Friday, January 14, 2011

skype network monitoring

Can Skype chats be monitored/read by a internal network or sysadmin? Can I company store chats you make in skype and read them? I can't find a clear answer for this on the net. Also, are chat history files in skype encrypted/able to be read by someone without your skype login?

I hear skype is encrypted by default, and all chats and calls are protected, but I have heard people be told that "skype logs are kept and monitored" by their employer. Is this possible?

From serverfault $pageUsers[$entry.posts[0].author].name

  • According to some independent reviews, skype seemed to be secure circa 2005. You might assume that the government could get it if they wanted to.

    Google says China is monitoring.

    grawity : China has its own version of Skype.
    From Sam

  • There is a paper from the blackhat conference at http://www.blackhat.com/presentations/bh-europe-06/bh-eu-06-biondi/bh-eu-06-biondi-up.pdf which includes some interesting insights into the Skype protocol and the software itself.

    Maybe this gives you an overview of the problems with monitoring Skype traffic at network level.

    From $pageUsers[$post.author].name

  • Speculation aside, are you looking for what you can do in house or worried about what the government can do?

    If its in house so some way that you can monitor what employee's are saying over it, I've never been able to find anything that will do this. It also seems you must be logged into Skype to see chat history from the computer.

    So the only ways to monitor would be a screen monitor or key logger. Or block Skype due to security concerns. But then people can use any other number of secure chat programs as well.

    Skype is default like this but people can setup any number of other clients as well that are also secure and can't be monitor so if Skype is a concern due to lack of monitor you need to block all chat programs.

    From SpaceManSpiff

  • The initial problem of detecting Skype is in itself a rather difficult one.
    Skype, is it right for you? has description and paper references to the problem.
    Final notes from that link (which is a good read).

    So, the final questions, is Skype Spyware?
    In my opinion No. It does not contain spyware and never has.

    Is Skype useful?
    In my opinion Yes.

    Is Skype beneficial to my environment?
    Is it? That’s a determination that only you can make.
    Do your clients sit behind NAT, Firewalls, and/or proxies?
    Then they won’t be supernodes or Relay nodes. They are just clients.

    Do you have a requirement to monitor all IM, file transfers, and/or voice calls?
    If so, Skype is hard. It’s encrypted.

    Once you figure out Skype is active, intercepting the traffic is a much more complicated problem.

    From nik
Posted by Mu Cat at 6:02 AM

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)