Skype – The new NMAP?

In Blackhat Europe 2006 Philippe BIONDI presented his work on Skype.
Skype is famous for the level of obscurity taken to protect the code and protocol from prying eyes.

This outstanding work unveils Skype’s inner workings, reverse engineering the application and the network protocol and provides code samples.

The author poses and later answers three questions:

  1. Is Skype a backdoor?
  2. Can one detect and block Skype traffic?
  3. Is Skype safe enough for Business use?

Several security related issues are brought to light:

  • Several heap overflows were found during the research.
  • Skype can be DoSed by a single packet
  • Skype can be abused as anything from a port scanner to a botnet and covert channels in P2P

For the rest of this excellent work get the full paper at:
http://www.blackhat.com/presentations/bh-europe-06/bh-eu-06-biondi/bh-eu-06-biondi-up.pdf

Share