Solved

how to block Skype

Posted on 2010-09-21
6
1,956 Views
Last Modified: 2013-11-09
hi experts ,

i have an issue here...i need to block Skype ports because all the people at the firm spend hrs in Skype...My boss of course doesnt understand that they save our company money..so he wants to play deputy Dog so the order is given to block Skype...but how can i block it since it is using port 80 ? We are using websense web filter and ASA 5580 ( for FW).
Should i use a GPO and kill the skype.exe process ?

please help....why do people create software that runs on the most common port ??? what happen to the rest gazillion of ports ?

please help....( i am already checking at Monster.com for another Job)
0
Comment
Question by:c_hockland
  • 3
  • 2
6 Comments
 
LVL 12

Accepted Solution

by:
Chris Staunton earned 334 total points
Comment Utility
You can create a hash to kill the exe if launched.  Only problem is that you'll have to keep updating it when Skype releases updates.

Shooter
0
 
LVL 12

Assisted Solution

by:Chris Staunton
Chris Staunton earned 334 total points
Comment Utility
This might also help you out and is a much better solution.

Shooter



# Cisco equipment running IOS version 12.4 (4) T - This is the "free" option, provided your network uses Cisco gear and you have a service contract to get the latest IOS.

Cisco introduced in mid-2006 a Skype classification in NBAR.

To block Skype you do the following NBAR configuration (Source: Cisco Tips) which will drop Skype packets
and in fact any p2p application you want (limewire, kazaa, etc.):

class-map match-any p2p
match protocol skype

policy-map block-p2p
class p2p
drop

int FastEthernet0
description PIX-facing interface
service-policy input block-p2p
If you are unsure about the bandwidth eating applications being used in your organization. you can access the interface connected to the Internet and configure following command:
ip nbar protocol-discovery.
This will enable nbar discovery on your router.
Use following command:-
show ip nbar protocol-discovery stats bit-rate top-n 10
it will show you top 10 bandwidth eating applications being used by the users. Now you will be able to block/restrict traffic with appropriate QoS policy.

we can also use ip nbar port-map command to look for the protocol or protocol name, using a port number or numbers other than the well-known Internet Assigned Numbers Authority (IANA)-assigned) port numbers.

Usage as per cisco:-
ip nbar port-map protocol-name [tcp | udp] port-number

Up to 16 ports can be specified with this command. Port number values can range from 0 to 65535

- Block Skype using Group Policy (corporate environments)
0
 

Author Comment

by:c_hockland
Comment Utility
ok the first part ...got it...

the second,,,, int FastEthernet0

.
.
service-policy input block-p2p


the above commands go to the external or interface ???
0
Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

 
LVL 12

Expert Comment

by:Chris Staunton
Comment Utility
FastEthernet0 should be your internal interface.  It will block any attempt by employees to use p2p applications.


Shooter
0
 
LVL 14

Assisted Solution

by:Ehab Salem
Ehab Salem earned 166 total points
Comment Utility
If you want Websense to block Skype, you have to block the "uncategorized" category. Otherwise you will have to track all IPs that users connect to and add it to a block list, and do that on a daily basis.
Are you using any application control installed? like Symantec SEP 11? ESM? If so you can also use these to stop launching Skype.
0
 

Author Closing Comment

by:c_hockland
Comment Utility
thanks
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

Suggested Solutions

Overview The Cisco PIX 501, PIX 506e, ASA 5505 and ASA 5510 (most if not all of this information will be relevant to the PIX 515e but I do not have a working configuration handy to verify the validity) are primarily used within small to medium busi…
Messaging apps are amazing tools with the power to do a lot of good, but the truth is the process of collaborating with coworkers requires relationships established through meaningful communication - the kind of communication that only happens face-…
The goal of the tutorial is to teach the user how to instant message and make a video call in Skype.
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now