Experts are studying how Skype is cheating firewalls
The battle of Skype administrators and developers continues with varying success. Heise Security has published detailed instructions for system administrators explaining how the Skype P2P program manages to work because of the firewall, despite the security settings.
For this, Skype developers use a number of special techniques. First, the program deceives the firewall, telling it about the connection already established, and then starts sending UDP packets. The headers of these packets, unlike TCP packets, contain information only about the IP address and port, nothing more. Secondly, the Skype server is used to transfer “secret” information between the interlocutors, and then the two PCs establish a direct connection between the UDP ports, so the firewall cannot block it.
Other P2P programs also use this technique called “UDP hole punching” to trick firewalls.
For this, Skype developers use a number of special techniques. First, the program deceives the firewall, telling it about the connection already established, and then starts sending UDP packets. The headers of these packets, unlike TCP packets, contain information only about the IP address and port, nothing more. Secondly, the Skype server is used to transfer “secret” information between the interlocutors, and then the two PCs establish a direct connection between the UDP ports, so the firewall cannot block it.
Other P2P programs also use this technique called “UDP hole punching” to trick firewalls.
')
Source: https://habr.com/ru/post/2384/
All Articles