Feature Suggestion / Skype

General discussions about Little Snitch
Post Reply
JP en Suisse
Posts: 2
Joined: Tue May 01, 2007 7:39 pm

Feature Suggestion / Skype

Post by JP en Suisse » Tue May 01, 2007 7:44 pm

Hi all,

Skype is an useful but awful program. As soon as it thinks it can connect to the internet, it blocks any user actions until an action is either denied or allowed by LS. Furthermore, it seems to just "suddenly" again look for connections at intermitten periods after start up.

Is there any way to make these programs a little more easier to use together. My idea is to just open a certain range of ports for Skype and then leave at that.

Cheers,

BennyFromXXX

Post by BennyFromXXX » Sat May 12, 2007 12:18 pm

Hello.

Your phone-call (connection) can pass trough other peoples computers, and eventually ends up at your callers computer. And vice versa.

That is the reason, that Skype wants to make connections after some periods of time.
Essentially, skype acts as a relay station for other users calls and the connections you see are keeping the workload of the Skype network stable.

You want to open a range of ports? Well, you can.

Rule 1# Allow Any Connection to port 80
Rule 1# Allow Any Connection to port 443
Rule 2# Allow Any Connection to ports 1025-65535
Rule 3# Deny Any Connection to Ports 1-1024

These rules make sure that Skype works correctly.
(and for the first time users.....you define these rules in the Little Snitch preference pane in System Preferences.app)

Why i open these ports? See page 7,8 and 9 of this PDF.
http://www.skype.com/security/guide-for ... admins.pdf

Another tip.

Open up your own firewall for the port that is in you Skype Preferences.
It's under the advanced tab and is listed at the bottom.
You get better call quality that way.

Greetings,

BennyFromXXX

BennyFromXXX
Posts: 6
Joined: Sat May 12, 2007 12:20 pm

Post by BennyFromXXX » Sat May 12, 2007 12:26 pm

Hmmm. Some typos there but i am sure you get the idea.

Dave Bourke
Rank 1
Rank 1
Posts: 38
Joined: Fri Nov 17, 2006 7:32 pm
Location: Ireland

Post by Dave Bourke » Sun May 13, 2007 1:07 am

So essentially Skype is a peer-to-peer protocol?

Kind regards.

BennyFromXXX
Posts: 6
Joined: Sat May 12, 2007 12:20 pm

Post by BennyFromXXX » Sun May 13, 2007 5:13 am

Yes it is.

It is developed by the the same guys who created Kazaa.

JP en Suisse
Posts: 2
Joined: Tue May 01, 2007 7:39 pm

Post by JP en Suisse » Sun May 13, 2007 7:39 am

Benny,

Thanks for taking the time to write such a complete solution.

I'll give this a try!

Best,
JP

Dave Bourke
Rank 1
Rank 1
Posts: 38
Joined: Fri Nov 17, 2006 7:32 pm
Location: Ireland

Post by Dave Bourke » Sun May 13, 2007 3:07 pm

BennyFromXXX wrote:Yes it is.

It is developed by the the same guys who created Kazaa.

Thank you. Right, that's Skype scratched off my list of "must-try-this" software.

Thank you.

chinarut
Posts: 3
Joined: Sat Aug 25, 2007 10:26 am

Gizmo Project

Post by chinarut » Sun Aug 26, 2007 5:06 pm

I was experiencing this behavior from Skype too - thanks for the info.

Is it safe to assume the way Gizmo Project routes its P2P phone calls is completely different? I don't get Gizmo trying to make random connections on startup.

Does this make Gizmo Project any more secure to use as a result by chance?

pros and cons from a security standpoint?

karl
Objective Development
Objective Development
Posts: 75
Joined: Thu Nov 16, 2006 10:20 pm

Simple Skype Setup

Post by karl » Thu Aug 30, 2007 10:23 am

Unfortunately Skype needs a lot of different and varying network connections. Therefore you need setup the rules for Skype "inverse" - allow everything and then omit specific connections you do not want to allow for Skype.

Please do the following:

* Remove ALL rules regarding Skype
* Now launch Skype and wait for the Little Snitch popup panel to appear
* Choose "forever" and "Any network connection" and click "Allow Forever"

Now Skype will be able to operate normally.

You can then manually add some Little Snitch rules to deny connections for Skype to specific hosts or ports (like http - it shouldn't need this) if you want. More specific rules will always overrule more general ones.

Zettt
Rank 2
Rank 2
Posts: 45
Joined: Sat Mar 28, 2009 1:04 pm
Location: Stuttgart
Contact:

Re: Feature Suggestion / Skype

Post by Zettt » Thu Aug 09, 2012 9:59 am

Sorry for bringing up this old thread, but since it's referred everywhere this one seems to be the most official one.

Now that Little Snitch 3 is almost here, I'd like to ask if the suggestions made by karl are still the best way to approach this? Thanks.

Post Reply