Fear of a Skype Planet

I just had an “interesting” experience. While travelling I was alerted that my main office PC was sending out enormous amounts of traffic. According to the tech person involved, the culprit was … Skype. As bizarre as it might seem, the contention seems to be that my PC became a sort of Skype super-supernode, one that was routing all Skype traffic for, you know, the world, and that was causing unfortunate issues, like saturating a centi-megabyte pipe.

Was it really Skype? I don’t know yet, as we’ve disconnected the PC and some diagnostics are going to be done. It would certainly be puzzling, because if Skype was so poorly architected as to network-misbehave like this then you would think that all sorts of people would be reporting the same problem. Similarly, while it’s possible that there’s some trojan mimicking Skype traffic on the PC, that too would be unusual — I practise “safe computing”, and I’ve not heard of any such ‘bot.

Thoughts? Ideas? I certainly got me researching Skype trojans, supernode takeovers, maps of SuperNodes, and reading about others with fears of a Skype planet and their ideas for blocking this fast-morphing, port-randomized, encrypted, virus-like app.

[Update] From a Computerworld article (“Skype supernodes sap bandwidth”) last October:

Testing by Computerworld showed that Skype starts up a large number of TCP and UDP connections when it starts up, but the supernode issue didn’t occur. However, reports elsewhere warn against using Skype on connections with high bandwidth and IP addresses routeable on the internet. In supernode mode, Skype is reputedly able to saturate 100Mbit/s connections. Universities with high-speed connections often ban Skype usage because of this. [Emphasis mine]


  1. Props for the reference to public enemy. . . :)

  2. Thomas Einwaller says:

    I guess your PC was one of these Nodes Skype used to let other User talk with each other 😉
    To connect two Skype users which both sit behind behind NAT Skype uses other Skype clients with official IP’s and routes the traffic through them.
    Skype User behind NAT
    Skype User without NAT
    Skype User behind NAT
    Otherwise we would have the same problems like we had with other VOIP Software.
    See http://www.skype.com/products/explained.html for more information.

  3. Can you tell us whether your PC was behind a NAT? I am assuming that it was. One simple way to avoid becoming a supernode is to place it behind a symmetric NAT. The downside is you may not be able to play some of the networked games. If this is not an issue for you then it should be fine.

  4. I saw this some time ago. I had my PC set up in the DMZ. This was when Comcast/Time Warner/et al would threaten you if you used too much of the “unlimited” Internet.
    I was trying to upload something, and noticed that my upload speed was sucking badly. Ran something that told me that I was maxing out on my up bandwidth. I also noticed that it was symetrical, that I was downloading at the same speed. I shut everything down that I could think of to see what was doing that. No P2P apps, the only things I still had running were my IM programs and Skype.
    I ran TCPView from sysinternals.com, and saw that I had a buzzillion connections with Skype, and that it was the culprit using the bandwidth like that. I killed Skype, and watched as computers kept clamoring to connect to my PC. I stopped loading it automatically since then, and after reinstalling my system on a new hard drive, STILL haven’t reinstalled Skype back yet.
    I’ve seen some “security” issues about Skype, but when I pinned down the author, they admitted that it was more about becoming a supernode and hogging bandwidth more than a real security issue.

  5. Skype: security

    Everybody loves Skype. Not you? (Haven’t tried it yet? It’s a piece of software that let you place and receive phone calls for free or for cheap and do other things over the Internet – using the so-called Voice over

  6. Check out a better solution than Skype, its called Damaka (www.damaka.com). I think they have a better solution than skype.
    They offer voice, voice conference, video, voice mail, SMS, IM, custom picture, end to end encryption using SIP and using a Direct Peering model. In direct peering model only the two communicating endpoints are DIRECTLY put in touch with each other and no other resources are used. Only the resources of the actual communicating parties are used to setup, maintain, and tear down the call. There is no possibility of your node becoming a relay point thus no possiblity of mass virus infection or someone else using your PC’s resources for free.
    This Direct Peering model prevents someone else from using your PC’s resources to facilitate a call where you are not a part of. Why should your pc’s resource be used up to support a call that you are not a part of.
    Damaka uses SIP and a direct peering model and they have end to end encryption.
    The rumor is that they are supporting both H.263 and H.264 video compressions. With H.264 the clarity so so so good.
    The performance is much much better than Skype because of this Direct Peering model.

  7. What is a symmetrical NAT, a routeable IP address, a user without NAT, and an official IP address? Is this related to fixed and dynamic IP addresses?
    Basically, if you have a dynamic IP address are you safe from becoming a skype supernode? How do you tell if you are safe or not? That is the question people with monthly bandwidth limits will be asking.

  8. P2P voice is great. But supernode, no thanks. I just tried damaka freeware and it works just like skype, but no supernode. they also offer end-to-end encryption and has free add-ons i have never seen in other softphones like desktop sharing, IP radio, and voice commands. They’ve been launching new features practically every week and i’d keep a close eye on them.

  9. GET A MAC