Wireshark

  • Riverbed Technology
  • WinPcap
the world's foremost network protocol analyzer
  • Wireshark
    • About
    • Download
    • Blog
  • Get Help
    • Ask a Question
    • FAQs
    • Documentation
    • Mailing Lists
    • Online Tools
    • Wiki
    • Bug Tracker
  • Develop
    • Get Involved
    • Developer's Guide
    • Browse the Code
    • Latest Builds

Wireshark-users: [Wireshark-users] Tracking SMTP traffic with Wireshark

Date Index Thread Index Other Months All Mailing Lists
Date Prev Date Next Thread Prev Thread Next


From: Chuck Sutherland <csutherland@xxxxxxxx>
Date: Tue, 2 Feb 2010 09:11:02 -0500

Greetings everyone,

I am looking for help determining how some SMTP port 25 traffic that is entering my network. The Cisco ASA is setup to allow only port 25 traffic from Postini yet I see 25 traffic on the network coming in.

Could this bee NDR type traffic and if so how can I tell by looking at the data stream?

I am a OJT Network person so full grace required ;)

Thanks!!

CONFIDENTIALITY NOTICE:  This email message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information.  Any unauthorized review, use, disclosure or distribution is prohibited.  If you are not the intended recipient, please contact the sender by reply email and destroy all copies of the original message.
  • References:
    • [Wireshark-users] Dicom...
      • From: Brian OBrien
    • Re: [Wireshark-users] Dicom...
      • From: Tim.Poth
    • Re: [Wireshark-users] Dicom...
      • From: Brian OBrien
    • Re: [Wireshark-users] Dicom...
      • From: Tim.Poth
  • Prev by Date: Re: [Wireshark-users] tshark to interpret wlan tags?
  • Next by Date: [Wireshark-users] Network Name resolution
  • Previous by thread: Re: [Wireshark-users] Dicom...
  • Next by thread: [Wireshark-users] Disabling "File Preview"
  • Index(es):
    • Date
    • Thread

Wireshark and the "fin" logo are registered trademarks of the Wireshark Foundation