cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
mardes
Level 7
Report Inappropriate Content
Message 1 of 5

New infos for Skype detection with MWG7 proxy?

Hello!

I wonder if there are new infos concerning  Skype detection in a MWG7 proxy based internet connection.

We need a solution for allowing  Skype through MWG (V7.2.0.8)  proxy   for some users.

Because Skype has some typical network behaviour even in proxy environment and

since most network based (NG-) firewalls can detect skype traffic I think it should be possible to solve this.

In the moment we use a very simple SSL-Scanner ruleset part for Skype separation:

Skype-Rule.bmp

Membership of group PowerUsers comes from  NTLM authentication.

Of course, this disables SSL scanning for more than just Skype connections.

Is there a better solution?

Best regards,

Michael Ardes

4 Replies
McAfee Employee jscholte
McAfee Employee
Report Inappropriate Content
Message 2 of 5

Re: New infos for Skype detection with MWG7 proxy?

Hi Michael,

Making the assertion that any request made by IP address is skype is not a good idea. This is especially true in transparent setups.

In the past I have posted about this previously, but the cleanest way to know if a request is coming from skype is to direct it to a separate proxy port.

Here is an example ruleset I have offered:

ftp://ftp.support.securecomputing.com/outgoing/skype-proxy.zip

As far as detecting the traffic, at the moment MWG cannot differentiate between skype SSL and normal SSL. Skype SSL is a broken version of normal SSL (from what I understand).

Best,

Jon

Re: New infos for Skype detection with MWG7 proxy?

How prevent this solution the use of the Skype port by normal https traffice which is manual entered in internet options?

McAfee Employee smasnizk
McAfee Employee
Report Inappropriate Content
Message 4 of 5

Re: New infos for Skype detection with MWG7 proxy?

As FTP link become invalid I've reupload this rule set to ftp://ftp.webwasher.com/pub/MWG/skype-proxy.zip

-Sergej

Re: New infos for Skype detection with MWG7 proxy?

Hello, it works? I have the same issue and I cannot find a solution