[VOIPSEC] FW: How to monitor Skype usage on network
Enno Ewers
ewers at hisolutions.com
Tue Jun 13 06:40:39 CDT 2006
Skype monitoring might prove difficult, as the protocol is proprietary
and no fixed ports or addresses are used. You might be able to find out
that there _is_ skype traffic in your network and detect the client
node, but you'll have trouble identifying the volume.
Anyway, there is a rather nice paper detailing some of the internals of
skype, published in March at BlackHat Europe: "Silver Needle in the
Skype", http://www.secdev.org/conf/skype_BHEU06.pdf
See slide 89 for an idea of how to identify specific parts of skype
traffic with Linux iptables.
Also, this paper: http://luca.ntop.org/VoIP.pdf ("Open Source VoIP
Traffic Monitoring") talks about measuring Skype traffic with ntop
(ntop.org). You'll probably still need the current CVS version of ntop
(haven't checked).
Enno
Raul Carr schrieb:
>Can someone provide me with any info on
>
>how to monitor Skype usage on an internal network.
>
>
>
>Thanks,
>
>Raul
>
>
>
>
>
>_______________________________________________
>Voipsec mailing list
>Voipsec at voipsa.org
>http://voipsa.org/mailman/listinfo/voipsec_voipsa.org
>
>
--
Enno Ewers
Security Consultant
We secure your business.(TM)
_______________________________________________________
HiSolutions AG Phone: +49 30 533289-0
Bouchestrasse 12 Fax: +49 30 533289-99
D-12435 Berlin Internet: http://www.hisolutions.com
_______________________________________________________
More information about the Voipsec
mailing list