Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

SkyPE warning.

  • 27-09-2006 11:59am
    #1
    Registered Users, Registered Users 2 Posts: 21,264 ✭✭✭✭


    Just a warning, although if people read the Terms and conditions they would know this already.

    If you have SkyPE on your machine running but not doing anything and you have a good connection (good machine/broadband) then the SKYPE will turn itself into a Supernode.

    Basically using your bandwidth to route other peoples calls.

    I didn't notice it much before as the machines in question where low spec, but since getting a new machine (dual core) it actually racked up 700mb in a day of download bandwidth.


Comments

  • Registered Users, Registered Users 2 Posts: 14,378 ✭✭✭✭jimmycrackcorm


    The obvious question to follow; is there any way of restricting it?


  • Banned (with Prison Access) Posts: 25,234 ✭✭✭✭Sponge Bob


    I think that natting (using a 192.168 address) behind a public is enough and that its only a problem if your rig has a public IP assigned , I could be wrong of course :D

    I also _suspect_ Hobbes has 512k uplink or higher , Skype supernodes need good uplinks.


  • Registered Users, Registered Users 2 Posts: 640 ✭✭✭CraggyIslander


    Skype will simply bypass NAT or even portblocking (it switches to the http / ftp ports).

    I've had to ban all users in my office from using skype as having 3 supernodes in the office is a serious bandwith drain, not to mention the possible security holes. Those users are now all setup with an 076 number, same cost savings but no piggybacking outsiders. :D


  • Closed Accounts Posts: 1,467 ✭✭✭bushy...


    I was sure it only set up supernodes on stuff with public ips , but there you go . It tries a range of stuff first and if its only way out is through a proxy server , it will use CONNECTs to get through . A couple of routers have skype filtering now though, so you should be able to limit it


  • Registered Users, Registered Users 2 Posts: 32,417 ✭✭✭✭watty


    We have skype on a few PCs and laptops and have 512k Upstream.

    Never seen any extra traffic. We use a Dlink router as firewall/NAT. If I look at my NIC traffic, it basically is almost nothing when I don't explicitly use LAN or WAN

    Also when I have my Wireless Video sender runing any traffic to/from this laptop cause screen distrubance on the analog video. I never see that unless I explicity use the network.

    076 costs a lot more than Skype for PC to PC.

    Also we find that Skype audio or video between PCs on the LAN uses almost no WAN traffic and RTT drops to < 2ms proving it goes peer to peer once connection is made.


  • Advertisement
  • Closed Accounts Posts: 2,630 ✭✭✭Blaster99


    About it doing peer-to-peer, check actual connections with netstat. I have never seen a connection to the user I'm talking to which would imply that the voice is being routed through a third party/super node.

    I've seen Skype go supernode inside a NAT once or twice. Bitchin stuff. The Skype documentation recommends opening an inbound port on the firewall "to improve voice quality". If you do that, you're probably very high on the list of potential super nodes.


  • Banned (with Prison Access) Posts: 25,234 ✭✭✭✭Sponge Bob


    you could open the port on the firewall and then throttle the number of concurrent connections (including embryonics ) on it to 3 . DD-WRT is great :D . Never had a skype go supernode on me, thank God :(

    That'll teach them .


  • Registered Users, Registered Users 2 Posts: 32,417 ✭✭✭✭watty


    Blaster99 wrote:
    About it doing peer-to-peer, check actual connections with netstat. I have never seen a connection to the user I'm talking to which would imply that the voice is being routed through a third party/super node.

    I've seen Skype go supernode inside a NAT once or twice. Bitchin stuff. The Skype documentation recommends opening an inbound port on the firewall "to improve voice quality". If you do that, you're probably very high on the list of potential super nodes.

    Hmm. Not convinced on that. Skype works on a PC with ONLY port 80 outgoing. Thus the "magic number" port requested to increase voice quality is no good to that PC, it needs a port 80 incomming on someone elses system.


    I see huge round trip times (Using others PCs as HTTP proxies?) and very slow file transfer unless that inward port forwarding to the magic number on each PC is setup. You of course need static IPs on your LAN for reliable port forwarding.

    Seems to me that if everyone had the port forwarding "http echo" via super nodes would not be needed, wheras if Skype has ONLY port 80 outgoing then it needs "supernodes" with port 80 incomming.

    I suspect you only get "supernode" activity if you have port 80 incoming enabled.


  • Closed Accounts Posts: 1,491 ✭✭✭Foxwood


    watty wrote:
    076 costs a lot more than Skype for PC to PC.
    Maybe it's just me, but the vast majority of people I need to call are not sitting at their computer when I need to talk to them.

    PC to PC calling is a toy, communications wise.


  • Registered Users, Registered Users 2 Posts: 32,417 ✭✭✭✭watty


    I have VOIP based phone as well. But buisness wise you'd be amazed at how quick people in USA and M.E. hang up and call back on Skype when you give them that as well as email address. Or maybe you wouldn't.

    I work in the world of Computers, Satellite, Internet etc so I guess all of the buisness folk I deal with have PCs. I use real phone on VOIP for my mum. But my Niece never called till she got Skype.

    It's another channel, just as Mobile phone and Fax have their own advantages (though it must be 3 years since I sent a fax).


  • Advertisement
  • Closed Accounts Posts: 1,491 ✭✭✭Foxwood


    watty wrote:
    I have VOIP based phone as well. But buisness wise you'd be amazed at how quick people in USA and M.E. hang up and call back on Skype when you give them that as well as email address. Or maybe you wouldn't.
    Ah, the US, where local calls are free, but VoIP calls aren't. There's no telestunt in the US, there's nothing quite like freespeech.ie in the US, and "pay as you go" VoIP providers like Voipbuster.com don't seem to have any traction - all the US based SIP-VoIP providers seem to be intent on selling $25/month flat rate bundles. (FWD can't seem to quite make up it's mind what it's doing).

    Skype seems to be a US solution to a US problem.


  • Registered Users, Registered Users 2 Posts: 4,142 ✭✭✭TempestSabre


    Foxwood wrote:
    Maybe it's just me, but the vast majority of people I need to call are not sitting at their computer when I need to talk to them.

    PC to PC calling is a toy, communications wise.

    Bet they all aren't setting at a landline either...


  • Closed Accounts Posts: 1,491 ✭✭✭Foxwood


    Bet they all aren't setting at a landline either...
    Well, their phones are turned on all the time and have these loud bells in them that let them know when someone is tring to call.

    A PC costs about €150/year in electricity to leave turned on 24x7. Even if I do leave it turned on when I'm not actually using it, I can't hear an incoming call alert if I'm in the next room. And the headset has a cord about 4 feet long, whereas the DECT phone in the living room works all over the house, and the wired phone in the kitchen has a coiled cable that allows me to reach just about anywhere I need to in that room.


  • Registered Users, Registered Users 2 Posts: 4,142 ✭✭✭TempestSabre


    Its a very narrow view of how you can use it.

    Must be a loud bell to hear it when you are not at home. You can use Skype anywhere you have a connection. Fire up your laptop, or PDA anywhere you've a wifi, or wired connection etc and you can ring someone anywhere. I had blueface line for a while with a ATA/router and its very dependent on the quality of your broadband connection which you can't depend on in Ireland. Skype is far less effected by a poorer connection.

    Its another channel, and its ideal for somepeople. Just because you don't know anyone that doesn't make it useful. I know a few students, business travellers, and parent who find it very useful. I use it myself infrequently, and it works better for me then Blueface did.


  • Closed Accounts Posts: 2,279 ✭✭✭DemonOfTheFall


    Skype must have improved if you find the quality better than Blueface, because when I last used it it sounded atrocious compared to MSN Messenger or blueface, had lots of lag and sounded like a very very low sample rate.


  • Registered Users, Registered Users 2 Posts: 32,417 ✭✭✭✭watty


    Depends on if it can only use Port 80 and "bounces" the packets off another node or if both ends can use a pair of dedicated UDP/TCP ports for Skype. I have used it successfully on dialup. It does however use nearly 100% CPU on a old 330MHz PC.

    It has an adaptive codec.


  • Registered Users, Registered Users 2 Posts: 4,142 ✭✭✭TempestSabre


    Skype must have improved if you find the quality better than Blueface, because when I last used it it sounded atrocious compared to MSN Messenger or blueface, had lots of lag and sounded like a very very low sample rate.

    ...on a poorer BB connection... your mileage may vary obviously.


  • Closed Accounts Posts: 2,630 ✭✭✭Blaster99


    Most people use Skype to talk to people who normally sit in front of their computers, at work for instance. If they're not at their desk they're not going to answer their phone either. I also find it very useful to be able to mix talk and chat, i.e look at this URL for reference type of thing, and if another party is required to resolve something you just conference him/her into the call. These days I find the limitations of plain ol' phone calls frustrating, and they also cost money.


  • Registered Users, Registered Users 2 Posts: 666 ✭✭✭Prisoner6409


    Foxwood wrote:
    PC to PC calling is a toy, communications wise.

    The real benifits of Skype(for me anyway) is the Video-Calling feature when contacting family in the USA.


  • Closed Accounts Posts: 1,491 ✭✭✭Foxwood


    The real benifits of Skype(for me anyway) is the Video-Calling feature when contacting family in the USA.
    I use Windows Messenger for the same purpose. Are there any particular advantages that Skype has over Messenger in this case that would make it worthwhile getting someone else to install it? (They're not "suck it and see" people. If I tell them to install Skype, it needs to provide a noticable benefit).


  • Advertisement
  • Registered Users, Registered Users 2 Posts: 32,417 ✭✭✭✭watty


    Skype works on Linux, some phones, Mac OSX and through proper firewalls (proxy OR NAT kind, without opening extra ports. It works even better with a distinct port for Each PC on the LAN). It is actually impossible to use Messenger for voice via any proper proxy or NAT system except for a single PC in DMZ.

    So I think that is three reasons. I'm sure there are others. If MS Messenger works for voice and Video you effectively must have no firewall protection.


  • Closed Accounts Posts: 1,491 ✭✭✭Foxwood


    watty wrote:
    Skype works on Linux, some phones, Mac OSX and through proper firewalls (proxy OR NAT kind, without opening extra ports. It works even better with a distinct port for Each PC on the LAN). It is actually impossible to use Messenger for voice via any proper proxy or NAT system except for a single PC in DMZ.

    So I think that is three reasons. I'm sure there are others. If MS Messenger works for voice and Video you effectively must have no firewall protection.
    Well, as Windows Messenger very definitely does work properly through NAT systems, you obviously don't know what you're talking about. So if there's anyone who does know what they're talking about that can point out any advantages that Skype has over MSN Messenger for video messaging with family overseas, I'd appreciate it.

    (And there's half a dozen messenger clients available for Linux and the Mac that allow you to interact with MSN Messenger).


  • Banned (with Prison Access) Posts: 25,234 ✭✭✭✭Sponge Bob


    Skype does not interfere with your browser and make IE the default and change your home page . Messenger does.

    Uninstall messenger and install the better Trillian instead


  • Closed Accounts Posts: 1,491 ✭✭✭Foxwood


    Sponge Bob wrote:
    Skype does not interfere with your browser and make IE the default and change your home page . Messenger does.
    It didn't interfere with mine. I simply unchecked the options to install the MSN toolbar, and change my home page.

    Look, I understand that there are plenty of people who have a "thing" about microsoft software, and are happy to misrepresent it's capabilities. That's fine, because I'm perfectly capable of accurately assessing the capabilities of that software myself, without any inherent biases colouring my assesmnt. I asked for information about Skype, because I want to know if it will do anything useful for me that I can't achieve with open standards based SIP-VoIP and MSN Messenger that's already installed on the computers of family members overseas?


  • Closed Accounts Posts: 2,630 ✭✭✭Blaster99


    The main reason I'm not using MSN messenger is that nobody I want to talk to uses it. I have no idea if it's any good or what it does to my browser.


  • Closed Accounts Posts: 2,055 ✭✭✭probe


    If Skype manages to turn your set-up into a supernode, your hardware firewall/router/NAT isn’t working (assuming you have one). (Windows XP firewall is useless in this case because Skype takes advantage of dumb Microsoft and the ability of software to open ports in Microsoft XP SP2 firewall without specifically asking your consent. Other software firewalls may be equally vulnerable. If you use Skype and go into your Windows XP firewall “advanced” exceptions, you’ll typically find that Skype has left a door open. If you close the door, next time you use Skype it will open it! Always use a hardware firewall and NAT on a broadband connection. And switch off UPnP on the hardware firewall while you are at it.

    If you are wondering if your firewall/NAT/router is working properly you can check it with a few clicks, using the following link:

    Instructions: After clicking on the link below, page down and click on “proceed” button.
    Click on “All service ports”
    The system will then test your system’s first 1056 TCP ports. Ideally they should all be green on the table produced (stealth). Stealth is best because if someone is using a port scanner, nothing will show up. Your system doesn’t exist on the net as far as they are concerned. Closed/blue is second best – the port scanner will find it but the door is closed. Red indicates the port is open. Check your firewall/router documentation on how to close any open ports.

    Click on the URL to start the test: https://www.grc.com/x/ne.dll?bh0bkyd2


    There are three levels of Skype call quality.

    1) The best: you have to open a port for Skype and use it in Skype to Skype call mode. Using this, the packets don’t get routed via someone else’s supernode which could lead to quality problems.

    Leo Laporte uses Skype to make podcasts using this technique, with his guests coming online from all over the planet and gets studio quality sound via Skype to Skype -
    http://www.twit.tv/podcastequipment. Close the port when you have finished making your studio quality call.

    2) The second best: Skype to Skype calls without opening a dedicated port. At the incoming call end of the set-up, the packets will be routed via a supernode, slightly impairing quality. Not really a big issue unless you are trying to do something to broadcast quality.

    3) Skypeout – This is where you have Skype and the called party is using a non Skype phone (eg mobile, PSTN , ISDN). Within this category Skype to ISDN is best, followed by Skype to PSTN. Worst is Skype to mobile because the low cost carriers that Skype uses to deliver this traffic appear to try all sorts of re-routing to avoid / minimise the mobile phone networks high call termination charges.

    If you experience poor sound quality on skype to skype calls, it is probably because either you or the called party is using a backstreet or wireless ISP, or a dial-up connection, or one of the PCs in question is either antiquated or crawling with malware busy calling home!

    If you have any doubts about Skype call quality, listen to one of the podcasts at www.twit.tv!

    .probe


  • Closed Accounts Posts: 2,630 ✭✭✭Blaster99


    I'm not an expert on P2P by any means, but it seems to me that with TCP hole punching any client behind a firewall that allows TCP hole punching can become a supernode for a client that's behind a firewall that also allows TCP hole punching. If you have super supernodes that handle this setup, you can distribute the supernodes to a whole lot of clients.


  • Closed Accounts Posts: 2,055 ✭✭✭probe


    Blaster99 wrote:
    I'm not an expert on P2P by any means, but it seems to me that with TCP hole punching any client behind a firewall that allows TCP hole punching can become a supernode for a client that's behind a firewall that also allows TCP hole punching. If you have super supernodes that handle this setup, you can distribute the supernodes to a whole lot of clients.
    [FONT=&quot]While I don't keep Skype online 24h/24, I occasionally observe its behaviour using a packet sniffer. All I have come across is the odd "keep alive" type packet consisting of a few bytes - I've never come across my network connection being hijacked to relay someone else's voice call payload.

    Most VoIP terminals (eg SIP VoIP phones) behave in a similar manner AFAICS. Even your DSL modem will have a bit of background chatter with the network. I wouldn't expect any heavy traffic to result from this type of activity and would have an open (probing!) mind if it took place on one of my systems to determine the real cause... which would start with my firewall system.

    .probe

    [/FONT]


  • Registered Users, Registered Users 2 Posts: 32,417 ✭✭✭✭watty


    Foxwood wrote:
    Well, as Windows Messenger very definitely does work properly through NAT systems, you obviously don't know what you're talking about. So if there's anyone who does know what they're talking about that can point out any advantages that Skype has over MSN Messenger for video messaging with family overseas, I'd appreciate it.

    (And there's half a dozen messenger clients available for Linux and the Mac that allow you to interact with MSN Messenger).
    MSN voice will not work via a secured NAT, nor via any species of proxy for voice/video.

    If you find MSN works for voice & video then uPnp is enabled (bad) and MSN is dynamically opening inward firewall ports. MSN is a security hazard and encourages insecure setup of firewalls. I have been setting up corporate firewalls since 1994. MSN voice /video can't work without LOTS of random inward ports open. The text chat bit can work securely.

    Anyone with a working MSN for voice/video has a potentially insecure/vunerable system. MSN itself has also had more exploits than Skype.

    I've used UNIX/Linux etc since 1986 and think Windows NT family (since 1993, XP = NT5.1) is far better to use and for developer documentation. But not MSN Messenger.


  • Advertisement
  • Registered Users, Registered Users 2 Posts: 32,417 ✭✭✭✭watty


    The shields up site is good, though it will "fail ports" occasionally that are not a problem (They DO want to sell you stuff).

    I have been using it a long time with advantage I easily see inward ports I have deliberately opened to verifiy I did actually open them!


  • Closed Accounts Posts: 2,055 ✭✭✭probe


    watty wrote:
    (They DO want to sell you stuff).
    Gibson actually makes his money from "Spinwrite" software - when a hard disk crashes, this software is available to recover the data. The other content on the website (eg the open port test) is there to bring traffic to the site to remind people of spinwrite when they have a HD problem. The security stuff is reliable independent professional advice and not there to make you buy a firewall or anything like that. He doesn't sell them.

    The other handy tool he has is a password generator which generates mathematically random passwords of up to 64 characters and sends them to you over a secure browser connection. Ideal for setting up WiFi security where you don't have to type in the long password every time.

    .probe


  • Registered Users, Registered Users 2 Posts: 32,417 ✭✭✭✭watty


    While I wouldn't 100% agree with everything, I'd 100% recommend people read all his security stuff on his site.

    My own experience is that Trojans, viruses, malware etc can 100% be avoided by education and best practices, even without AV software.


Advertisement