Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Bernardo
New Contributor

Block file transfer via skype

Hi, I have an FGT200 and need to block file trasnfer via Skype. I cant block skype at all, because We use skype to talk with an externals providers. I just need to block send and receive files using skype. Is it possible?
5 REPLIES 5
Dave_Hall
Honored Contributor

Application Control contains two Application Sensors for Skype: one appears to cover the actual peer-to-peer stuff and the other one is listed as " Skype.Communication" . You could try creating an app sensor that blocks one and another app sensor that allows the other. Whether this will work the way you want it I do not know.

NSE4/FMG-VM64/FortiAnalyzer-VM/6.0 (FWF30E/FW92D/FGT200D/FGT101E/FGT81E)/ FAP220B/221C

NSE4/FMG-VM64/FortiAnalyzer-VM/6.0 (FWF30E/FW92D/FGT200D/FGT101E/FGT81E)/ FAP220B/221C
veechee
New Contributor

Skype is very evasive. I allow Skype in my environment, but disallow all other IM and P2P. The logs frequently show Skype traffic that is being blocked because it' s being classified as other applications that I have blocked. But Skype always works anyway. If Skype can' t find it' s normal ways out, it will use port 443 SSL only to get out. I don' t use deep-packet SSL inspection in my environment; using that may improve your chances at successfully controlling Skype.
FortiRack_Eric
New Contributor III

There' s no more granular control in Skype. As the protocol is encrypted and there' s no proxy for it. Maybe in the future when Microsoft opens up the protocol.

Rackmount your Fortinet --> http://www.rackmount.it/fortirack

 

Rackmount your Fortinet --> http://www.rackmount.it/fortirack
stephen_ren_FTNT

Tcp traffic in skype after 3.x are NOT able to decrypted if sniffer in the middle. and they also prevent attack of man in the middle, so detect file transfer by decrypt is not working.
DirtyBlueshirt
New Contributor II

A little late to this, but I have the answer for blocking File Transfers in Skype. Unfortunately it' s a registry key that needs to be added, and not a FortiGate setting. https://support.skype.com/resources/sites/SKYPE/content/live/DOCUMENTS/0/DO5/en_US/skype-it-administrators-guide.pdf Here' s the administrator' s guide, it works with the most recent 6.1 release as well (Appendix 1 has the configurable policies). So in example, to block file transfers, you will need to add this registry key: HKEY_CURRENT_USER\Software\Policies\Skype\Phone, DisableFileTransfer, REG_DWORD = 1 You will likely have to add the Skype\Phone hive, so it' s best to do this via GPO or a .reg file. ...And I can' t find any mention on doing a similar function on Macs, sorry.
--- Aaron Slater Security Analyst, Network Engineer, Part-Time Everything Else
--- Aaron Slater Security Analyst, Network Engineer, Part-Time Everything Else
Labels
Top Kudoed Authors