LinuxQuestions.org
Visit Jeremy's Blog.
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
Reload this Page tcpdump question
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 08-09-2005, 03:00 PM   #1
gauge73
Member
 
Registered: Jan 2003
Location: Dallas, TX
Distribution: Fedora Core 4
Posts: 420

Rep: Reputation: 30
tcpdump question

I have a quick question about tcpdump. I'm having an issue with a particular email client not being able to start a STARTTLS connection with my email server. I want to view the entire connection using tcpdump. I tried using the following command to write it to a file:

tcpdump -i eth1 dst port 25 -w <temporary filename>

When displaying the results of the temporary file, it was mostly gibberish. I could see the EHLO command and the QUIT command, but that was about it. How should I be viewing this such that it makes sense? Or do I have the tcpdump command wrong?
 
Old 08-09-2005, 04:21 PM   #2
scuffell
Member
 
Registered: Jun 2004
Location: Reading, UK
Distribution: SUSE 9.1, SUSE 9.2, SUSE 9.3, Knoppix 3.8, Gentoo 2005.0, cygwn, colinux
Posts: 100

Rep: Reputation: 15
Hang on, isn't the idea of TLS that it encrypts the data so that when packet sniffers look, they only see gibberish?

If I'm getting the wrong end of the stick, then try a

tcpdump -X -vvv -i eth1 dst port 25 -w <temporary filename>

instead
 
Old 08-09-2005, 04:37 PM   #3
gauge73
Member
 
Registered: Jan 2003
Location: Dallas, TX
Distribution: Fedora Core 4
Posts: 420

Original Poster
Rep: Reputation: 30
What I'm looking for specifically is to see that the STARTTLS command is being sent by the user's client. I can't see it amongst the gibberish, but that doesn't mean it's not there. I will try the command you suggested.

I was also asking just for my own personal information. I foresee myself troubleshooting an FTP issue in the future as well, which, of course, won't be encrypted.
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
tcpdump and arp question blackzone Linux - Networking 2 07-01-2004 12:25 PM
Iptables and tcpdump question cli_man Linux - Networking 1 05-11-2004 07:01 PM
tcpdump -n question Melissa22 Linux - Networking 3 03-07-2004 08:05 PM
tcpdump question Xris718 Linux - Networking 1 12-08-2003 11:42 PM
tcpdump noob question centr0 Linux - Networking 2 04-24-2003 02:53 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 03:22 AM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration