Skype

Indian skype (and other users too?) watch out for attacks from USA.

When I switched on my computer on 21st March 2006, and logged on to skype, it indicated that I had received a voice mail from one “fahdbostani”, Doha, Qatar. When I clicked play, there was no message, no sound.

On 22nd March when I switched on my computer and logged on to skype, it said I had received a “Hello” message from the same “fahdbostani” I clicked “ok” and noticed that “fahdbostani” was instantly added to my contact list.

Approx 30 minutes later, I notice a huge amount of data being shipped in and out of my computer to dozens of IP address partial list is here:

209.237.44.30 (san jose server)

64.12.161.153:5190 (cannot determine)

web1.webhostinglogic.com (san jose server)

68.50.123.95:23360 (Gaithersburg server)

195.215.8.153:50855 (cannot determine)

239.255.255.250:137 (cannot determine)

64.34.140.253:443. (Ann Arbor server)

All appear to be US based servers using protocol 6 & 17

I stopped the internet, blocked “fahdbostani” in my skype and restarted everything. So far the attack has not been repeated.

So if you are a skype or yahoo or some other VOIP user, how do you check what happens under the hood?

Follow these simple steps:

1. If you receive a voice mail from an unknown person, and not originating from a landline phone, do not play the voice mail immediately. The VOIP software (skype in this case), enables you do a id search. Some elementary details will be revealed. (Such as location of the person, address, phone numbers and or other contact details). If no details are available, don’t play the voice mail.

   
   




2. The moment your voip software is launched, if you receive any instant message that says “Hello” or some other variation click “Cancel”. The chances are better than 99% that the message has originated from a spyware programme plugged into skype.

   
   




3. Block and remove any unknown contacts from your VOIP software.

   
   




4. Download and install a software called BWMeter (costs $30) or similar software and keep the graphic view window open at all times. It graphically displays packets of data coming into or going out of your computer. It has various reporting features that can identify source / destination of data and can even block the traffic.

   
   




5. Any software that needs to be connected to the net (such as VOIP dialers), provide yet another window of opportunity for hackers and their tribe so ensure you have a quality firewall and a good up-to-date anti-virus software at all times. Don’t use pirated versions – buying the real thing is cost effective.

   
   




6. If you need to obtain the geographic address of a IP address, https://geobytes.com/IpLocator.htm?GetLocation is a good place to visit.

   
   

Unfortunately, at time of writing this piece, no firewall or av software is able to detect the kind of intrusion I described above.

Stay safe and Long live the Indian Internet Tribe.