I was wondering if any of you has info about the Custom User Agent that can be used to block Skype. Furthermore, I'd like to know if someone has tried blocking this application accross the WSA and if there's any piece of advice you can share.
We are working on ways to better block Skype. Here is some information I can share about Skype.
The problem with skype is that among opening random TCP/UDP ports it also listens to activity on ports 80 and 443. Therefore blocking skype is not possible unless we resort to "deep-packet" inspection, which is something that we don't currently do.
There is an excellent presentation here on reverse-engineering Skype, which might help you with some more information with how this application works.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...