Security Basics mailing list archives

RE: Exchange <--> Outlook Monitoring

From: Shawn Wall <sjwall () shaw ca>
Date: Fri, 28 Jan 2005 12:37:33 -0700

You could capture the emails directly off the LAN using DSNIFF. Google
dsniff to find out more.

shawn 

-----Original Message-----
From: Doll, Josh [mailto:Doll () pbworld com] 
Sent: Friday, January 28, 2005 9:27 AM
To: security-basics () securityfocus com
Subject: Exchange <--> Outlook Monitoring

Is there any effective way of capturing exchange / outlook data from a 3rd
party machine?  We have a number of sub consultants with email access from
our company, who's email needs to be monitored / archived for breech of
contract and sharing of company secrets.  Problem is, we don't maintain our
exchange server here in this office, and the office that does is unwilling
to cooperate in this matter (Read: upper management catfight).  Therefore we
need a way to ensure that what they send and receive is legit.  It is a
relatively small number of users
(~5) that are still on our LAN that need to be monitored, the rest have been
moved to another subnet without company email. 

My understanding is that it is nowhere near as easy to capture these emails
when it is an exchange environment vs.. the options available when using POP
or others.

Any help, or nudges in the right direction would be helpful.

C. Josh Doll
Network Administrator - Houston
Parsons Brinckerhoff

Current thread:

Exchange <--> Outlook Monitoring Doll, Josh (Jan 28)
- RE: Exchange <--> Outlook Monitoring Shawn Wall (Jan 31)
- <Possible follow-ups>
- RE: Exchange <--> Outlook Monitoring Eric McCarty (Jan 28)
  - Re: Exchange <--> Outlook Monitoring Presley, Steven (Jan 31)
  - RE: Exchange <--> Outlook Monitoring Sarbjit Singh Gill (Jan 31)
  - Re: Exchange <--> Outlook Monitoring Steve (Jan 31)
  - Some Few Doubts on IIS Vuln kaps lock (Jan 31)
- RE: Exchange <--> Outlook Monitoring Eric McCarty (Jan 31)
  - Re: Exchange <--> Outlook Monitoring Joe Hood (Jan 31)