On Mon, Dec 21, 2009 at 12:31:56PM -0000, Administrator wrote:
I have a rather specific problem: I need to block one specific skype user to contact or be contacted by ppl on the inside of my network.
This is not feasible. Skype's protocols are encrypted and allows proxying on several levels to enable communication through different network setups of varying complexity and/or through various access controls.
True. What might help you is a policy restriction on your employee's activities. The technical solution for a human problem doesn't work in this case (again).
You could back it up with some kind of automated detection. It doesn't have to be 100%, it just has to be believable. That way, people will know they shouldn't and believe they have a chance of getting caught if they do.
I believe (experts could correct me here) that skype uses the central servers for directory services and then establishes a direct PC - PC connection for the conversation. That direct link could be detected, even if the contents can't be read.
And there must be a way with skype to find the person's IP address, even if it changes.
Well it is not that easy. Anyway, to block a single user from using skype ... Perhaps talking to him will help more. Ciao, Marcus -- To unsubscribe, e-mail: opensuse-security+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-security+help@opensuse.org