Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Chris Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

fw monitor help

Status
Not open for further replies.
rn4it

rn4it

MIS
Nov 7, 2002
671
CA
Hi
I need to confirm that our email is being encypted betwee us and a business partner. So in my captures I need to be able to view the message body of the emails. Here are the cmds I'm usings.

fw monitor -e "accept (dst = mailsvr ip or src = mailsvr ip);" -o smtp.txt
fw monitor -e "accept (dport = 25);" -o smtp.txt

I'm seeing the session build and tear down but not the data.

any ideas??

thanks
John
 
Sort by date Sort by votes
fw monitor only scans the information needed for security scanning. I would try tcpdump on the ingress and egress interfaces. Use the -s 1500 -vv switches to get the whole packet


IT Security news and information
In plain English
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Sameer258
  • Locked
  • Question
Need Help to Find ip and mac address with email who one open my email
Replies
0
Views
700
Sameer258
Sameer258
intel233
  • Locked
  • Question
Cisco ASA 5510 -Static NAT Help
Replies
8
Views
653
intel233
intel233
tklamb
  • Locked
  • Question
ACL help
Replies
0
Views
134
tklamb
tklamb
PauS0n
  • Locked
  • Question
Need Help On Cisco ASA 5512 Running Version 9
Replies
0
Views
163
PauS0n
PauS0n
TheFireman2
  • Locked
  • Question
Help with Watchguard Firebox M200 setup as a TMG 2010 replacement with ASA 5515 as main firewall
Replies
1
Views
196
hairlessupportmonkey
hairlessupportmonkey

Part and Inventory Search

Sponsor

Back
Top