Here’s a fascinating description of how the Skype VoIP application can poke holes through firewalls – bypassing your network security. What’s even more eye-opening is that there is little that can be done to block it.
Anyone who has used the popular Internet telephony software Skype knows that it works as smoothly behind a NAT firewall as it does if the PC is connected directly to the Internet. The reason for this is that the inventors of Skype and similar software have come up with a solution.
Naturally every firewall must also let packets through into the local network – after all the user wants to view websites, read e-mails, etc. The firewall must therefore forward the relevant data packets from outside, to the workstation computer on the LAN. However it only does so, when it is convinced that a packet represents the response to an outgoing data packet. A NAT router therefore keeps tables of which internal computer has communicated with which external computer and which ports the two have used.
Continue reading