Wireshark mailing list archives

Re: identifying .dwg and .one files in gmail attachments

From: Martin Visser <martinvisser99 () gmail com>
Date: Tue, 30 Mar 2010 07:48:40 +1100

If you are talking about Web based Gmail, and users configure their settings
to use HTTPS/SSL then it will be encrypted and by definition should *not* be
able to identify anything specific about their email attachments. (Of course
if your users are able to SSL protect SMTP or IMAP or POP then you are in
the same boat).  I would have though for unencrypted Gmail that any
attachments should be visible (throuh what ever mechanism they use) possibly
obscured by some basic encapsulation.

Your only option in that case is to provide a man-in-the-middle SSL proxy
and somehow convince or install the necessary trusted certificate (so it can
forge new ones),

Regards, Martin

MartinVisser99 () gmail com


On Tue, Mar 30, 2010 at 2:44 AM, Support SwarajComm <support () stpl co in>wrote:

Hi,

I have requirement like this. Need to block .dwg and .one files in mail
attachment. I can implement firewall policy to block mail attachment with
file signatures 41433130 (for .dwg files) and
E4525C7B8CD8A74DAEB15378D02996D3 (for .one files). I am able to see these
file signatures in all mails sniffer except gmail. Gmail is doing some
encryption. What is the way to identify these files when using gmail. If I
know some keyword related to these file types in gmail I can implement
firewall policy to block that pattern. Any ideas?

Regards,
Siva K


___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
            mailto:wireshark-users-request () wireshark org
?subject=unsubscribe

___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request () wireshark org?subject=unsubscribe

Current thread:

identifying .dwg and .one files in gmail attachments Support SwarajComm (Mar 29)
- Re: identifying .dwg and .one files in gmail attachments Martin Visser (Mar 29)