Security Basics mailing list archives

Re: Sniffing Mail Traffic - Outlook --> Exchange Server

From: "Kurt Buff" <kurt.buff () gmail com>
Date: Thu, 10 Jan 2008 14:19:50 -0800

On 10 Jan 2008 09:14:27 -0000,  <sfmailsbm () gmail com> wrote:

Dear list,

I wanted to demonstrate to management that traffic in clear text are vulnerable to sniffing, and to do this I wanted 
to sniff mail traffic:


I am trying to monitor the traffic between my Outlook Client and my Exchange (2003) server


Normally the protocol used for communication is IMAP, which is not encrypted


However wireshark gives we traffic log for only TCP and DCERPC protocols


Could you please help? Am i missing something here?


Many many thanks


You are missing something.

Normally, traffic between Outlook and an Exchange server is in MAPI,
not IMAP, and is not in clear text.

Doesn't mean it isn't decodable - it may very well be - but it does
mean that it's not in clear text.

Kurt

Current thread:

Sniffing Mail Traffic - Outlook --> Exchange Server sfmailsbm (Jan 10)
- Re: Sniffing Mail Traffic - Outlook --> Exchange Server richard (Jan 10)
- Re: Sniffing Mail Traffic - Outlook --> Exchange Server Kurt Buff (Jan 10)
- Re: Sniffing Mail Traffic - Outlook --> Exchange Server scott (Jan 10)
- Re: Sniffing Mail Traffic - Outlook --> Exchange Server Alex Cernat (Jan 10)
- Re: Sniffing Mail Traffic - Outlook --> Exchange Server Charles Hardin (Jan 14)