I have noticed this signature ( 5403-0) has been firing off more often in our environment. i've noticed some of the of the destination IP addresses are actually own by Skype, I haven't had any time to investigate fully, but thought i'd see if anyone...