SKYPE
This signature detects Skype, which is a proprietary P2P VOIP network. It is a "complete black box" for both users and analyzers. It uses security through obscurity to make itself troublesome to analyze or reverse-engineer without a significant amount of work, or use of emulation. It uses AES block cipher, the RSA public key cryptosystem, the ISO 9796-2 signature padding scheme, the SHA-1 hash function, and the RC4 stream cipher through the communications between the client to client, client to supernodes and supernode to supernode.
Short Name
SKYPE
Category
Infrastructure
SubCategory
VOIP
Risk
4
Release Date
--
Supported Platforms
Available to all SRX running 12.3X48+
Available to all MX running 20.2R1+
Available to all vSRX running 20.3R1+
Port
UDP/1900,TCP/543,TCP/443,445,UDP/443,8000,TCP/465,TCP/1080,TCP/1433,TCP/80,UDP/80,1434,TCP/587,UDP/4500,TCP/554,UDP/88,TCP/102,8080,UDP/5246-5247,3128,UDP/137,TCP/5445,UDP/500,UDP/554,TCP/139,UDP/135,TCP/993,TCP/135,UDP/5060,TCP/5060,TCP/995
Application Group
junos-approot:applications:voip