[Bro] skype analyzer?

[Stephane Chazelas]

Hiya,

I can see many references on the web of a skype analyzer for
bro, but can't find it anywhere. I'd just want to be able to
tell in the conn.log whether a TCP 443 connection is skype or
not. It should be easy based on that faked TLS ServerHello with
fixed "random" pattern that skype seems to consistently be
sending, but before I reinvent the wheel, can anybody please
point me to the existing implementations?

Thanks,
Stephane