After desperately google "block skype" for 1.5 hr, I found most people just use applicaiton layer firewall, which is impossible for me to find a free version, or tell me I could set up a corporation firewall, which is even less possible for my department. Then finally, I came out an idea about using "Group Policy".
"Group Policy" is so powerful. It won't let me down!
There is the link of intro(http://www.microsoft.com/technet/prodtechnol/winxppro/maintain/rstrplcy.mspx).
Just type "Skype.exe" in Additional Rules or type fingerprint(MD5) as Hash rule.
I can easily block it! Great!
Some background info about Skype.
When Skype starts, it search all the availabe TCP port, which is used for authentication.
You can block SSL connection to prevent Skype, but it's silly, obviously.
If the first step does not sucessful, it will use Port 80 and Port 443 (TCP). That's the most
tricky thing that Skype did, and that's why normal firewall cannot block Skype.
"Well done." I said to myself. Let's back to bed.....~~~
Thursday, September 07, 2006
Subscribe to:
Posts (Atom)