Just a quick question. When using Skype, the connection blocking part of the firewall in NIS keeps popping up with the question "the computer (xxx.xxx.xxx.xxx) is attempting to access Skype" with the usual "Block" and "Allow" options. I don't know which to choose: when blocking all, I'm afraid of hampering Skype's functionality and with allowing all, I'm afraid of exposing my laptop to hackers. Please advise!

- Emile 

Just a quick question. When using Skype, the connection blocking part of the firewall in NIS keeps popping up with the question "the computer (xxx.xxx.xxx.xxx) is attempting to access Skype" with the usual "Block" and "Allow" options. I don't know which to choose: when blocking all, I'm afraid of hampering Skype's functionality and with allowing all, I'm afraid of exposing my laptop to hackers. Please advise!

- Emile 

This answer is confusing to me. I receive regular Norton firewall warnings "The computer "xxxxxxxxx.xx.xxxx.xxx" is attempting to access Skype.app on your computer. Do you want to allow this connection.

I have no way of knowing who the person trying to contact me is. Most internet providers do not give their subscribers fixed IP addresses and I have never seen a recognizable name associated with "the computer attempting to access Skype" For example today "s0106002401de468c.ed.shawcable.net" IP address 96.52.164.56 tried to access my computer through Skype. Is there useful information buried in this code? Whois simply identifies the IP address as being one that is owned by Shaw Cable -a DSL ISP.

I have allowed some of these mystery computers to access my computer through Skype but no instant message windows open and there is no ringing suggesting someone is trying to call. On the other hand I get unsolicited instant messages from strangers and these messages do not trigger a NIS warning. Likewise, when people call me (as in the phone rings and a small Skype wiindow identifying the caller pops up asking if I want to accept the call) I do not receive an NIS warning. The people that call do not have fixed IP addresses. Even if I had received an NIS warning the first time they called, selected allow and always allow connections from this computer (which I do not recall ever doing) eventually that persons ISP would change their IP address and I would eventually have to "allow" them access again. Again I do not recall ever granting such access.

My Norton Confidential Vulnerability Protection is set to maximum.

Firewall history of blocked events includes blockade of many attempts to access my computer through Skype. Firewall history or allowed events associated with Skype -whether it be incoming or outgoing does not indicate the identity of computers/persons that were not blocked. Each allowed event is associated with me not the entity being being granted connection.

What does all this mean. Am I blocking legitimate callers? Does Norton firewall block calls or does it allow all callers to initiate the ring signal and the Skype window that identifies the caller allowing me the option of accepting of rejecting a call?

Skype's protocol is comparable, although dissimilar, to protocols like AOL Instant Messenger (iChat). With iChat, everbody computer connects to the AOL servers. When somebody wants to chat with you, they tell the AOL servers they want to chat with you, and the AOL servers relay that message back to you—so basically the AOL servers are like a man in the middle. But sometimes the AOL server will tell the other person to connect to you directly.

Basically, Skype's servers can let other people connect to your computer directly, or connect via the Skype servers. When the other person connects to your Mac directly, Norton Firewall will prompt you. It all depends on the servers for Skype, so you won't get an alert always.

The final way I can put things: Norton Firewall will alert you when somebody tries to connect to your Mac, and Skype is the application that is making the connection. We don't know why Skype made the connection, nor what the other person will do when they connect to your Mac. All we can do is tell you the application that is trying to let somebody connect to your Mac, and the address of the other person. It's true that the IP address is not fixed, and not very user friendly, but that's unfortunately just the Internet. Skype is just another application, so Norton Firewall doesn't distinguish "phone calls" from other Internet activity.

You're always free to just allow all Skype connections. 

What dangers are associated with allowing all computers attempting to connect to my computer through Skype?

Good question. So far I’ve blocked all without any problems but if I read Ryan’s answers correctly I will run into problems once Skype’s servers order my connections to connect to me directly…

I block everything as well. I usually don’t move quickly enough to hit dissallow -presumably the warning window closes after blocking the attempted connection unless I hit allow. Just for fun I did allow one such attempted connection and nothing happened. No IM, no ring, nothing. On the other hand I get called once or twice a day by the same person, from two different computers, and she has never experienced a failure with respect to sending me an IM or having my having my headset ring. Like most others she does not have a fixed IP address. When she initiates a call I do not get a warning that somebody is trying to connect with me via Skype. Sometimes, during a conversation a warning will come up and I can’t hear her until I hit disallow.