Stopping Skype from opening up your firewall

I had a little rant about Skype last week.

For those of you unlucky enough to be in a situation where you have to run Skype please run it without administrator privileges using the SysInternals PsExec tool.

"C:\Program Files\Sysinternals\PsTools\psexec.exe" -l -d "C:\Program Files\Skype\Phone\Skype.exe"

This will give you the following benefits:

• Stops Skype from opening up your firewall EVERY time you start it
• Acts as a security sandbox for when Skype.exe gets compromised

Skype opens your firewall up in the worst possible way i.e. for Skype.exe rather than a port (see below).

Thanks to Kazi (one of our resident code gurus) for this insight!

He also adds these comments (MSN):

Kazi says:

and i'm sure it opens the ports on router's too via UPnP, but I didn't check it

it's clear skype is the biggest security risk today, because you can't filter viruses centrally, because it is a p2p network