Friday, June 01, 2007

Peer-to-peer networking (e.g. Napster, Kazaa, Skype)

The type of VoIP implementation most well known to consumers and students uses client-based, peer-to-peer (P2P) technologies such as Napster and Skype (Jones, 2005). P2P systems are far more decentralized than other networking or computer systems, with little or no reliance on the idea of clients being served by a central server. Clients (individual computers or telephony end points) act as nodes and are as likely to be ‘providing’ resources to other nodes (its peers) as to be consuming them from other nodes.

It is fairly well known within higher and further education that such client-based P2P applications can cause problems on IP networks because they make it much harder to manage the use of bandwidth and to exercise some level of control over the use of the network. There are particular problems with applications such as Kazaa and Napster, which are used to download music, films and games and the challenge is growing with the further development of P2P applications such as BitTorrent and Groove Networks’ Virtual Office, and the increasing popularity of instant messaging (IM) which is also a P2P application (see section 3.2 for more on IM). The use of Skype within college networks has raised similar concerns.

Many institutions see Skype as a good thing as it enables overseas students to keep in touch with their families at low cost and, as a consumer technology, has encouraged renewed interest in the potential for new developments in distance learning. However, because of the way it works, Skype is also considered by many to pose potential security threats, as well as possibly creating a major overhead on the network over which it is running.

Skype works by forming an ad hoc decentralized network of ordinary nodes and super nodes. The only centralized service is the Skype login server that stores user login and password details: the handling of voice calls is undertaken entirely by the decentralized network of nodes and super nodes. In order to make a telephone call, ordinary nodes must connect to an available super node (Baset and Schulzrinne, 2004). In this arrangement ‘any node with a public IP address having sufficient CPU, memory and network bandwidth is a candidate to become a super node’ and a Skype client “cannot prevent itself from becoming a super node” (Baset and Schulzrinne, 2004, pp.1 and 2).

In addition to the concerns over bandwidth usage it is worth remarking that Skype differs from some of the other VoIP services in that it is based on the company’s own, proprietary protocols, rather than the standard SIP protocol and one implication of this is that Skype users can only connect with other Skype users (Jones, 2005). Skype is not the only IP telephony system and that 'Alternatives that are standards-based may prove easier to manage and provide a more predictable service'. For example, VoIP systems such as the Gizmo Project use the SIP protocol and can connect effortlessly to multiple VoIP networks and SIP-based PBX systems.

A further consideration with regard to Skype is that it is considered by many to pose a potential security threat because of the way it works. Skype traffic is encrypted and uses a random combination of IP addresses and ports. This means it is hard to detect Skype calls because they run through their own, encrypted ‘tunnel’ over a network and there is concern that this is a possible way in which viruses or other problems could be introduced into a network, without being easily detected (Blackwell, 2005).

It is possible to block unauthorized Skype traffic. Blocking specific types of traffic over an IP network is usually done by blocking ports or denying access to specific IP addresses. But Skype traffic, because of the way it travels over the network and in particular its use of random combinations of IP addresses and ports, causes problems for traditional port blocking filters.

Skype traffic can be identified, and therefore blocked, by investigating the headers of every IP packet crossing the network. The challenge is to do this quickly, so other network services are not affected. VoIP blocking is often a function added to existing network or security management software, such as Narus’s IP Platform, Verso Technologies’ NetSpective 2.0, and SonicWALL’s enterprise appliances. Other systems able to help manage and control IP networks include Ellacoya’s IP Service Control System, Sandvine Broadband Network Management, and software from P-Cube, now owned by Cisco.

A proxy appliance, widely used to apply controls to Web traffic, can also be used to block specified unwanted traffic, including voice calls, if necessary. Deep Packet Inspection is another approach, developed from firewall technology that can also assist in intrusion detection and prevention.

List of some common VoIP softwares

· Skype

· GoogleTalk

· Windows Live Messenger

· Yahoo! Messenger


Anonymous said...

I would like to exchange links with your site
Is this possible?

Anonymous said...

Good fill someone in on and this enter helped me alot in my college assignement. Say thank you you as your information.