?
Solved

how to block Skype

Posted on 2010-09-21
6
Medium Priority
?
1,984 Views
Last Modified: 2013-11-09
hi experts ,

i have an issue here...i need to block Skype ports because all the people at the firm spend hrs in Skype...My boss of course doesnt understand that they save our company money..so he wants to play deputy Dog so the order is given to block Skype...but how can i block it since it is using port 80 ? We are using websense web filter and ASA 5580 ( for FW).
Should i use a GPO and kill the skype.exe process ?

please help....why do people create software that runs on the most common port ??? what happen to the rest gazillion of ports ?

please help....( i am already checking at Monster.com for another Job)
0
Comment
Question by:c_hockland
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
6 Comments
 
LVL 12

Accepted Solution

by:
Chris Staunton earned 1336 total points
ID: 33726680
You can create a hash to kill the exe if launched.  Only problem is that you'll have to keep updating it when Skype releases updates.

Shooter
0
 
LVL 12

Assisted Solution

by:Chris Staunton
Chris Staunton earned 1336 total points
ID: 33726708
This might also help you out and is a much better solution.

Shooter



# Cisco equipment running IOS version 12.4 (4) T - This is the "free" option, provided your network uses Cisco gear and you have a service contract to get the latest IOS.

Cisco introduced in mid-2006 a Skype classification in NBAR.

To block Skype you do the following NBAR configuration (Source: Cisco Tips) which will drop Skype packets
and in fact any p2p application you want (limewire, kazaa, etc.):

class-map match-any p2p
match protocol skype

policy-map block-p2p
class p2p
drop

int FastEthernet0
description PIX-facing interface
service-policy input block-p2p
If you are unsure about the bandwidth eating applications being used in your organization. you can access the interface connected to the Internet and configure following command:
ip nbar protocol-discovery.
This will enable nbar discovery on your router.
Use following command:-
show ip nbar protocol-discovery stats bit-rate top-n 10
it will show you top 10 bandwidth eating applications being used by the users. Now you will be able to block/restrict traffic with appropriate QoS policy.

we can also use ip nbar port-map command to look for the protocol or protocol name, using a port number or numbers other than the well-known Internet Assigned Numbers Authority (IANA)-assigned) port numbers.

Usage as per cisco:-
ip nbar port-map protocol-name [tcp | udp] port-number

Up to 16 ports can be specified with this command. Port number values can range from 0 to 65535

- Block Skype using Group Policy (corporate environments)
0
 

Author Comment

by:c_hockland
ID: 33726857
ok the first part ...got it...

the second,,,, int FastEthernet0

.
.
service-policy input block-p2p


the above commands go to the external or interface ???
0
Visualize your virtual and backup environments

Create well-organized and polished visualizations of your virtual and backup environments when planning VMware vSphere, Microsoft Hyper-V or Veeam deployments. It helps you to gain better visibility and valuable business insights.

 
LVL 12

Expert Comment

by:Chris Staunton
ID: 33727270
FastEthernet0 should be your internal interface.  It will block any attempt by employees to use p2p applications.


Shooter
0
 
LVL 14

Assisted Solution

by:Ehab Salem
Ehab Salem earned 664 total points
ID: 33732169
If you want Websense to block Skype, you have to block the "uncategorized" category. Otherwise you will have to track all IPs that users connect to and add it to a block list, and do that on a daily basis.
Are you using any application control installed? like Symantec SEP 11? ESM? If so you can also use these to stop launching Skype.
0
 

Author Closing Comment

by:c_hockland
ID: 33794829
thanks
0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When speed and performance are vital to revenue, companies must have complete confidence in their cloud environment.
On Feb. 28, Amazon’s Simple Storage Service (S3) went down after an employee issued the wrong command during a debugging exercise. Among those affected were big names like Netflix, Spotify and Expedia.
The goal of the tutorial is to teach the user how to instant message and make a video call in Skype.
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …
Suggested Courses

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question