Re: Why is Skype sending packets to a random priva...

Welcome to the Skype community. To get started please read our short welcome post. Thanks!
Showing results for 
Search instead for 
Do you mean 
This topic has been archived.
To keep discussions in the Skype Community relevant we archive topics that haven't seen activity in the past 6 months. Read more about about archiving
Reply

Why is Skype sending packets to a random private address?

[ Edited ]

Hello,

 

I just spent about a half hour researching why some hosts on my network were sending packets to a private address that is near, but not within, a subnet that is live for hosts.

 

The site's hosts are: 192.168.99.0/24, 192.168.100.0/24, and 192.168.101.0/24.

 

I see traffic from several hosts on 192.168.100.0/24 hitting sending traffic from a port which skype has opened on those hosts to the same address on 192.168.98.0/24.  In fact, it is always 192.168.98.5.

 

The port is the same port that Skype is assigned to use for incoming connections.  Note that there is no host at 192.168.98.5, and I see no packets from that IP anywhere on my network.

 

I'm aware that Skype randomly chooses a port to establish incoming connections with upon first run, and this is the port of question in my instance.

 

It is worth noting that I block outgoing connections on this port (most ports) and UPnP on my network, so I'm curious what Skype is trying to do.  I'm used to it tunneling over http and https.

 

 

This is inexplicable to me.  Does anyone have any idea what Skype is doing?

 

 

Thanks,

 

Matt

mbrownnyc
Casual Adventurer
Kudos: 0
Posts: 11
Registered: 02-09-2011
Message 1 of 7 (434 Views)

Re: Why is Skype sending packets to a random private address?

in your privacy settings are you accepting skype browser cookies? and or allowing them to target specific ads?
єscαpαrσ
Escaparo
Esteemed Adventurer
Kudos: 14
Posts: 104
Registered: 22-09-2011
Message 2 of 7 (431 Views)

Re: Why is Skype sending packets to a random private address?

[ Edited ]

I have "Accept skype browser cookies" enabled.

 

I have disabled this, cleared the skype browser cookies, and restarted skype.

 

skype.exe still binds to the port in question.

 

Why do you believe this is relevant?

 

In fact, when I restart, I see the packets again, destined for that address.

mbrownnyc
Casual Adventurer
Kudos: 0
Posts: 11
Registered: 02-09-2011
Message 3 of 7 (425 Views)

Re: Why is Skype sending packets to a random private address?

Sometimes the adverts on Skype can be the reason for mysterious received packets, i wouldn't really be worried unless they are over 100bytes. but if you wanted a further in depth analysis you could download wireshark and see exactly what the packets are doing.
єscαpαrσ
Escaparo
Esteemed Adventurer
Kudos: 14
Posts: 104
Registered: 22-09-2011
Message 4 of 7 (417 Views)

Re: Why is Skype sending packets to a random private address?

[ Edited ]

I already did this, and it seems that the packet contents are encrypted. I am solely concerned with why it's hitting a random local address. That, in itself, is what has me interested.

 

 

I was able to redirect the traffic from the random port to 80 and 443 by setting the following registry keys (manually on a test machine).

 

I currently see that the activity on the port is limited to a local host who I was communicating with previously:

 

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Skype\Phone REG_DWORD ListenPort=1

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Skype\Phone REG_DWORD ListenHTTPPorts=0

 

(with reference: http://download.skype.com/share/business/guides/skype-it-administrators-guide.pdf )

 

This will force Skype clients to not use a randomized port for communication, but only tunnel over 80 and 443.

 

 

I still see some TCP connections to the mystery host (192.168.98.5), but now limited to three TCP packets and on another random port, not multiple UDP packets that I saw before I implemented those policies.

mbrownnyc
Casual Adventurer
Kudos: 0
Posts: 11
Registered: 02-09-2011
Message 5 of 7 (413 Views)

Re: Why is Skype sending packets to a random private address?

it could just be the relay servers that skype has in different regions, i really wouldn't look too much into it.
єscαpαrσ
Escaparo
Esteemed Adventurer
Kudos: 14
Posts: 104
Registered: 22-09-2011
Message 6 of 7 (404 Views)

Re: Why is Skype sending packets to a random private address?

It can't be. It's within the private address space. No host lives at that address. It's just weird stuff and I was hoping for more color. Thanks for your input.
mbrownnyc
Casual Adventurer
Kudos: 0
Posts: 11
Registered: 02-09-2011
Message 7 of 7 (402 Views)
Reply

© 2014 Skype and/or Microsoft. The Skype name, associated trade marks and logos and the "S" logo are trade marks of Skype or related entities. Use of this website constitutes acceptance of the Terms of Use and Privacy and Cookie policy.

No emergency calls with Skype
Skype is not a replacement for your telephone and can't be used for emergency calling