Link to home
Start Free TrialLog in
Avatar of BCHCAdmin
BCHCAdmin

asked on

Wireshark Setup

Hello - I'm trying to find out if someone on our network is inadvertantly sending out spam email because of a virus or spyware.  I have wireshark loaded on my pc and was hoping to be able to look at traffice on port 25 to see if there is a lot of email going out from a certain IP address.  Is this possible?  I have read briefly through their help but I'm not "getting it".  We have a small cisco network and a Cisco ASA firewall.
Thanks
SOLUTION
Avatar of Miguel Angel Perez Muñoz
Miguel Angel Perez Muñoz
Flag of Spain image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of pmasotta
pmasotta

besides the former comment you also has to check the interface is started in promiscuous mode... if not you will only see the traffic sent to/comming out of the sniffing station.
Avatar of BCHCAdmin

ASKER

Sorry - what do you mean by "put a port on monitor mode?"

ASKER CERTIFIED SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial