Blocking Skype with OpenBSD and Squid

A few weeks ago there was a lot of noise around how some companies (including the imaginatively named, Skypekiller. )could help entire countries, not to mention corporations block Skype. Now, thanks to an eagle-eyed reader, I have come across an open source way of becoming Skype-free. Using Squid proxy and OpenBSD, a poster on this mailing list was able to become Skype-free.

The choice of OS to run the proxy on is subjective (I chose OpenBSD as my network OS of choice for its proven security record and excellent reliability) and has no effect over the actual blocking mechanism. The same can be accomplished on any other BSD or Linux flavour.

A lot of companies have issues with Skype because of the security risks it poses. These supernodes are a big issue, as highlighted here by Aswath.

But my concern regarding Supernode is more substantial. It is suggested that since the Supernodes are nothing more than other Skype clients, Skype is infinitely scalable. I submit that this may not be the case. To begin with, a client is eligible to be a Supernode only if it has enough processing power and bandwidth capacity to perform the functions of a Supernode. Additionally, it is a requirement that they be present on the public Internet or behind a “transparent” NAT and a “permissive” Firewall.

Proof of Aswath’s theory is in this image published by Coobol (via Skype Journal)

The red-dots on the image are Skype’s Supernodes. They are not as plentiful as the Skype clients. As more and more people try and shut down the Skype running on their networks, the onus of running the SkypeNet will shift to the company and its parent, which is going to increase the capital expenditures. In the end that might be a good thing!

You're subscribed! If you like, you can update your settings


Comments have been disabled for this post