dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
102
share rss forum feed


Sentinel
Premium
join:2001-02-07
Florida
kudos:1
reply to Cudni

Re: Tighten up Skype?

I saw that setting but I guess I didn't understand it. It appears as though it does not use any particular port. What I get from that seems to be that you can set it to use whatever port you want it to use. If so then I guess I can set it to what ever I want and then set the firewall rule accordingly.

But that is for incoming it appears. I was wondering about outgoing too. Could it be that is uses the same port for both?


EGeezer
zichrona livracha
Premium
join:2002-08-04
Midwest
kudos:8
Reviews:
·Callcentric
After reading the link and seeing the screenshot, It's clear that you can set an incoming fixed port number of your choice. I'd also disable uPnP and leave it off unless it disables any required Skype function.

Personally, I prefer to let Skype assign a random ephemeral port. That essentially makes it a moving target for port scanners.

I don't know if application filters on higher end IDS and firewall products can filter/pass the proprietary Skype protocols. Perhaps someone can help on that...
--
Buckle Up. It makes it harder for the aliens to suck you out of your car.


Sentinel
Premium
join:2001-02-07
Florida
kudos:1
Thanks. I did uncheck that UPnP box. Doesn't seem to do anything that I can see so I will leave it that way.

For now I just created a rule for it with no port defined but I disable it when I am not using Skype. I don't use it that often so hopefully this will be sufficient.


AVD
Respice, Adspice, Prospice
Premium
join:2003-02-06
Onion, NJ
kudos:1
the email I use for skype has apparently leaked out, use a throwaway email to sign up to the service.
--
* seek help if having trouble coping
--Standard disclaimers apply.--


Name Game
Premium
join:2002-07-07
Grand Rapids, MI
kudos:7
reply to Sentinel
Skype when used with UPNP turned on (on both the router and in Skype) will not close open ports on exit. skype uses uPnP to open a port in the router it NEVER closes that port when skype shuts down. This is quite a large security risk and in most cases uPnP is not needed by skype and can/should be disabled. There are a few cases that due to network config skype will need the uPnP as it's only option to communicate to the client but this is the exception and not the rule.
--
Gladiator Security Forum
»www.gladiator-antivirus.com/


Dustyn
Premium
join:2003-02-26
Ontario, CAN
kudos:11
said by Name Game:

Skype when used with UPNP turned on (on both the router and in Skype) will not close open ports on exit. skype uses uPnP to open a port in the router it NEVER closes that port when skype shuts down. This is quite a large security risk and in most cases uPnP is not needed by skype and can/should be disabled. There are a few cases that due to network config skype will need the uPnP as it's only option to communicate to the client but this is the exception and not the rule.

Is that because Skype is being terminated without closing out the program correctly? Or is the application not fully UPnP compatible? When an application is exited gracefuly, those ports are then supposed to be closed. But I guess those programs aren't going to wait around forever for your router to respond that ports have been successfully closed.
--
Remember that cool hidden "Graffiti Wall" here on BBR? After the name change I became the "owner", so to speak as it became: Dustyn's Wall »[Serious] RIP


Name Game
Premium
join:2002-07-07
Grand Rapids, MI
kudos:7