about this in the forums at www.skype.com. Here is one example:
On 2005-10-28, Ivor Jones <ivor@despammed.invalid> wrote:
>
>
> "Steven Sumpter" <ssumpter@gmail.com> wrote in message
> news:pan.2005.10.28.14.23.17.782852@gmail.com
>
> [snip]
>
>> It would seem from the above that your calls are likely
>> to go via another users copy of skype, and therefore that
>> your copy of skype may route calls between other users.
>> The faq also mentions that the directory is stored in a
>> p2p network and that the background traffic for this is
>> about 0.5KB/s.
>>
>> Steve.
>
> Fair enough, I only ever fire it up if I specifically want to talk to
> someone who I know uses it, I never leave it running.
It doesn't matter. Running the software for a long or a short time
still makes your computer and bandwidth available to other Skype users.
"Brian" <bandj@o2.co.uk> wrote in message
news:djtt65$ihm$2$8300dec7@news.demon.co.uk
> On 2005-10-28, Ivor Jones <ivor@despammed.invalid> wrote:
[snip]
> > Fair enough, I only ever fire it up if I specifically
> > want to talk to someone who I know uses it, I never
> > leave it running.
>
> It doesn't matter. Running the software for a long or a
> short time still makes your computer and bandwidth
> available to other Skype users.
On 2005-10-28, Ivor Jones <ivor@despammed.invalid> wrote:
>
>> > Fair enough, I only ever fire it up if I specifically
>> > want to talk to someone who I know uses it, I never
>> > leave it running.
>>
>> It doesn't matter. Running the software for a long or a
>> short time still makes your computer and bandwidth
>> available to other Skype users.
>
> While I'm not using it..? How..?
If skype is 'fired up' and you have a connection to the internet you
are using it. Your computer then agrees to participate in routeing
traffic on the skype network.
If you are asking me how this is done technically then I could only
speculate. Skype is a closed and proprietary system so you would have
to seek an answer from its developers.
"Brian" <bandj@o2.co.uk> wrote in message
news:dju81j$326$1$8302bc10@news.demon.co.uk
> On 2005-10-28, Ivor Jones <ivor@despammed.invalid> wrote:
> >
> > > > Fair enough, I only ever fire it up if I
> > > > specifically want to talk to someone who I know
> > > > uses it, I never leave it running.
> > >
> > > It doesn't matter. Running the software for a long
> > > or a short time still makes your computer and
> > > bandwidth available to other Skype users.
> >
> > While I'm not using it..? How..?
>
> If skype is 'fired up' and you have a connection to the
> internet you are using it. Your computer then agrees to
> participate in routeing traffic on the skype network.
As I said, I only run up the program when I want to use it to make a call.
Once I end the call I close the program. Are you saying Skype can use my
bandwidth even when the software is not running..? That's an interesting
feat.
"JC" <nospam@nospam.comm> wrote in message
news:ivg5m1puufoc8kg1jhdml4g4o1ujkftkl3@4ax.com
> On Fri, 28 Oct 2005 15:00:04 +0100, "Ivor Jones"
> <ivor@despammed.invalid> wrote:
>
> > Cobblers. How can an ordinary end user's bandwidth be
> > used for anything except communications between that
> > user and their ISP..?
>
> Ummm, it's how the internet works, rightly or wrongly.
> Anyone can (potentially) send traffic to anyone else,
> even unwanted traffic.
Via my system, when it's not running..? Now that's what I call clever.
"JC" <nospam@nospam.comm> wrote in message
news:ivg5m1puufoc8kg1jhdml4g4o1ujkftkl3@4ax.com...
> On Fri, 28 Oct 2005 15:00:04 +0100, "Ivor Jones"
> <ivor@despammed.invalid> wrote:
>
>>Cobblers. How can an ordinary end user's bandwidth be used for anything
>>except communications between that user and their ISP..?
>
> Ummm, it's how the internet works, rightly or wrongly. Anyone can
> (potentially) send traffic to anyone else, even unwanted traffic.
Very true, however there wouldn't be any point in doing so as the
PC/router/etc would just ignore it if Skype wasn't running, so it would soon
stop trying!
On 2005-10-29, Ivor Jones <ivor@despammed.invalid> wrote:
>
> As I said, I only run up the program when I want to use it to make a call.
> Once I end the call I close the program. Are you saying Skype can use my
> bandwidth even when the software is not running..? That's an interesting
> feat.
Initially I wrote:
>> > > It doesn't matter. Running the software for a long
>> > > or a short time still makes your computer and
>> > > bandwidth available to other Skype users.
Are the first three words in the second sentence ambiguous?
Then I followed up with:
>> If skype is 'fired up' and you have a connection to the
>> internet you are using it. Your computer then agrees to
>> participate in routeing traffic on the skype network.
'If skype is 'fired up'' could be interpreted as 'If the software is
running', but I'm open to persuasion should there be an alternative
meaning.
If there is any feat to marvel at here it is one that endows my words
with a completely opposite meaning.
On 28 Oct 2005 08:13:49 -0700, "saf" <scottfindlay@hotmail.com> wrote:
>Thanks for your comments, but I still don't understand why the software
>is trying to communicate when your not having a conversation.
Something has to keep a register of where each user is, and a register
of all users who are not currently logged on. As this is a p2p
application, it seems pretty obvious that this "something" is the
computers of other users.
That seems fair enough to me. Either you do your share of the chores,
or you pay a line rental for some server to do it for you.
--
Visit the Hairydog Guide to Mobile Phones http://www.hairydog.co.uk/cell1.html
> Something has to keep a register of where each user is, and a
> register of all users who are not currently logged on. As this is a
> p2p application, it seems pretty obvious that this "something" is
> the computers of other users.
>
> That seems fair enough to me.
Yes: if the computer is your own, and your network provider allows you
to dedicate some of their bandwidth to third parties, then fair
enough.
> Either you do your share of the chores,
> or you pay a line rental for some server to do it for you.
Indeed. But if, for example, you're on a university campus and
connected to their network, then you'd have no authority to "sell-on"
the campus resources in this way. Even though the "sale" is not for
money but for VoIP services. This is something which has caused quite
a lot of friction on some campuses (not only our own).
VoIP services which use a different service model are by no means
excluded in this way, but Skype seems to be a particular problem, for
the reason that you indicate. In this situation, the end user simply
has *no authority* to consent to the Skype terms and conditions of
service, in so far as it relates to resources which are not the user's
own. (Routine disclaimer: IANAL and that was not legal advice.)
On Sat, 29 Oct 2005 01:56:54 +0100, "Sparks" <postmaster@127.0.0.1>
wrote:
>Very true, however there wouldn't be any point in doing so as the
>PC/router/etc would just ignore it if Skype wasn't running, so it would soon
>stop trying!
I've seen buggy VoIP systems remotely flood an end users ADSL line
even when their PC and phones were switched off and completely
disconnected. It's also the method used for DDoS attacks which is what
we suspected at first.
If they'd been on a pay per byte broadband service they'd have had a
very very large bill...
On Sat, 29 Oct 2005 01:38:56 +0100, "Ivor Jones"
<ivor@despammed.invalid> wrote:
>> Ummm, it's how the internet works, rightly or wrongly.
>> Anyone can (potentially) send traffic to anyone else,
>> even unwanted traffic.
>
>Via my system, when it's not running..? Now that's what I call clever.
If there's something connected to a line (such as a powered on router)
then potentially yes, though it would take a security hole or
incorrect config to enable you to be used as a third party relay.
With a PC connected and proprietary software such as Skype installed
anything's possible.
On Sat, 29 Oct 2005 16:01:15 +0100, "Alan J. Flavell"
<flavell@ph.gla.ac.uk> wrote:
>Indeed. But if, for example, you're on a university campus and
>connected to their network, then you'd have no authority to "sell-on"
>the campus resources in this way.
That's not Skype's fault. Your users are misusing your resources.
However, if it is affecting your university's connectivity, perhaps
there is a serious problem somewhere.
--
Visit the Hairydog Guide to Mobile Phones http://www.hairydog.co.uk/cell1.html
Skype bypasses proxy 
Linear Mode
