[SATLUG] Monitoring IMAP traffic

Aaron Hackney aaron at aaronhackney.com
Wed Sep 8 16:43:21 CDT 2010


On Wed, Sep 8, 2010 at 4:04 PM, David Salisbury
<david.salisbury at momentumweb.com> wrote:
>  No, in this case it's not a log file, just the raw data being looked at
> with tcpdump.  And I'm not looking for message content, just the IMAP
> commands that are coming across along with their source IP.  I mean, I could
> DUMP it into a file, and do some advanced grepping and such, but that's
> where it gets a little hairy.  Just wondering if something like that existed
> already so I wouldn't have to end up reinventing the wheel!
> David

I'm not sure tcpdump has the layer 7 filtering you are wanting to do,
but I'm sure I'll be corrected if I'm wrong. What about command line
Wireshark with a capture filter? I believe you can peer into the
payload and filter what you capture.

>
> On 9/8/2010 3:59 PM, Howard Haradon wrote:
>>
>> If this is a log file, can you use grep and a
>> search string to break out the lines you need.
>>
>> Howard
>> --
>> Howard Haradon
>> San Antonio, TX  U
>
> --
> _______________________________________________
> SATLUG mailing list
> SATLUG at satlug.org
> http://alamo.satlug.org/mailman/listinfo/satlug to manage/unsubscribe
> Powered by Rackspace (www.rackspace.com)
>



-- 
"Don't ask yourself what the world needs. Ask yourself what makes you
come alive and then go do that. Because what the world needs is people
who have come alive." -Dr. Howard Thurman

******************************
Aaron Keith Hackney
aaron at aaronkeithstudios.com
Cell 210.325.2196
******************************


More information about the SATLUG mailing list